Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Vir
Dobrý den mám problém s virem. Videa se seknou a nenačítají se vůbec, a furt mi vyskakují reklamy, otevírají se mi nová okna a přesměrovává mě to na jiné stránky, budu moc rád když mi poradíte co s tím.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by David (administrator) on MSI (19-10-2016 15:41:40)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Platform: Windows 8.1 Enterprise (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\SmartComp Safe Network\privoxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\David\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8804608 2016-04-29] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29538432 2016-08-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\...\Policies\system: [DisableLockWorkstation] 0
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-1677953910-3497094135-4251479096-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-1677953910-3497094135-4251479096-1001] => 127.0.0.1:8118
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{BD3BF592-8161-4AB4-B78E-2D4492EBCB82}: [DhcpNameServer] 192.168.0.1
ManualProxies:
Internet Explorer:
==================
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-07-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-07-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-11] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 65-291&t=4
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 65-291&t=4"
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2016-10-19]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-10]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-11]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-10]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-21]
CHR Extension: (d77718b95afb9c715ed57e26321e9e21_2) - C:\Program Files (x86)\Google\Chrome\Application\d77718b95afb9c715ed57e26321e9e21_2 [2016-09-12]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation)
R2 PrivoxyService; C:\Program Files (x86)\SmartComp Safe Network\privoxy.exe [371200 2016-10-17] (The Privoxy team - www.privoxy.org) [File not signed] <==== ATTENTION
R2 SbaService; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe [26296 2015-10-14] (Intel Corporation)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d62x64.sys [510952 2015-11-24] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET)
R3 iaLPSS2_GPIO2; C:\Windows\system32\DRIVERS\iaLPSS2_GPIO2.sys [84264 2015-05-29] (Intel Corporation)
R3 iaLPSS2_I2C; C:\Windows\system32\DRIVERS\iaLPSS2_I2C.sys [185128 2015-05-29] (Intel Corporation)
R3 iaLPSS2_UART2; C:\Windows\system32\DRIVERS\iaLPSS2_UART2.sys [281896 2015-05-29] (Intel Corporation)
R3 iusb3adp; C:\Windows\System32\drivers\iusb3adp.sys [37672 2015-07-31] (Intel)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-07-11] (NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 ISODrive; \??\D:\Hry\UltraISO\UltraISO\drivers\ISODrv64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-19 15:41 - 2016-10-19 15:41 - 00010270 _____ C:\Users\David\Desktop\FRST.txt
2016-10-19 15:39 - 2016-10-19 15:41 - 00000000 ____D C:\FRST
2016-10-19 15:38 - 2016-10-19 15:38 - 00112640 _____ (forum.viry.cz) C:\Users\David\Desktop\FRSTLauncher.exe
2016-10-19 15:37 - 2016-10-19 15:37 - 02407424 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2016-10-17 20:47 - 2016-10-19 09:49 - 00003280 _____ C:\Windows\System32\Tasks\SmartComp Safe Network Schedualer
2016-10-17 20:47 - 2016-10-17 20:47 - 00000000 ____D C:\Program Files (x86)\SmartComp Safe Network
2016-10-15 11:19 - 2016-10-15 11:19 - 00048518 _____ C:\Users\David\Desktop\uvolneni_z_TEV.pdf
2016-10-12 10:44 - 2016-10-01 02:22 - 07444312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-12 10:44 - 2016-09-30 09:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-12 10:44 - 2016-09-30 08:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-12 10:44 - 2016-09-30 08:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-12 10:44 - 2016-09-30 08:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-12 10:44 - 2016-09-30 08:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-12 10:44 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-12 10:44 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-12 10:44 - 2016-09-30 07:41 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-12 10:44 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-12 10:44 - 2016-09-30 07:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-12 10:44 - 2016-09-30 07:33 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-12 10:44 - 2016-09-30 07:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-12 10:44 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-12 10:44 - 2016-09-30 07:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-12 10:44 - 2016-09-30 07:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-12 10:44 - 2016-09-30 07:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-12 10:44 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-12 10:44 - 2016-09-30 07:11 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-12 10:44 - 2016-09-30 07:06 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-12 10:44 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-12 10:44 - 2016-09-30 07:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-12 10:44 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-12 10:44 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-12 10:44 - 2016-09-30 06:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-12 10:44 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-12 10:44 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-12 10:44 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-12 10:44 - 2016-09-17 20:16 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-12 10:44 - 2016-09-17 19:53 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-12 10:44 - 2016-09-17 19:21 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-12 10:44 - 2016-09-17 19:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-12 10:44 - 2016-09-17 19:02 - 01446400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-12 10:44 - 2016-09-14 03:53 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-12 10:44 - 2016-09-14 03:53 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-10-12 10:44 - 2016-09-14 03:53 - 01490112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-12 10:44 - 2016-09-14 03:53 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-10-12 10:44 - 2016-09-13 01:48 - 00085680 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-12 10:44 - 2016-09-13 00:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2016-10-12 10:44 - 2016-09-12 23:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2016-10-12 10:44 - 2016-09-09 16:17 - 04170752 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-12 10:44 - 2016-09-09 15:38 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-12 10:44 - 2016-09-08 22:41 - 00121176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2016-10-12 10:44 - 2016-09-08 16:00 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-12 10:44 - 2016-09-08 16:00 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-12 10:44 - 2016-09-08 00:07 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-12 10:44 - 2016-09-07 23:59 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-10-12 10:44 - 2016-09-07 23:59 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-12 10:44 - 2016-09-07 23:57 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-12 10:44 - 2016-09-07 23:56 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-10-12 10:44 - 2016-08-31 19:22 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-12 10:44 - 2016-08-31 18:33 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-12 10:43 - 2016-08-27 21:44 - 22360288 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-12 10:43 - 2016-08-27 21:44 - 02755504 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-12 10:43 - 2016-08-27 21:44 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2016-10-12 10:43 - 2016-08-27 20:26 - 19789232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-12 10:43 - 2016-08-27 20:26 - 02411048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-12 10:43 - 2016-08-27 20:26 - 00113656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2016-10-12 10:43 - 2016-08-27 18:33 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-10-12 10:43 - 2016-08-27 18:11 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-10-12 10:43 - 2016-08-27 18:09 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-10-12 10:43 - 2016-08-27 17:55 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-10-11 10:34 - 2016-10-11 10:33 - 01062881 _____ C:\Users\David\Desktop\11.40 arty miss shot kill lttb.wotreplay
2016-10-11 05:37 - 2016-10-12 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-11 05:36 - 2016-10-12 19:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-11 05:36 - 2016-10-12 19:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-11 05:36 - 2016-10-11 05:37 - 00000000 ____D C:\Program Files\CCleaner
2016-10-11 05:36 - 2016-10-11 05:36 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-10-11 05:36 - 2016-10-11 05:36 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-11 05:36 - 2016-10-11 05:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-11 05:36 - 2016-08-11 15:12 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:12 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-10-11 05:36 - 2016-08-11 15:11 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:11 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:11 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-10-11 05:35 - 2016-08-25 22:50 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-10-11 05:35 - 2016-08-25 21:40 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-10-11 05:35 - 2016-08-21 00:24 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-11 05:35 - 2016-08-21 00:12 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-11 05:35 - 2016-08-13 02:05 - 09323008 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-11 05:35 - 2016-08-13 02:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys
