vir - otevírání nových oken - reklam

Zpráva

whiskytony · #1 Příspěvek od **whiskytony** » 28 srp 2016 13:50

Zdravím,
prosím o kontrolu
Bud mám vir nebo se jedná o náhodu, ale zdá se mi, že když kliknu na nějakém webu na určité tlačítko, tak se mi otevře v nové kartě nějaká reklama (např bet365, internetové hry, seznamky...) např. stalo se mi to i při kliknutí na DOWNLOAD při stahování FRST

+ měl bych otázku, dají se zablokovat všechny vyskakovací nová okna či nové karty? např sleduji seriály na netu, ale je to udělané tak, že při kliknutí na PLAY se otevřelo nové okno s reklamou a vy jste museli zavřít
Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-08-2016
Ran by Anton (administrator) on TONY (28-08-2016 14:40:01)
Running from C:\Users\Anton\Desktop
Loaded Profiles: Anton (Available Profiles: Anton)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.7.0.76\nav.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Programy\Razer Game Booster\RzKLService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.7.0.76\nav.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [AGEIA PhysX SysTray] => C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe [339968 2006-08-16] ()
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\Run: [DAEMON Tools Lite] => "C:\Users\Anton\Desktop\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {2156a9fb-7994-11e5-8261-acb57daa8b50} - "J:\fscommand\LS_Start_Launch.cmd"
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-02-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2014 Rychlé spuštění.lnk [2015-10-29]
ShortcutTarget: SolidWorks 2014 Rychlé spuštění.lnk -> C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Nástroj pro stahování na pozadí.lnk [2015-10-29]
ShortcutTarget: SolidWorks Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SolidWorks\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar17.lnk [2016-01-11]
ShortcutTarget: Sidebar17.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-3113116595-2999987527-3303187697-1001] => hxxp://unstopp.me/wpad.dat?c5b648b4075e6b646d08943929ec467e4892169
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2D661260-C0ED-45C5-A9DE-A77C0EB44ADE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C0278D2-9D48-4008-80B4-540F817CBB5C}: [DhcpNameServer] 192.168.24.1
ManualProxies: 0hxxp://unstopp.me/wpad.dat?c5b648b4075e6b646d08943929ec467e4892169

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine64\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programy\Java\bin\ssv.dll [2015-12-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programy\Java\bin\jp2ssv.dll [2015-12-12] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default
FF Homepage: hxxps://cs-cz.facebook.com/
about:preferences#general
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Programy\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Programy\Java\bin\dtplugin\npDeployJava1.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Programy\Java\bin\plugin2\npjp2.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default\searchplugins\McSiteAdvisor.xml [2015-12-12]
FF Extension: (Firebug) - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default\Extensions\firebug@software.joehewitt.com.xpi [2016-08-22]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon
FF Extension: (Norton Identity Safe) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon [2016-07-08]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon

Chrome:
=======
CHR Profile: C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-23]
CHR Extension: (Dokumenty Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-23]
CHR Extension: (Disk Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2016-08-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-19]
CHR Extension: (GeoProxy) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pooljnboifbodgifngpppfklhifechoe [2015-12-27]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.7.0.76\Exts\Chrome.crx [2016-07-03]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.7.0.76\Exts\Chrome.crx [2016-07-03]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel & Associates)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\22.7.1.32\NAV.exe [289080 2016-08-16] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; D:\Hry\Origin\OriginClientService.exe [2122248 2016-06-20] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-01-30] ()
R2 RzKLService; C:\Programy\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-10-29] (SolidWorks) [File not signed]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-09-19] (ASUS Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7546544 2015-02-14] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\BASHDefs\20160810.001\BHDrvx64.sys [1832176 2016-05-13] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1607010.020\ccSetx64.sys [174328 2016-06-02] (Symantec Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-10-24] (DT Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-05] (Symantec Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\IPSDefs\20160826.001\IDSvia64.sys [876760 2016-07-08] (Symantec Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-08-10] (McAfee, Inc.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2016-03-19] () [File not signed]
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1607000.04C\SRTSP64.SYS [773368 2016-07-20] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1607010.020\SRTSPX64.SYS [48888 2016-06-02] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NAVx64\1607010.020\SYMEFASI64.SYS [1627352 2016-06-02] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1607010.020\SymELAM.sys [24192 2015-09-24] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [101112 2016-07-03] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1607010.020\Ironx64.SYS [291056 2016-06-02] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NAVx64\1607000.04C\SYMNETS.SYS [567536 2016-06-02] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\SDSDefs\20160720.002\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\SDSDefs\20160720.002\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-28 14:40 - 2016-08-28 14:40 - 00021169 _____ C:\Users\Anton\Desktop\FRST.txt
2016-08-28 14:39 - 2016-08-28 14:40 - 00000000 ____D C:\FRST
2016-08-28 14:38 - 2016-08-28 14:38 - 02396672 _____ (Farbar) C:\Users\Anton\Desktop\FRST64.exe
2016-08-21 15:07 - 2016-08-21 15:07 - 00001125 _____ C:\Users\Anton\Desktop\fifa14-3dm – zástupce.lnk
2016-08-20 18:38 - 2016-08-28 13:07 - 00000000 ____D C:\Users\Anton\Documents\FIFA 14
2016-08-20 17:51 - 2016-08-20 17:51 - 00000801 _____ C:\Users\Public\Desktop\Train Simulator 2015.lnk
2016-08-20 17:51 - 2016-08-20 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RailSimulator.com
2016-08-20 17:37 - 2016-08-28 13:38 - 00000000 ____D C:\Users\Anton\Downloads\FIFA 15
2016-08-20 17:37 - 2016-08-20 17:49 - 00000000 ____D C:\Users\Anton\Downloads\FIFA 16 DEMO
2016-08-16 17:25 - 2016-08-28 12:00 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2016-08-08 19:09 - 2016-08-08 19:09 - 00004783 _____ C:\Users\Anton\Downloads\0716_2492.PDF
2016-08-06 18:12 - 2016-08-06 18:12 - 00000000 ____D C:\ProgramData\HP
2016-07-31 01:13 - 2016-07-31 02:45 - 1120589816 _____ C:\Users\Anton\Downloads\POVD - Life, Liberty And The Pursuit Of Pussy - Alexis Adams.mp4
2016-07-30 17:43 - 2016-07-30 17:43 - 00000000 ____D C:\Users\Anton\AppData\Roaming\Steam
2016-07-30 17:11 - 2016-07-30 17:11 - 00000717 _____ C:\Users\Anton\Desktop\Train Simulator 2016.lnk
2016-07-30 17:11 - 2016-07-30 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Train Simulator 2016
2016-07-29 16:19 - 2016-08-28 14:24 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-29 16:19 - 2016-08-27 23:35 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-29 16:19 - 2016-07-29 16:19 - 00003942 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 16:19 - 2016-07-29 16:19 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-28 14:37 - 2015-10-23 16:49 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3113116595-2999987527-3303187697-1001
2016-08-28 14:33 - 2015-11-06 21:12 - 00000000 ____D C:\Users\Anton\AppData\Roaming\uTorrent
2016-08-28 14:31 - 2015-12-25 18:53 - 00000000 ____D C:\ProgramData\Origin
2016-08-28 13:57 - 2014-10-21 06:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-28 13:56 - 2015-10-25 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2016-08-28 13:37 - 2015-10-24 16:59 - 00000000 ____D C:\Users\Anton\AppData\Roaming\vlc
2016-08-28 13:37 - 2015-10-23 18:16 - 00000000 ____D C:\Users\Anton\Desktop\sSs
2016-08-28 13:35 - 2015-10-23 18:05 - 00000000 ____D C:\Users\Anton\Desktop\Moje
2016-08-28 13:24 - 2015-12-15 15:57 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-08-28 13:07 - 2015-10-23 16:45 - 00000165 _____ C:\Users\Anton\AppData\Roaming\sp_data.sys
2016-08-28 13:03 - 2015-10-24 19:02 - 00000536 _____ C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job
2016-08-28 12:00 - 2015-10-23 16:52 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2016-08-27 23:35 - 2015-10-23 16:51 - 00001543 _____ C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2016-08-27 15:11 - 2015-10-23 17:10 - 06861312 ___SH C:\Users\Anton\Desktop\Thumbs.db
2016-08-23 21:24 - 2014-10-21 13:24 - 00741360 _____ C:\Windows\system32\perfh005.dat
2016-08-23 21:24 - 2014-10-21 13:24 - 00152030 _____ C:\Windows\system32\perfc005.dat
2016-08-23 21:24 - 2014-03-18 17:26 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-23 21:24 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-08-23 19:58 - 2015-10-29 14:37 - 01192448 ___SH C:\Users\Anton\Downloads\Thumbs.db
2016-08-20 17:56 - 2016-01-24 18:08 - 00000000 ____D C:\Users\Anton\AppData\Local\SKIDROW
2016-08-20 17:41 - 2015-10-24 00:12 - 00000000 ____D C:\Users\Anton\AppData\Roaming\DAEMON Tools Lite
2016-08-20 17:22 - 2015-11-06 20:44 - 00000000 ____D C:\Users\Anton\Downloads\HRY INSTALACKY
2016-08-20 13:57 - 2015-12-13 19:04 - 00000000 ____D C:\Windows\system32\Drivers\NAVx64
2016-08-18 16:53 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-08-16 20:22 - 2016-04-10 20:20 - 00000000 ____D C:\Users\Anton\Downloads\filmy
2016-08-11 20:42 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-11 20:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-08-08 19:01 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-08-08 18:58 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-08 18:57 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-08-06 12:29 - 2015-10-23 17:02 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-30 17:43 - 2015-10-29 10:11 - 00000000 ____D C:\Users\Anton\AppData\Roaming\NVIDIA
2016-07-30 16:48 - 2016-06-26 15:52 - 00000000 ____D C:\Users\Anton\Downloads\The 5th Wave