2016-10-11 05:35 - 2016-08-13 02:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2016-10-11 05:35 - 2016-08-13 02:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2016-10-11 05:35 - 2016-08-13 00:35 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2016-10-11 05:35 - 2016-08-13 00:19 - 09323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-11 05:35 - 2016-08-12 23:47 - 15431168 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-11 05:35 - 2016-08-12 23:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-10-11 05:35 - 2016-08-12 22:52 - 13317120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-11 05:35 - 2016-08-12 03:58 - 02315496 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-10-11 05:35 - 2016-08-12 03:58 - 01946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-10-11 05:35 - 2016-08-11 20:33 - 00096256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys
2016-10-11 05:35 - 2016-08-11 20:33 - 00083456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-10-11 05:35 - 2016-08-11 20:33 - 00023040 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys
2016-10-11 05:35 - 2016-08-11 19:17 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-10-11 05:35 - 2016-08-11 15:39 - 00445765 _____ C:\Windows\system32\ApnDatabase.xml
2016-10-11 05:35 - 2016-08-11 07:46 - 00420184 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-10-11 05:35 - 2016-08-03 17:42 - 01317888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-10-11 05:35 - 2016-08-03 17:36 - 01102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-10-11 05:35 - 2016-08-03 17:36 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2016-10-11 05:35 - 2016-08-03 17:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2016-10-11 05:35 - 2016-07-30 19:12 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-10-11 05:35 - 2016-07-30 18:36 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-10-11 05:35 - 2016-07-26 15:40 - 00162850 _____ C:\Windows\SysWOW64\C_932.NLS
2016-10-11 05:35 - 2016-07-26 15:40 - 00162850 _____ C:\Windows\system32\C_932.NLS
2016-10-11 05:35 - 2016-07-23 20:18 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-10-11 05:35 - 2016-07-23 20:12 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-10-11 04:33 - 2016-10-11 04:35 - 95838760 _____ (Aslain ) C:\Users\David\Downloads\Aslains_WoT_Modpack_Installer_v.9.16_05.1.exe
2016-10-10 04:53 - 2016-10-10 04:52 - 01469096 _____ C:\Users\David\Desktop\jump kill elc amx.wotreplay
2016-10-08 07:38 - 2016-10-08 07:37 - 00675634 _____ C:\Users\David\Desktop\arty miss shot kill 1 výstřel.wotreplay
2016-10-04 19:26 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-10-04 19:26 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-10-04 19:24 - 2016-10-04 19:24 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-10-04 19:24 - 2016-10-04 19:24 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-10-04 19:09 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-10-04 19:09 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-09-28 05:37 - 2016-09-28 05:37 - 00000000 ____D C:\Users\David\Documents\League of Legends
2016-09-28 05:33 - 2016-09-28 05:33 - 00000000 ____D C:\Users\David\AppData\Roaming\LolClient
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Program Files\MSBuild
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-27 18:07 - 2016-09-27 18:07 - 00000000 ____D C:\ProgramData\Riot Games
2016-09-27 18:06 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2016-09-27 18:06 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2016-09-27 18:05 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-09-27 18:05 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-09-27 18:05 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-09-27 18:04 - 2016-09-27 18:04 - 00000000 ____D C:\Users\David\AppData\Roaming\Riot Games
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-19 15:15 - 2016-07-25 14:22 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2016-10-19 15:13 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-10-19 09:57 - 2016-07-19 20:27 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1677953910-3497094135-4251479096-1001
2016-10-19 09:51 - 2016-07-19 20:59 - 00003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-10-19 09:46 - 2016-07-21 17:54 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2016-10-18 05:25 - 2016-07-19 20:59 - 00003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2016-10-16 11:17 - 2016-07-25 15:04 - 00000000 ____D C:\Users\David\AppData\Local\ElevatedDiagnostics
2016-10-15 08:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-10-14 10:42 - 2014-03-18 17:49 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-14 10:42 - 2014-03-18 17:01 - 00738682 _____ C:\Windows\system32\perfh005.dat
2016-10-14 10:42 - 2014-03-18 17:01 - 00151404 _____ C:\Windows\system32\perfc005.dat
2016-10-14 10:36 - 2016-07-19 21:08 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-14 10:36 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\System
2016-10-14 10:36 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-14 10:33 - 2016-09-17 17:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-12 19:04 - 2013-08-22 16:44 - 00492448 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 18:18 - 2016-07-23 23:18 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 18:18 - 2014-12-03 02:30 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 18:18 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-10-12 11:11 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-10-12 11:10 - 2016-07-20 19:09 - 00474112 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-12 11:09 - 2016-07-21 16:48 - 00000000 ____D C:\Windows\system32\MRT
2016-10-12 11:08 - 2016-07-21 16:48 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-11 16:30 - 2016-07-19 20:22 - 00000000 ____D C:\Users\David
2016-10-11 05:37 - 2016-07-19 21:20 - 00000000 ____D C:\Windows\Panther
2016-10-11 05:34 - 2016-07-19 21:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-11 05:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SchCache
2016-10-05 08:13 - 2016-08-14 13:57 - 00000000 ____D C:\AdwCleaner
2016-10-04 19:23 - 2013-08-22 15:25 - 00000167 _____ C:\Windows\win.ini
2016-10-02 15:24 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-10-01 02:15 - 2013-08-22 17:38 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-01 02:15 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-01 01:08 - 2016-09-11 22:30 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-01 01:08 - 2016-09-11 22:30 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-30 15:24 - 2016-07-21 14:21 - 00000000 ____D C:\Users\David\Desktop\Hry
2016-09-27 18:08 - 2016-07-19 21:18 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-27 18:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-09-27 18:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\MUI
2016-09-27 14:52 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2016-09-23 15:22 - 2016-07-25 14:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-23 15:22 - 2016-07-25 14:22 - 00000000 ____D C:\ProgramData\Skype
==================== Files in the root of some directories =======
2016-07-19 21:02 - 2016-07-19 21:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-20 13:48 - 2016-08-20 13:48 - 0000016 _____ () C:\ProgramData\mntemp
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-12 05:14
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:232.37 GB) (Free:169.36 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.39 GB) (Free:796.95 GB) NTFS
Available physical RAM: 14632.84 MB
Total physical RAM: 16346.65 MB
Percentage of memory in use: 10%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Disk: 1 (Size: 232.9 GB) (Disk ID: 00000000)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d20c6b24c01fd1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\David\Desktop" je 6 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by David (administrator) on MSI (19-10-2016 15:41:40)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Platform: Windows 8.1 Enterprise (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\SmartComp Safe Network\privoxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\David\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8804608 2016-04-29] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29538432 2016-08-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\...\Policies\system: [DisableLockWorkstation] 0
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-1677953910-3497094135-4251479096-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-1677953910-3497094135-4251479096-1001] => 127.0.0.1:8118
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{BD3BF592-8161-4AB4-B78E-2D4492EBCB82}: [DhcpNameServer] 192.168.0.1
ManualProxies:
Internet Explorer:
==================
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-07-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-07-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-11] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 65-291&t=4
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 65-291&t=4"
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2016-10-19]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-10]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-11]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-10]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-21]
CHR Extension: (d77718b95afb9c715ed57e26321e9e21_2) - C:\Program Files (x86)\Google\Chrome\Application\d77718b95afb9c715ed57e26321e9e21_2 [2016-09-12]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation)
R2 PrivoxyService; C:\Program Files (x86)\SmartComp Safe Network\privoxy.exe [371200 2016-10-17] (The Privoxy team - www.privoxy.org) [File not signed] <==== ATTENTION
R2 SbaService; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe [26296 2015-10-14] (Intel Corporation)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d62x64.sys [510952 2015-11-24] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET)
R3 iaLPSS2_GPIO2; C:\Windows\system32\DRIVERS\iaLPSS2_GPIO2.sys [84264 2015-05-29] (Intel Corporation)
R3 iaLPSS2_I2C; C:\Windows\system32\DRIVERS\iaLPSS2_I2C.sys [185128 2015-05-29] (Intel Corporation)
R3 iaLPSS2_UART2; C:\Windows\system32\DRIVERS\iaLPSS2_UART2.sys [281896 2015-05-29] (Intel Corporation)
R3 iusb3adp; C:\Windows\System32\drivers\iusb3adp.sys [37672 2015-07-31] (Intel)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-07-11] (NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 ISODrive; \??\D:\Hry\UltraISO\UltraISO\drivers\ISODrv64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-19 15:41 - 2016-10-19 15:41 - 00010270 _____ C:\Users\David\Desktop\FRST.txt
2016-10-19 15:39 - 2016-10-19 15:41 - 00000000 ____D C:\FRST
2016-10-19 15:38 - 2016-10-19 15:38 - 00112640 _____ (forum.viry.cz) C:\Users\David\Desktop\FRSTLauncher.exe
2016-10-19 15:37 - 2016-10-19 15:37 - 02407424 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2016-10-17 20:47 - 2016-10-19 09:49 - 00003280 _____ C:\Windows\System32\Tasks\SmartComp Safe Network Schedualer
2016-10-17 20:47 - 2016-10-17 20:47 - 00000000 ____D C:\Program Files (x86)\SmartComp Safe Network
2016-10-15 11:19 - 2016-10-15 11:19 - 00048518 _____ C:\Users\David\Desktop\uvolneni_z_TEV.pdf
2016-10-12 10:44 - 2016-10-01 02:22 - 07444312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-12 10:44 - 2016-09-30 09:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-12 10:44 - 2016-09-30 08:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-12 10:44 - 2016-09-30 08:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-12 10:44 - 2016-09-30 08:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-12 10:44 - 2016-09-30 08:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-12 10:44 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-12 10:44 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-12 10:44 - 2016-09-30 07:41 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-12 10:44 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-12 10:44 - 2016-09-30 07:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-12 10:44 - 2016-09-30 07:33 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-12 10:44 - 2016-09-30 07:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-12 10:44 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-12 10:44 - 2016-09-30 07:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-12 10:44 - 2016-09-30 07:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-12 10:44 - 2016-09-30 07:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-12 10:44 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-12 10:44 - 2016-09-30 07:11 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-12 10:44 - 2016-09-30 07:06 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-12 10:44 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-12 10:44 - 2016-09-30 07:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-12 10:44 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-12 10:44 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-12 10:44 - 2016-09-30 06:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-12 10:44 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-12 10:44 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-12 10:44 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-12 10:44 - 2016-09-17 20:16 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-12 10:44 - 2016-09-17 19:53 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-12 10:44 - 2016-09-17 19:21 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-12 10:44 - 2016-09-17 19:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-12 10:44 - 2016-09-17 19:02 - 01446400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-12 10:44 - 2016-09-14 03:53 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-12 10:44 - 2016-09-14 03:53 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-10-12 10:44 - 2016-09-14 03:53 - 01490112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-12 10:44 - 2016-09-14 03:53 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-10-12 10:44 - 2016-09-13 01:48 - 00085680 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-12 10:44 - 2016-09-13 00:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2016-10-12 10:44 - 2016-09-12 23:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2016-10-12 10:44 - 2016-09-09 16:17 - 04170752 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-12 10:44 - 2016-09-09 15:38 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-12 10:44 - 2016-09-08 22:41 - 00121176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2016-10-12 10:44 - 2016-09-08 16:00 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-12 10:44 - 2016-09-08 16:00 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-12 10:44 - 2016-09-08 00:07 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-12 10:44 - 2016-09-07 23:59 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-10-12 10:44 - 2016-09-07 23:59 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-12 10:44 - 2016-09-07 23:57 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-12 10:44 - 2016-09-07 23:56 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-10-12 10:44 - 2016-08-31 19:22 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-12 10:44 - 2016-08-31 18:33 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-12 10:43 - 2016-08-27 21:44 - 22360288 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-12 10:43 - 2016-08-27 21:44 - 02755504 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-12 10:43 - 2016-08-27 21:44 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2016-10-12 10:43 - 2016-08-27 20:26 - 19789232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-12 10:43 - 2016-08-27 20:26 - 02411048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-12 10:43 - 2016-08-27 20:26 - 00113656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2016-10-12 10:43 - 2016-08-27 18:33 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-10-12 10:43 - 2016-08-27 18:11 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-10-12 10:43 - 2016-08-27 18:09 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-10-12 10:43 - 2016-08-27 17:55 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-10-11 10:34 - 2016-10-11 10:33 - 01062881 _____ C:\Users\David\Desktop\11.40 arty miss shot kill lttb.wotreplay
2016-10-11 05:37 - 2016-10-12 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-11 05:36 - 2016-10-12 19:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-11 05:36 - 2016-10-12 19:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-11 05:36 - 2016-10-11 05:37 - 00000000 ____D C:\Program Files\CCleaner
2016-10-11 05:36 - 2016-10-11 05:36 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-10-11 05:36 - 2016-10-11 05:36 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-11 05:36 - 2016-10-11 05:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-11 05:36 - 2016-08-11 15:12 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:12 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-10-11 05:36 - 2016-08-11 15:11 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:11 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:11 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-10-11 05:35 - 2016-08-25 22:50 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-10-11 05:35 - 2016-08-25 21:40 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-10-11 05:35 - 2016-08-21 00:24 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-11 05:35 - 2016-08-21 00:12 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-11 05:35 - 2016-08-13 02:05 - 09323008 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-11 05:35 - 2016-08-13 02:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys
2016-10-11 05:35 - 2016-08-13 02:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2016-10-11 05:35 - 2016-08-13 02:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2016-10-11 05:35 - 2016-08-13 00:35 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2016-10-11 05:35 - 2016-08-13 00:19 - 09323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-11 05:35 - 2016-08-12 23:47 - 15431168 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-11 05:35 - 2016-08-12 23:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-10-11 05:35 - 2016-08-12 22:52 - 13317120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-11 05:35 - 2016-08-12 03:58 - 02315496 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-10-11 05:35 - 2016-08-12 03:58 - 01946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-10-11 05:35 - 2016-08-11 20:33 - 00096256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys
2016-10-11 05:35 - 2016-08-11 20:33 - 00083456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-10-11 05:35 - 2016-08-11 20:33 - 00023040 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys
2016-10-11 05:35 - 2016-08-11 19:17 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-10-11 05:35 - 2016-08-11 15:39 - 00445765 _____ C:\Windows\system32\ApnDatabase.xml
2016-10-11 05:35 - 2016-08-11 07:46 - 00420184 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-10-11 05:35 - 2016-08-03 17:42 - 01317888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-10-11 05:35 - 2016-08-03 17:36 - 01102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-10-11 05:35 - 2016-08-03 17:36 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2016-10-11 05:35 - 2016-08-03 17:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2016-10-11 05:35 - 2016-07-30 19:12 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-10-11 05:35 - 2016-07-30 18:36 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-10-11 05:35 - 2016-07-26 15:40 - 00162850 _____ C:\Windows\SysWOW64\C_932.NLS
2016-10-11 05:35 - 2016-07-26 15:40 - 00162850 _____ C:\Windows\system32\C_932.NLS
2016-10-11 05:35 - 2016-07-23 20:18 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-10-11 05:35 - 2016-07-23 20:12 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-10-11 04:33 - 2016-10-11 04:35 - 95838760 _____ (Aslain ) C:\Users\David\Downloads\Aslains_WoT_Modpack_Installer_v.9.16_05.1.exe
2016-10-10 04:53 - 2016-10-10 04:52 - 01469096 _____ C:\Users\David\Desktop\jump kill elc amx.wotreplay
2016-10-08 07:38 - 2016-10-08 07:37 - 00675634 _____ C:\Users\David\Desktop\arty miss shot kill 1 výstřel.wotreplay
2016-10-04 19:26 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-10-04 19:26 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-10-04 19:24 - 2016-10-04 19:24 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-10-04 19:24 - 2016-10-04 19:24 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-10-04 19:09 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-10-04 19:09 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-09-28 05:37 - 2016-09-28 05:37 - 00000000 ____D C:\Users\David\Documents\League of Legends
2016-09-28 05:33 - 2016-09-28 05:33 - 00000000 ____D C:\Users\David\AppData\Roaming\LolClient
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Program Files\MSBuild
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-27 18:07 - 2016-09-27 18:07 - 00000000 ____D C:\ProgramData\Riot Games
2016-09-27 18:06 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2016-09-27 18:06 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2016-09-27 18:05 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-09-27 18:05 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-09-27 18:05 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-09-27 18:04 - 2016-09-27 18:04 - 00000000 ____D C:\Users\David\AppData\Roaming\Riot Games