==================== Files in the root of some directories =======

2015-11-01 20:22 - 2015-11-01 20:22 - 0000504 _____ () C:\Users\Anton\AppData\Roaming\Drives Monitor_Settings.ini
2015-10-23 16:45 - 2016-08-28 13:07 - 0000165 _____ () C:\Users\Anton\AppData\Roaming\sp_data.sys
2015-11-01 20:24 - 2015-11-01 20:28 - 0000122 _____ () C:\Users\Anton\AppData\Roaming\System Monitor II_UptimeRecord.ini
2016-01-11 18:27 - 2016-01-26 12:30 - 0000058 _____ () C:\Users\Anton\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-10-29 17:45 - 2015-12-09 16:19 - 0000000 _____ () C:\Users\Anton\AppData\Local\Temptable.xml
2014-10-21 06:28 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-21 06:28 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-08-22 21:06

==================== End of FRST.txt ============================

#2 Příspěvek od **Rudy** » 28 srp 2016 15:10

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

whiskytony · #3 Příspěvek od **whiskytony** » 28 srp 2016 17:52

# AdwCleaner v6.010 - Logfile created 28/08/2016 at 18:40:35
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-27.1 [Server]
# Operating System : Windows 8.1 (X64)
# Username : Anton - TONY
# Running from : C:\Users\Anton\Desktop\adwcleaner_6.010.exe
# Mode: Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3778 Bytes] - [05/06/2016 18:09:33]
C:\AdwCleaner\AdwCleaner[C2].txt - [1163 Bytes] - [28/08/2016 18:40:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [3678 Bytes] - [05/06/2016 18:07:33]
C:\AdwCleaner\AdwCleaner[S2].txt - [1578 Bytes] - [28/08/2016 18:40:20]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1382 Bytes] ##########

#4 Příspěvek od **Rudy** » 28 srp 2016 18:26

Dejte nový log FRST.