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-19 15:15 - 2016-07-25 14:22 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2016-10-19 15:13 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-10-19 09:57 - 2016-07-19 20:27 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1677953910-3497094135-4251479096-1001
2016-10-19 09:51 - 2016-07-19 20:59 - 00003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-10-19 09:46 - 2016-07-21 17:54 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2016-10-18 05:25 - 2016-07-19 20:59 - 00003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2016-10-16 11:17 - 2016-07-25 15:04 - 00000000 ____D C:\Users\David\AppData\Local\ElevatedDiagnostics
2016-10-15 08:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-10-14 10:42 - 2014-03-18 17:49 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-14 10:42 - 2014-03-18 17:01 - 00738682 _____ C:\Windows\system32\perfh005.dat
2016-10-14 10:42 - 2014-03-18 17:01 - 00151404 _____ C:\Windows\system32\perfc005.dat
2016-10-14 10:36 - 2016-07-19 21:08 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-14 10:36 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\System
2016-10-14 10:36 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-14 10:33 - 2016-09-17 17:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-12 19:04 - 2013-08-22 16:44 - 00492448 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 18:18 - 2016-07-23 23:18 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 18:18 - 2014-12-03 02:30 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 18:18 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-10-12 11:11 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-10-12 11:10 - 2016-07-20 19:09 - 00474112 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-12 11:09 - 2016-07-21 16:48 - 00000000 ____D C:\Windows\system32\MRT
2016-10-12 11:08 - 2016-07-21 16:48 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-11 16:30 - 2016-07-19 20:22 - 00000000 ____D C:\Users\David
2016-10-11 05:37 - 2016-07-19 21:20 - 00000000 ____D C:\Windows\Panther
2016-10-11 05:34 - 2016-07-19 21:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-11 05:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SchCache
2016-10-05 08:13 - 2016-08-14 13:57 - 00000000 ____D C:\AdwCleaner
2016-10-04 19:23 - 2013-08-22 15:25 - 00000167 _____ C:\Windows\win.ini
2016-10-02 15:24 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-10-01 02:15 - 2013-08-22 17:38 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-01 02:15 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-01 01:08 - 2016-09-11 22:30 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-01 01:08 - 2016-09-11 22:30 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-30 15:24 - 2016-07-21 14:21 - 00000000 ____D C:\Users\David\Desktop\Hry
2016-09-27 18:08 - 2016-07-19 21:18 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-27 18:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-09-27 18:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\MUI
2016-09-27 14:52 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2016-09-23 15:22 - 2016-07-25 14:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-23 15:22 - 2016-07-25 14:22 - 00000000 ____D C:\ProgramData\Skype
==================== Files in the root of some directories =======
2016-07-19 21:02 - 2016-07-19 21:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-20 13:48 - 2016-08-20 13:48 - 0000016 _____ () C:\ProgramData\mntemp
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-12 05:14
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:232.37 GB) (Free:169.36 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.39 GB) (Free:796.95 GB) NTFS
Available physical RAM: 14632.84 MB
Total physical RAM: 16346.65 MB
Percentage of memory in use: 10%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Disk: 1 (Size: 232.9 GB) (Disk ID: 00000000)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d20c6b24c01fd1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\David\Desktop" je 6 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- addition
- (7.2 KiB) Staženo 55 x
Re: Vir
Ahoj,
Vycisti PC s Adwcleanerom
Vycisti PC s Adwcleanerom
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Vir
# AdwCleaner v6.030 - Logfile created 19/10/2016 at 17:32:14
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-10-18.1 [Server]
# Operating System : Windows 8.1 Enterprise (X64)
# Username : David - MSI
# Running from : C:\Users\David\Downloads\adwcleaner_6.030.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support
***** [ Services ] *****
[-] Service deleted: PrivoxyService
***** [ Folders ] *****
[-] Folder deleted: C:\Program Files (x86)\SmartComp Safe Network
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKLM\SOFTWARE\SecureWebChannel
***** [ Web browsers ] *****
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 65-291&t=4
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: kfgaibfbmkjgmimhbbaikfnpkkjkpoan
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default] [homepage] Deleted: hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 65-291&t=4
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1467 Bytes] - [19/10/2016 17:32:14]
C:\AdwCleaner\AdwCleaner[S0].txt - [1758 Bytes] - [19/10/2016 17:31:52]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1613 Bytes] ##########
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-10-18.1 [Server]
# Operating System : Windows 8.1 Enterprise (X64)
# Username : David - MSI
# Running from : C:\Users\David\Downloads\adwcleaner_6.030.exe
# Mode: Clean
# Support : hxxps://www.malwarebytes.com/support
***** [ Services ] *****
[-] Service deleted: PrivoxyService
***** [ Folders ] *****
[-] Folder deleted: C:\Program Files (x86)\SmartComp Safe Network
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKLM\SOFTWARE\SecureWebChannel
***** [ Web browsers ] *****
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 65-291&t=4
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: kfgaibfbmkjgmimhbbaikfnpkkjkpoan
[-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default] [homepage] Deleted: hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 65-291&t=4
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1467 Bytes] - [19/10/2016 17:32:14]
C:\AdwCleaner\AdwCleaner[S0].txt - [1758 Bytes] - [19/10/2016 17:31:52]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1613 Bytes] ##########
Re: Vir
Vloz novy log frst
Su este problemy?
Su este problemy?
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Vir
Zatím ne, ale párkrát už se mi povedlo vir odstranit a do pár dní se znovu objevil.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by David (administrator) on MSI (19-10-2016 18:49:50)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Platform: Windows 8.1 Enterprise (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(forum.viry.cz) C:\Users\David\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8804608 2016-04-29] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29538432 2016-08-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\...\Policies\system: [DisableLockWorkstation] 0
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-1677953910-3497094135-4251479096-1001] => 127.0.0.1:8118
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{BD3BF592-8161-4AB4-B78E-2D4492EBCB82}: [DhcpNameServer] 192.168.0.1
ManualProxies:
Internet Explorer:
==================
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-07-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-07-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-11] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 65-291&t=4
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 65-291&t=4"
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2016-10-19]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-10]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-11]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-10]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-21]
CHR Extension: (d77718b95afb9c715ed57e26321e9e21_2) - C:\Program Files (x86)\Google\Chrome\Application\d77718b95afb9c715ed57e26321e9e21_2 [2016-09-12]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation)
R2 SbaService; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe [26296 2015-10-14] (Intel Corporation)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d62x64.sys [510952 2015-11-24] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET)
R3 iaLPSS2_GPIO2; C:\Windows\system32\DRIVERS\iaLPSS2_GPIO2.sys [84264 2015-05-29] (Intel Corporation)
R3 iaLPSS2_I2C; C:\Windows\system32\DRIVERS\iaLPSS2_I2C.sys [185128 2015-05-29] (Intel Corporation)
R3 iaLPSS2_UART2; C:\Windows\system32\DRIVERS\iaLPSS2_UART2.sys [281896 2015-05-29] (Intel Corporation)
R3 iusb3adp; C:\Windows\System32\drivers\iusb3adp.sys [37672 2015-07-31] (Intel)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-07-11] (NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 ISODrive; \??\D:\Hry\UltraISO\UltraISO\drivers\ISODrv64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-19 17:30 - 2016-10-19 17:31 - 03910208 _____ C:\Users\David\Downloads\adwcleaner_6.030.exe
2016-10-19 15:47 - 2016-10-19 15:58 - 00000069 _____ C:\Users\David\Desktop\viry.cz.txt
2016-10-19 15:44 - 2016-10-19 15:44 - 00007373 _____ C:\Users\David\Desktop\Addition.rar
2016-10-19 15:41 - 2016-10-19 18:49 - 00009408 _____ C:\Users\David\Desktop\FRST.txt
2016-10-19 15:39 - 2016-10-19 18:49 - 00000000 ____D C:\FRST
2016-10-19 15:38 - 2016-10-19 15:38 - 00112640 _____ (forum.viry.cz) C:\Users\David\Desktop\FRSTLauncher.exe
2016-10-19 15:37 - 2016-10-19 15:37 - 02407424 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2016-10-15 11:19 - 2016-10-15 11:19 - 00048518 _____ C:\Users\David\Desktop\uvolneni_z_TEV.pdf
2016-10-12 10:44 - 2016-10-01 02:22 - 07444312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-12 10:44 - 2016-09-30 09:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-12 10:44 - 2016-09-30 08:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-12 10:44 - 2016-09-30 08:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-12 10:44 - 2016-09-30 08:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-12 10:44 - 2016-09-30 08:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-12 10:44 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-12 10:44 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-12 10:44 - 2016-09-30 07:41 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-12 10:44 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-12 10:44 - 2016-09-30 07:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-12 10:44 - 2016-09-30 07:33 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-12 10:44 - 2016-09-30 07:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-12 10:44 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-12 10:44 - 2016-09-30 07:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-12 10:44 - 2016-09-30 07:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-12 10:44 - 2016-09-30 07:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-12 10:44 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-12 10:44 - 2016-09-30 07:11 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-12 10:44 - 2016-09-30 07:06 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-12 10:44 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-12 10:44 - 2016-09-30 07:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-12 10:44 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-12 10:44 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-12 10:44 - 2016-09-30 06:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-12 10:44 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-12 10:44 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-12 10:44 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-12 10:44 - 2016-09-17 20:16 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-12 10:44 - 2016-09-17 19:53 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-12 10:44 - 2016-09-17 19:21 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-12 10:44 - 2016-09-17 19:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-12 10:44 - 2016-09-17 19:02 - 01446400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-12 10:44 - 2016-09-14 03:53 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-12 10:44 - 2016-09-14 03:53 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-10-12 10:44 - 2016-09-14 03:53 - 01490112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-12 10:44 - 2016-09-14 03:53 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-10-12 10:44 - 2016-09-13 01:48 - 00085680 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-12 10:44 - 2016-09-13 00:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2016-10-12 10:44 - 2016-09-12 23:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2016-10-12 10:44 - 2016-09-09 16:17 - 04170752 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-12 10:44 - 2016-09-09 15:38 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-12 10:44 - 2016-09-08 22:41 - 00121176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2016-10-12 10:44 - 2016-09-08 16:00 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-12 10:44 - 2016-09-08 16:00 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-12 10:44 - 2016-09-08 00:07 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-12 10:44 - 2016-09-07 23:59 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-10-12 10:44 - 2016-09-07 23:59 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-12 10:44 - 2016-09-07 23:57 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-12 10:44 - 2016-09-07 23:56 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-10-12 10:44 - 2016-08-31 19:22 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-12 10:44 - 2016-08-31 18:33 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-12 10:43 - 2016-08-27 21:44 - 22360288 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-12 10:43 - 2016-08-27 21:44 - 02755504 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-12 10:43 - 2016-08-27 21:44 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2016-10-12 10:43 - 2016-08-27 20:26 - 19789232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-12 10:43 - 2016-08-27 20:26 - 02411048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-12 10:43 - 2016-08-27 20:26 - 00113656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2016-10-12 10:43 - 2016-08-27 18:33 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-10-12 10:43 - 2016-08-27 18:11 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-10-12 10:43 - 2016-08-27 18:09 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-10-12 10:43 - 2016-08-27 17:55 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-10-11 10:34 - 2016-10-11 10:33 - 01062881 _____ C:\Users\David\Desktop\11.40 arty miss shot kill lttb.wotreplay
2016-10-11 05:37 - 2016-10-12 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-11 05:36 - 2016-10-12 19:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-11 05:36 - 2016-10-12 19:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-11 05:36 - 2016-10-11 05:37 - 00000000 ____D C:\Program Files\CCleaner
2016-10-11 05:36 - 2016-10-11 05:36 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-10-11 05:36 - 2016-10-11 05:36 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-11 05:36 - 2016-10-11 05:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-11 05:36 - 2016-08-11 15:12 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:12 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-10-11 05:36 - 2016-08-11 15:11 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:11 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:11 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-10-11 05:35 - 2016-08-25 22:50 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-10-11 05:35 - 2016-08-25 21:40 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-10-11 05:35 - 2016-08-21 00:24 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-11 05:35 - 2016-08-21 00:12 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-11 05:35 - 2016-08-13 02:05 - 09323008 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-11 05:35 - 2016-08-13 02:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys
2016-10-11 05:35 - 2016-08-13 02:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2016-10-11 05:35 - 2016-08-13 02:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2016-10-11 05:35 - 2016-08-13 00:35 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2016-10-11 05:35 - 2016-08-13 00:19 - 09323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-11 05:35 - 2016-08-12 23:47 - 15431168 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-11 05:35 - 2016-08-12 23:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-10-11 05:35 - 2016-08-12 22:52 - 13317120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-11 05:35 - 2016-08-12 03:58 - 02315496 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-10-11 05:35 - 2016-08-12 03:58 - 01946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-10-11 05:35 - 2016-08-11 20:33 - 00096256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys
2016-10-11 05:35 - 2016-08-11 20:33 - 00083456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-10-11 05:35 - 2016-08-11 20:33 - 00023040 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys
2016-10-11 05:35 - 2016-08-11 19:17 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-10-11 05:35 - 2016-08-11 15:39 - 00445765 _____ C:\Windows\system32\ApnDatabase.xml
2016-10-11 05:35 - 2016-08-11 07:46 - 00420184 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-10-11 05:35 - 2016-08-03 17:42 - 01317888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-10-11 05:35 - 2016-08-03 17:36 - 01102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-10-11 05:35 - 2016-08-03 17:36 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2016-10-11 05:35 - 2016-08-03 17:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2016-10-11 05:35 - 2016-07-30 19:12 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-10-11 05:35 - 2016-07-30 18:36 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-10-11 05:35 - 2016-07-26 15:40 - 00162850 _____ C:\Windows\SysWOW64\C_932.NLS
2016-10-11 05:35 - 2016-07-26 15:40 - 00162850 _____ C:\Windows\system32\C_932.NLS
2016-10-11 05:35 - 2016-07-23 20:18 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-10-11 05:35 - 2016-07-23 20:12 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-10-11 04:33 - 2016-10-11 04:35 - 95838760 _____ (Aslain ) C:\Users\David\Downloads\Aslains_WoT_Modpack_Installer_v.9.16_05.1.exe
2016-10-10 04:53 - 2016-10-10 04:52 - 01469096 _____ C:\Users\David\Desktop\jump kill elc amx.wotreplay
2016-10-08 07:38 - 2016-10-08 07:37 - 00675634 _____ C:\Users\David\Desktop\arty miss shot kill 1 výstřel.wotreplay
2016-10-04 19:26 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-10-04 19:26 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-10-04 19:24 - 2016-10-04 19:24 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-10-04 19:24 - 2016-10-04 19:24 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-10-04 19:09 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-10-04 19:09 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-09-28 05:37 - 2016-09-28 05:37 - 00000000 ____D C:\Users\David\Documents\League of Legends
2016-09-28 05:33 - 2016-09-28 05:33 - 00000000 ____D C:\Users\David\AppData\Roaming\LolClient
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Program Files\MSBuild
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-27 18:07 - 2016-09-27 18:07 - 00000000 ____D C:\ProgramData\Riot Games
2016-09-27 18:06 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2016-09-27 18:06 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2016-09-27 18:05 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-09-27 18:05 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-09-27 18:05 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-09-27 18:04 - 2016-09-27 18:04 - 00000000 ____D C:\Users\David\AppData\Roaming\Riot Games
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-19 18:48 - 2016-07-25 14:22 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2016-10-19 17:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2016-10-19 17:37 - 2014-03-18 17:49 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-19 17:37 - 2014-03-18 17:01 - 00738682 _____ C:\Windows\system32\perfh005.dat
2016-10-19 17:37 - 2014-03-18 17:01 - 00151404 _____ C:\Windows\system32\perfc005.dat
2016-10-19 17:37 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-10-19 17:32 - 2016-08-14 13:57 - 00000000 ____D C:\AdwCleaner
2016-10-19 17:32 - 2016-07-19 21:08 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-19 17:32 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-19 09:57 - 2016-07-19 20:27 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1677953910-3497094135-4251479096-1001