whiskytony · #5 Příspěvek od **whiskytony** » 28 srp 2016 18:56

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-08-2016
Ran by Anton (administrator) on TONY (28-08-2016 19:47:40)
Running from C:\Users\Anton\Desktop
Loaded Profiles: Anton (Available Profiles: Anton)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Programy\Razer Game Booster\RzKLService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.7.1.32\nav.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.7.1.32\nav.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [AGEIA PhysX SysTray] => C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe [339968 2006-08-16] ()
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\Run: [DAEMON Tools Lite] => "C:\Users\Anton\Desktop\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {2156a9fb-7994-11e5-8261-acb57daa8b50} - "J:\fscommand\LS_Start_Launch.cmd"
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-02-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2014 Rychlé spuštění.lnk [2015-10-29]
ShortcutTarget: SolidWorks 2014 Rychlé spuštění.lnk -> C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Nástroj pro stahování na pozadí.lnk [2015-10-29]
ShortcutTarget: SolidWorks Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SolidWorks\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar17.lnk [2016-01-11]
ShortcutTarget: Sidebar17.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-3113116595-2999987527-3303187697-1001] => hxxp://unstopp.me/wpad.dat?c5b648b4075e6b646d08943929ec467e4892169
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2D661260-C0ED-45C5-A9DE-A77C0EB44ADE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C0278D2-9D48-4008-80B4-540F817CBB5C}: [DhcpNameServer] 192.168.24.1
ManualProxies: 0hxxp://unstopp.me/wpad.dat?c5b648b4075e6b646d08943929ec467e4892169

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine64\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programy\Java\bin\ssv.dll [2015-12-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programy\Java\bin\jp2ssv.dll [2015-12-12] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default
FF Homepage: hxxps://cs-cz.facebook.com/
about:preferences#general
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Programy\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Programy\Java\bin\dtplugin\npDeployJava1.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Programy\Java\bin\plugin2\npjp2.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default\searchplugins\McSiteAdvisor.xml [2015-12-12]
FF Extension: (Firebug) - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default\Extensions\firebug@software.joehewitt.com.xpi [2016-08-22]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon
FF Extension: (Norton Identity Safe) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon [2016-07-08]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon

Chrome:
=======
CHR Profile: C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-23]
CHR Extension: (Dokumenty Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-23]
CHR Extension: (Disk Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2016-08-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-19]
CHR Extension: (GeoProxy) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pooljnboifbodgifngpppfklhifechoe [2015-12-27]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.7.1.32\Exts\Chrome.crx [2016-08-20]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.7.1.32\Exts\Chrome.crx [2016-08-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel & Associates)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\22.7.1.32\NAV.exe [289080 2016-08-16] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; D:\Hry\Origin\OriginClientService.exe [2122248 2016-06-20] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-01-30] ()
R2 RzKLService; C:\Programy\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-10-29] (SolidWorks) [File not signed]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-09-19] (ASUS Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7546544 2015-02-14] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\BASHDefs\20160810.001\BHDrvx64.sys [1832176 2016-05-13] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1607010.020\ccSetx64.sys [174328 2016-06-02] (Symantec Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-10-24] (DT Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-05] (Symantec Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\IPSDefs\20160826.001\IDSvia64.sys [876760 2016-07-08] (Symantec Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-08-10] (McAfee, Inc.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2016-03-19] () [File not signed]
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1607010.020\SRTSP64.SYS [773360 2016-08-10] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1607010.020\SRTSPX64.SYS [48888 2016-06-02] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NAVx64\1607010.020\SYMEFASI64.SYS [1627352 2016-06-02] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1607010.020\SymELAM.sys [24192 2015-09-24] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [101112 2016-07-03] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1607010.020\Ironx64.SYS [291056 2016-06-02] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1607010.020\SYMNETS.SYS [567536 2016-06-02] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\SDSDefs\20160720.002\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\SDSDefs\20160720.002\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-28 18:50 - 2016-08-28 18:50 - 00000000 ____D C:\Windows\System32\Tasks\Norton AntiVirus
2016-08-28 18:44 - 2016-08-28 18:44 - 00003218 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2016-08-28 18:28 - 2016-08-28 18:28 - 03826240 _____ C:\Users\Anton\Desktop\adwcleaner_6.010.exe
2016-08-28 14:40 - 2016-08-28 19:48 - 00020955 _____ C:\Users\Anton\Desktop\FRST.txt
2016-08-28 14:39 - 2016-08-28 19:47 - 00000000 ____D C:\FRST
2016-08-28 14:38 - 2016-08-28 14:38 - 02396672 _____ (Farbar) C:\Users\Anton\Desktop\FRST64.exe
2016-08-21 15:07 - 2016-08-21 15:07 - 00001125 _____ C:\Users\Anton\Desktop\fifa14-3dm – zástupce.lnk
2016-08-20 18:38 - 2016-08-28 16:10 - 00000000 ____D C:\Users\Anton\Documents\FIFA 14
2016-08-20 17:51 - 2016-08-20 17:51 - 00000801 _____ C:\Users\Public\Desktop\Train Simulator 2015.lnk
2016-08-20 17:51 - 2016-08-20 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RailSimulator.com
2016-08-20 17:37 - 2016-08-28 13:38 - 00000000 ____D C:\Users\Anton\Downloads\FIFA 15
2016-08-20 17:37 - 2016-08-20 17:49 - 00000000 ____D C:\Users\Anton\Downloads\FIFA 16 DEMO
2016-08-16 17:25 - 2016-08-28 12:00 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2016-08-08 19:09 - 2016-08-08 19:09 - 00004783 _____ C:\Users\Anton\Downloads\0716_2492.PDF
2016-08-06 18:12 - 2016-08-06 18:12 - 00000000 ____D C:\ProgramData\HP
2016-07-31 01:13 - 2016-07-31 02:45 - 1120589816 _____ C:\Users\Anton\Downloads\POVD - Life, Liberty And The Pursuit Of Pussy - Alexis Adams.mp4
2016-07-30 17:43 - 2016-07-30 17:43 - 00000000 ____D C:\Users\Anton\AppData\Roaming\Steam
2016-07-30 17:11 - 2016-07-30 17:11 - 00000717 _____ C:\Users\Anton\Desktop\Train Simulator 2016.lnk
2016-07-30 17:11 - 2016-07-30 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Train Simulator 2016
2016-07-29 16:19 - 2016-08-28 19:24 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-29 16:19 - 2016-08-28 18:45 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-29 16:19 - 2016-07-29 16:19 - 00003942 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 16:19 - 2016-07-29 16:19 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-28 19:05 - 2015-10-23 16:45 - 00000165 _____ C:\Users\Anton\AppData\Roaming\sp_data.sys
2016-08-28 18:50 - 2015-10-23 16:49 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3113116595-2999987527-3303187697-1001
2016-08-28 18:49 - 2015-10-24 19:02 - 00000536 _____ C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job
2016-08-28 18:45 - 2015-10-23 16:51 - 00001543 _____ C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2016-08-28 18:45 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-08-28 18:44 - 2016-07-08 20:38 - 00002337 _____ C:\Users\Public\Desktop\Norton AntiVirus.lnk
2016-08-28 18:44 - 2015-12-13 19:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2016-08-28 18:44 - 2015-12-13 19:04 - 00000000 ____D C:\Windows\system32\Drivers\NAVx64
2016-08-28 18:44 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-08-28 18:44 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-28 18:41 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-08-28 18:40 - 2016-06-05 18:07 - 00000000 ____D C:\AdwCleaner
2016-08-28 14:58 - 2015-12-15 15:57 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-08-28 14:54 - 2015-10-23 18:16 - 00000000 ____D C:\Users\Anton\Desktop\sSs
2016-08-28 14:33 - 2015-11-06 21:12 - 00000000 ____D C:\Users\Anton\AppData\Roaming\uTorrent
2016-08-28 14:31 - 2015-12-25 18:53 - 00000000 ____D C:\ProgramData\Origin
2016-08-28 13:57 - 2014-10-21 06:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-28 13:56 - 2015-10-25 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2016-08-28 13:37 - 2015-10-24 16:59 - 00000000 ____D C:\Users\Anton\AppData\Roaming\vlc
2016-08-28 13:35 - 2015-10-23 18:05 - 00000000 ____D C:\Users\Anton\Desktop\Moje
2016-08-28 12:00 - 2015-10-23 16:52 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2016-08-27 15:11 - 2015-10-23 17:10 - 06861312 ___SH C:\Users\Anton\Desktop\Thumbs.db
2016-08-23 21:24 - 2014-10-21 13:24 - 00741360 _____ C:\Windows\system32\perfh005.dat
2016-08-23 21:24 - 2014-10-21 13:24 - 00152030 _____ C:\Windows\system32\perfc005.dat
2016-08-23 21:24 - 2014-03-18 17:26 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-23 21:24 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-08-23 19:58 - 2015-10-29 14:37 - 01192448 ___SH C:\Users\Anton\Downloads\Thumbs.db
2016-08-20 17:56 - 2016-01-24 18:08 - 00000000 ____D C:\Users\Anton\AppData\Local\SKIDROW
2016-08-20 17:41 - 2015-10-24 00:12 - 00000000 ____D C:\Users\Anton\AppData\Roaming\DAEMON Tools Lite
2016-08-20 17:22 - 2015-11-06 20:44 - 00000000 ____D C:\Users\Anton\Downloads\HRY INSTALACKY
2016-08-18 16:53 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-08-16 20:22 - 2016-04-10 20:20 - 00000000 ____D C:\Users\Anton\Downloads\filmy
2016-08-11 20:42 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-11 20:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-08-06 12:29 - 2015-10-23 17:02 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-30 17:43 - 2015-10-29 10:11 - 00000000 ____D C:\Users\Anton\AppData\Roaming\NVIDIA
2016-07-30 16:48 - 2016-06-26 15:52 - 00000000 ____D C:\Users\Anton\Downloads\The 5th Wave