2016-10-19 09:51 - 2016-07-19 20:59 - 00003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-10-19 09:46 - 2016-07-21 17:54 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2016-10-18 05:25 - 2016-07-19 20:59 - 00003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2016-10-16 11:17 - 2016-07-25 15:04 - 00000000 ____D C:\Users\David\AppData\Local\ElevatedDiagnostics
2016-10-15 08:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-10-14 10:36 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\System
2016-10-14 10:33 - 2016-09-17 17:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-12 19:04 - 2013-08-22 16:44 - 00492448 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 18:18 - 2016-07-23 23:18 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 18:18 - 2014-12-03 02:30 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 18:18 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-10-12 11:11 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-10-12 11:10 - 2016-07-20 19:09 - 00474112 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-12 11:09 - 2016-07-21 16:48 - 00000000 ____D C:\Windows\system32\MRT
2016-10-12 11:08 - 2016-07-21 16:48 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-11 16:30 - 2016-07-19 20:22 - 00000000 ____D C:\Users\David
2016-10-11 05:37 - 2016-07-19 21:20 - 00000000 ____D C:\Windows\Panther
2016-10-11 05:34 - 2016-07-19 21:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-11 05:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SchCache
2016-10-04 19:23 - 2013-08-22 15:25 - 00000167 _____ C:\Windows\win.ini
2016-10-02 15:24 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-10-01 02:15 - 2013-08-22 17:38 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-01 02:15 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-01 01:08 - 2016-09-11 22:30 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-01 01:08 - 2016-09-11 22:30 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-30 15:24 - 2016-07-21 14:21 - 00000000 ____D C:\Users\David\Desktop\Hry
2016-09-27 18:08 - 2016-07-19 21:18 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-27 18:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-09-27 18:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\MUI
2016-09-23 15:22 - 2016-07-25 14:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-23 15:22 - 2016-07-25 14:22 - 00000000 ____D C:\ProgramData\Skype
==================== Files in the root of some directories =======
2016-07-19 21:02 - 2016-07-19 21:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-20 13:48 - 2016-08-20 13:48 - 0000016 _____ () C:\ProgramData\mntemp
Some files in TEMP:
====================
C:\Users\David\AppData\Local\Temp\libeay32.dll
C:\Users\David\AppData\Local\Temp\msvcr120.dll
C:\Users\David\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-12 05:14
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:232.37 GB) (Free:171.32 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.39 GB) (Free:796.95 GB) NTFS
Available physical RAM: 15038.69 MB
Total physical RAM: 16346.65 MB
Percentage of memory in use: 8%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Disk: 1 (Size: 232.9 GB) (Disk ID: 00000000)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d20c6b24c01fd1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\David\Desktop" je 6 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by David (administrator) on MSI (19-10-2016 18:49:50)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Platform: Windows 8.1 Enterprise (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(forum.viry.cz) C:\Users\David\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8804608 2016-04-29] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29538432 2016-08-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\...\Policies\system: [DisableLockWorkstation] 0
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-1677953910-3497094135-4251479096-1001] => 127.0.0.1:8118
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{BD3BF592-8161-4AB4-B78E-2D4492EBCB82}: [DhcpNameServer] 192.168.0.1
ManualProxies:
Internet Explorer:
==================
HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-07-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-07-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-11] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 65-291&t=4
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 65-291&t=4"
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2016-10-19]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-10]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-11]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-10]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-21]
CHR Extension: (d77718b95afb9c715ed57e26321e9e21_2) - C:\Program Files (x86)\Google\Chrome\Application\d77718b95afb9c715ed57e26321e9e21_2 [2016-09-12]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation)
R2 SbaService; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\SbaService.exe [26296 2015-10-14] (Intel Corporation)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d62x64.sys [510952 2015-11-24] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET)
R3 iaLPSS2_GPIO2; C:\Windows\system32\DRIVERS\iaLPSS2_GPIO2.sys [84264 2015-05-29] (Intel Corporation)
R3 iaLPSS2_I2C; C:\Windows\system32\DRIVERS\iaLPSS2_I2C.sys [185128 2015-05-29] (Intel Corporation)
R3 iaLPSS2_UART2; C:\Windows\system32\DRIVERS\iaLPSS2_UART2.sys [281896 2015-05-29] (Intel Corporation)
R3 iusb3adp; C:\Windows\System32\drivers\iusb3adp.sys [37672 2015-07-31] (Intel)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-07-11] (NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 ISODrive; \??\D:\Hry\UltraISO\UltraISO\drivers\ISODrv64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-19 17:30 - 2016-10-19 17:31 - 03910208 _____ C:\Users\David\Downloads\adwcleaner_6.030.exe
2016-10-19 15:47 - 2016-10-19 15:58 - 00000069 _____ C:\Users\David\Desktop\viry.cz.txt
2016-10-19 15:44 - 2016-10-19 15:44 - 00007373 _____ C:\Users\David\Desktop\Addition.rar
2016-10-19 15:41 - 2016-10-19 18:49 - 00009408 _____ C:\Users\David\Desktop\FRST.txt
2016-10-19 15:39 - 2016-10-19 18:49 - 00000000 ____D C:\FRST
2016-10-19 15:38 - 2016-10-19 15:38 - 00112640 _____ (forum.viry.cz) C:\Users\David\Desktop\FRSTLauncher.exe
2016-10-19 15:37 - 2016-10-19 15:37 - 02407424 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2016-10-15 11:19 - 2016-10-15 11:19 - 00048518 _____ C:\Users\David\Desktop\uvolneni_z_TEV.pdf
2016-10-12 10:44 - 2016-10-01 02:22 - 07444312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-12 10:44 - 2016-09-30 09:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-12 10:44 - 2016-09-30 08:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-12 10:44 - 2016-09-30 08:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-12 10:44 - 2016-09-30 08:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-12 10:44 - 2016-09-30 08:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-12 10:44 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-12 10:44 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-12 10:44 - 2016-09-30 07:41 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-12 10:44 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-12 10:44 - 2016-09-30 07:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-12 10:44 - 2016-09-30 07:33 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-12 10:44 - 2016-09-30 07:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-12 10:44 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-12 10:44 - 2016-09-30 07:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-12 10:44 - 2016-09-30 07:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-12 10:44 - 2016-09-30 07:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-12 10:44 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-12 10:44 - 2016-09-30 07:11 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-12 10:44 - 2016-09-30 07:06 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-12 10:44 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-12 10:44 - 2016-09-30 07:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-12 10:44 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-12 10:44 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-12 10:44 - 2016-09-30 06:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-12 10:44 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-12 10:44 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-12 10:44 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-12 10:44 - 2016-09-17 20:16 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-12 10:44 - 2016-09-17 19:53 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-12 10:44 - 2016-09-17 19:21 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-12 10:44 - 2016-09-17 19:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-12 10:44 - 2016-09-17 19:02 - 01446400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-12 10:44 - 2016-09-14 03:53 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-12 10:44 - 2016-09-14 03:53 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-10-12 10:44 - 2016-09-14 03:53 - 01490112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-12 10:44 - 2016-09-14 03:53 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-10-12 10:44 - 2016-09-13 01:48 - 00085680 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-12 10:44 - 2016-09-13 00:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2016-10-12 10:44 - 2016-09-12 23:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2016-10-12 10:44 - 2016-09-09 16:17 - 04170752 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-12 10:44 - 2016-09-09 15:38 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-12 10:44 - 2016-09-09 15:38 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-12 10:44 - 2016-09-08 22:41 - 00121176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2016-10-12 10:44 - 2016-09-08 16:00 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-12 10:44 - 2016-09-08 16:00 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-12 10:44 - 2016-09-08 00:07 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-12 10:44 - 2016-09-07 23:59 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-10-12 10:44 - 2016-09-07 23:59 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-12 10:44 - 2016-09-07 23:57 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-12 10:44 - 2016-09-07 23:56 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-10-12 10:44 - 2016-08-31 19:22 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-12 10:44 - 2016-08-31 18:33 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-12 10:43 - 2016-08-27 21:44 - 22360288 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-12 10:43 - 2016-08-27 21:44 - 02755504 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-12 10:43 - 2016-08-27 21:44 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2016-10-12 10:43 - 2016-08-27 20:26 - 19789232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-12 10:43 - 2016-08-27 20:26 - 02411048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-12 10:43 - 2016-08-27 20:26 - 00113656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2016-10-12 10:43 - 2016-08-27 18:33 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-10-12 10:43 - 2016-08-27 18:11 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-10-12 10:43 - 2016-08-27 18:09 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-10-12 10:43 - 2016-08-27 17:55 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-10-11 10:34 - 2016-10-11 10:33 - 01062881 _____ C:\Users\David\Desktop\11.40 arty miss shot kill lttb.wotreplay