==================== Files in the root of some directories =======

2015-11-01 20:22 - 2015-11-01 20:22 - 0000504 _____ () C:\Users\Anton\AppData\Roaming\Drives Monitor_Settings.ini
2015-10-23 16:45 - 2016-08-28 19:05 - 0000165 _____ () C:\Users\Anton\AppData\Roaming\sp_data.sys
2015-11-01 20:24 - 2015-11-01 20:28 - 0000122 _____ () C:\Users\Anton\AppData\Roaming\System Monitor II_UptimeRecord.ini
2016-01-11 18:27 - 2016-01-26 12:30 - 0000058 _____ () C:\Users\Anton\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-10-29 17:45 - 2015-12-09 16:19 - 0000000 _____ () C:\Users\Anton\AppData\Local\Temptable.xml
2014-10-21 06:28 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-21 06:28 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

Some files in TEMP:
====================
C:\Users\Anton\AppData\Local\Temp\libeay32.dll
C:\Users\Anton\AppData\Local\Temp\msvcr120.dll
C:\Users\Anton\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-08-22 21:06

==================== End of FRST.txt ============================

#6 Příspěvek od **Rudy** » 28 srp 2016 20:18

Otevřte poznámkový blok a zkopírujte do něj:

Start
AutoConfigURL: [S-1-5-21-3113116595-2999987527-3303187697-1001] => hxxp://unstopp.me/wpad.dat?c5b648b4075e ... 67e4892169
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Anton\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

whiskytony · #7 Příspěvek od **whiskytony** » 28 srp 2016 20:51

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-08-2016
Ran by Anton (28-08-2016 21:40:36) Run:1
Running from C:\Users\Anton\Desktop
Loaded Profiles: Anton (Available Profiles: Anton)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
AutoConfigURL: [S-1-5-21-3113116595-2999987527-3303187697-1001] => hxxp://unstopp.me/wpad.dat?c5b648b4075e ... 67e4892169
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Anton\AppData\Local\Temp
End
*****************

HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

"C:\Users\Anton\AppData\Local\Temp" folder move:

Could not move "C:\Users\Anton\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 28-08-2016 21:43:29)

C:\Users\Anton\AppData\Local\Temp => moved successfully

==== End of Fixlog 21:43:29 ====

#8 Příspěvek od **Rudy** » 28 srp 2016 21:42

Smazáno. Nastala nějaká změna?

VIRY.CZ

vir - otevírání nových oken - reklam

vir - otevírání nových oken - reklam

Re: vir - otevírání nových oken - reklam

Re: vir - otevírání nových oken - reklam

Re: vir - otevírání nových oken - reklam

Re: vir - otevírání nových oken - reklam

Re: vir - otevírání nových oken - reklam

Re: vir - otevírání nových oken - reklam

Re: vir - otevírání nových oken - reklam