2016-10-11 05:37 - 2016-10-12 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-11 05:36 - 2016-10-12 19:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-11 05:36 - 2016-10-12 19:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-11 05:36 - 2016-10-11 05:37 - 00000000 ____D C:\Program Files\CCleaner
2016-10-11 05:36 - 2016-10-11 05:36 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-10-11 05:36 - 2016-10-11 05:36 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-11 05:36 - 2016-10-11 05:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-11 05:36 - 2016-08-11 15:12 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:12 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-10-11 05:36 - 2016-08-11 15:11 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:11 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-10-11 05:36 - 2016-08-11 15:11 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-10-11 05:35 - 2016-08-25 22:50 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-10-11 05:35 - 2016-08-25 21:40 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-10-11 05:35 - 2016-08-21 00:24 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-11 05:35 - 2016-08-21 00:12 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-11 05:35 - 2016-08-13 02:05 - 09323008 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-11 05:35 - 2016-08-13 02:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys
2016-10-11 05:35 - 2016-08-13 02:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2016-10-11 05:35 - 2016-08-13 02:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2016-10-11 05:35 - 2016-08-13 00:35 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2016-10-11 05:35 - 2016-08-13 00:19 - 09323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-11 05:35 - 2016-08-12 23:47 - 15431168 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-11 05:35 - 2016-08-12 23:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-10-11 05:35 - 2016-08-12 22:52 - 13317120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-11 05:35 - 2016-08-12 03:58 - 02315496 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-10-11 05:35 - 2016-08-12 03:58 - 01946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-10-11 05:35 - 2016-08-11 20:33 - 00096256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys
2016-10-11 05:35 - 2016-08-11 20:33 - 00083456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-10-11 05:35 - 2016-08-11 20:33 - 00023040 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys
2016-10-11 05:35 - 2016-08-11 19:17 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-10-11 05:35 - 2016-08-11 15:39 - 00445765 _____ C:\Windows\system32\ApnDatabase.xml
2016-10-11 05:35 - 2016-08-11 07:46 - 00420184 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-10-11 05:35 - 2016-08-03 17:42 - 01317888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-10-11 05:35 - 2016-08-03 17:36 - 01102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-10-11 05:35 - 2016-08-03 17:36 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2016-10-11 05:35 - 2016-08-03 17:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2016-10-11 05:35 - 2016-07-30 19:12 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-10-11 05:35 - 2016-07-30 18:36 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-10-11 05:35 - 2016-07-26 15:40 - 00162850 _____ C:\Windows\SysWOW64\C_932.NLS
2016-10-11 05:35 - 2016-07-26 15:40 - 00162850 _____ C:\Windows\system32\C_932.NLS
2016-10-11 05:35 - 2016-07-23 20:18 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-10-11 05:35 - 2016-07-23 20:12 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-10-11 04:33 - 2016-10-11 04:35 - 95838760 _____ (Aslain ) C:\Users\David\Downloads\Aslains_WoT_Modpack_Installer_v.9.16_05.1.exe
2016-10-10 04:53 - 2016-10-10 04:52 - 01469096 _____ C:\Users\David\Desktop\jump kill elc amx.wotreplay
2016-10-08 07:38 - 2016-10-08 07:37 - 00675634 _____ C:\Users\David\Desktop\arty miss shot kill 1 výstřel.wotreplay
2016-10-04 19:26 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-10-04 19:26 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-10-04 19:24 - 2016-10-04 19:24 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-10-04 19:24 - 2016-10-04 19:24 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-10-04 19:09 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-10-04 19:09 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-09-28 05:37 - 2016-09-28 05:37 - 00000000 ____D C:\Users\David\Documents\League of Legends
2016-09-28 05:33 - 2016-09-28 05:33 - 00000000 ____D C:\Users\David\AppData\Roaming\LolClient
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Program Files\MSBuild
2016-09-27 18:08 - 2016-09-27 18:08 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-27 18:07 - 2016-09-27 18:07 - 00000000 ____D C:\ProgramData\Riot Games
2016-09-27 18:06 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2016-09-27 18:06 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2016-09-27 18:05 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-09-27 18:05 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-09-27 18:05 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-09-27 18:04 - 2016-09-27 18:04 - 00000000 ____D C:\Users\David\AppData\Roaming\Riot Games
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-19 18:48 - 2016-07-25 14:22 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2016-10-19 17:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2016-10-19 17:37 - 2014-03-18 17:49 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-19 17:37 - 2014-03-18 17:01 - 00738682 _____ C:\Windows\system32\perfh005.dat
2016-10-19 17:37 - 2014-03-18 17:01 - 00151404 _____ C:\Windows\system32\perfc005.dat
2016-10-19 17:37 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-10-19 17:32 - 2016-08-14 13:57 - 00000000 ____D C:\AdwCleaner
2016-10-19 17:32 - 2016-07-19 21:08 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-19 17:32 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-19 09:57 - 2016-07-19 20:27 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1677953910-3497094135-4251479096-1001
2016-10-19 09:51 - 2016-07-19 20:59 - 00003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-10-19 09:46 - 2016-07-21 17:54 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2016-10-18 05:25 - 2016-07-19 20:59 - 00003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2016-10-16 11:17 - 2016-07-25 15:04 - 00000000 ____D C:\Users\David\AppData\Local\ElevatedDiagnostics
2016-10-15 08:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-10-14 10:36 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\System
2016-10-14 10:33 - 2016-09-17 17:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-12 19:04 - 2013-08-22 16:44 - 00492448 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 18:18 - 2016-07-23 23:18 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 18:18 - 2014-12-03 02:30 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 18:18 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-10-12 11:11 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-10-12 11:10 - 2016-07-20 19:09 - 00474112 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-12 11:09 - 2016-07-21 16:48 - 00000000 ____D C:\Windows\system32\MRT
2016-10-12 11:08 - 2016-07-21 16:48 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-11 16:30 - 2016-07-19 20:22 - 00000000 ____D C:\Users\David
2016-10-11 05:37 - 2016-07-19 21:20 - 00000000 ____D C:\Windows\Panther
2016-10-11 05:34 - 2016-07-19 21:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-11 05:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SchCache
2016-10-04 19:23 - 2013-08-22 15:25 - 00000167 _____ C:\Windows\win.ini
2016-10-02 15:24 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-10-01 02:15 - 2013-08-22 17:38 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-01 02:15 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-01 01:08 - 2016-09-11 22:30 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-01 01:08 - 2016-09-11 22:30 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-30 15:24 - 2016-07-21 14:21 - 00000000 ____D C:\Users\David\Desktop\Hry
2016-09-27 18:08 - 2016-07-19 21:18 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-27 18:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-09-27 18:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\MUI
2016-09-23 15:22 - 2016-07-25 14:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-23 15:22 - 2016-07-25 14:22 - 00000000 ____D C:\ProgramData\Skype
==================== Files in the root of some directories =======
2016-07-19 21:02 - 2016-07-19 21:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-20 13:48 - 2016-08-20 13:48 - 0000016 _____ () C:\ProgramData\mntemp
Some files in TEMP:
====================
C:\Users\David\AppData\Local\Temp\libeay32.dll
C:\Users\David\AppData\Local\Temp\msvcr120.dll
C:\Users\David\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-12 05:14
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:232.37 GB) (Free:171.32 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.39 GB) (Free:796.95 GB) NTFS
Available physical RAM: 15038.69 MB
Total physical RAM: 16346.65 MB
Percentage of memory in use: 8%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Disk: 1 (Size: 232.9 GB) (Disk ID: 00000000)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d20c6b24c01fd1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\David\Desktop" je 6 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Re: Vir
Nastavenie proxy 127.0.0.1:8118
Mas to umyselne a je to spravne?
Mas to umyselne a je to spravne?
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Vir
ne normálně mi nejde internet a píše že to nejde kvůli proxy.
použil jsem tenhle návod, jinak nevím jak si proxy nastavit jinak, v tomhle jsem amatér.
https://www.youtube.com/watch?v=ImnvBqJRE60
použil jsem tenhle návod, jinak nevím jak si proxy nastavit jinak, v tomhle jsem amatér.
https://www.youtube.com/watch?v=ImnvBqJRE60
Re: Vir
Ten navod nie je zly, ak mas zaskrtnute - nepouzivat proxy, potom je to OK
Aj tak doporucujem prescanovat s MBAM, a odstranit najdene
Potom napis, ci je nejaky problem?
Aj tak doporucujem prescanovat s MBAM, a odstranit najdene
Potom napis, ci je nejaky problem?
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Vir
Restartuj PC do nudzoveho rezimu, tam spust kompletnu kontrolu, trva dlhsie, nechaj najdene odstranit, restart do normal rezimu
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Vir
Co teď? skenoval jsem to ale v normálním režimu ne v nouzovém. skenovalo se to cca 45 min? postupoval jsem podle vašeho návodu na MBAM, mam je odstranit všechny?
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 20. 10. 2016
Čas skenování: 18:00
Protokol: MBAM sken.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.10.20.08
Databáze rootkitů: v2016.09.26.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: David
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 509540
Uplynulý čas: 36 min, 32 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 1
PUP.Optional.Privoxy, C:\Program Files (x86)\SmartComp Safe Network\privoxy.exe, 4156, , [c9af59423c5e7eb8a6129c36ae548c74]
Moduly: 1
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network\mgwz.dll, , [f286059622781224e8ee4d5e3ec4f20e],
Klíče registru: 2
PUP.Optional.Privoxy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SmartComp Safe Network Schedualer, , [7701faa16a302610acbf876cca398b75],
PUP.Optional.Privoxy, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PRIVOXYSERVICE, , [c9af59423c5e7eb8a6129c36ae548c74],
Hodnoty registru: 2
PUP.Optional.Privoxy, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PRIVOXYSERVICE|ImagePath, "C:\Program Files (x86)\SmartComp Safe Network\privoxy.exe" --service, , [c9af59423c5e7eb8a6129c36ae548c74]
PUM.Optional.ProxyHijacker, HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, 127.0.0.1:8118, , [9ddb910a5b3ff046871fb31e907310f0]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 1
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network, , [f286059622781224e8ee4d5e3ec4f20e],
Soubory: 11
Backdoor.Agent.WD, C:\Users\David\AppData\Local\Temp\GPUpd580868860.exe, , [df9924778d0d2e085cc179a0a0600bf5],
PUP.Optional.CrossRider, C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, , [c8b048530b8f70c691ffba2f4cb75ca4],
PUP.Optional.CrossRider, C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, , [1e5a4d4e811971c51d73e207f70c0000],
PUP.Optional.Privoxy, C:\Windows\System32\Tasks\SmartComp Safe Network Schedualer, , [cfa93269dac0ff37bfa6c82b54af01ff],
PUP.Optional.Privoxy, C:\Program Files (x86)\SmartComp Safe Network\privoxy.exe, , [c9af59423c5e7eb8a6129c36ae548c74],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network\config.txt, , [f286059622781224e8ee4d5e3ec4f20e],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network\default.action, , [f286059622781224e8ee4d5e3ec4f20e],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network\default.filter, , [f286059622781224e8ee4d5e3ec4f20e],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network\mgwz.dll, , [f286059622781224e8ee4d5e3ec4f20e],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network\msnworker.exe, , [f286059622781224e8ee4d5e3ec4f20e],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network\privoxy.log, , [f286059622781224e8ee4d5e3ec4f20e],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 20. 10. 2016
Čas skenování: 18:00
Protokol: MBAM sken.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.10.20.08
Databáze rootkitů: v2016.09.26.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: David
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 509540
Uplynulý čas: 36 min, 32 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 1
PUP.Optional.Privoxy, C:\Program Files (x86)\SmartComp Safe Network\privoxy.exe, 4156, , [c9af59423c5e7eb8a6129c36ae548c74]
Moduly: 1
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network\mgwz.dll, , [f286059622781224e8ee4d5e3ec4f20e],
Klíče registru: 2
PUP.Optional.Privoxy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SmartComp Safe Network Schedualer, , [7701faa16a302610acbf876cca398b75],
PUP.Optional.Privoxy, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PRIVOXYSERVICE, , [c9af59423c5e7eb8a6129c36ae548c74],
Hodnoty registru: 2
PUP.Optional.Privoxy, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PRIVOXYSERVICE|ImagePath, "C:\Program Files (x86)\SmartComp Safe Network\privoxy.exe" --service, , [c9af59423c5e7eb8a6129c36ae548c74]
PUM.Optional.ProxyHijacker, HKU\S-1-5-21-1677953910-3497094135-4251479096-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, 127.0.0.1:8118, , [9ddb910a5b3ff046871fb31e907310f0]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 1
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network, , [f286059622781224e8ee4d5e3ec4f20e],
Soubory: 11
Backdoor.Agent.WD, C:\Users\David\AppData\Local\Temp\GPUpd580868860.exe, , [df9924778d0d2e085cc179a0a0600bf5],
PUP.Optional.CrossRider, C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, , [c8b048530b8f70c691ffba2f4cb75ca4],
PUP.Optional.CrossRider, C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, , [1e5a4d4e811971c51d73e207f70c0000],
PUP.Optional.Privoxy, C:\Windows\System32\Tasks\SmartComp Safe Network Schedualer, , [cfa93269dac0ff37bfa6c82b54af01ff],
PUP.Optional.Privoxy, C:\Program Files (x86)\SmartComp Safe Network\privoxy.exe, , [c9af59423c5e7eb8a6129c36ae548c74],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network\config.txt, , [f286059622781224e8ee4d5e3ec4f20e],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network\default.action, , [f286059622781224e8ee4d5e3ec4f20e],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network\default.filter, , [f286059622781224e8ee4d5e3ec4f20e],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network\mgwz.dll, , [f286059622781224e8ee4d5e3ec4f20e],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network\msnworker.exe, , [f286059622781224e8ee4d5e3ec4f20e],
PUP.Optional.PrxySvrRST, C:\Program Files (x86)\SmartComp Safe Network\privoxy.log, , [f286059622781224e8ee4d5e3ec4f20e],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Vir
V pohode, najdene nechaj odstranit
Variantu z nudzovym rezimom pouzi, iba ak by sa virus vratil
Variantu z nudzovym rezimom pouzi, iba ak by sa virus vratil
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Vir
Zalezi od toho, kedy sa problemy objavia ,,,
Ak do 2-3 dni, tak napis sem
Ak neskor, zaloz novu temu s odkazom sem
Ak do 2-3 dni, tak napis sem
Ak neskor, zaloz novu temu s odkazom sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/