- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
Ran by Skrillexer (administrator) on ASUS-HORNY (22-01-2018 06:47:16)
Running from C:\Users\Skrillexer\Desktop\AntiVir PROGRÁMKY
Loaded Profiles: Skrillexer & Administrator (Available Profiles: Skrillexer & Administrator)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Users\Skrillexer\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Skrillexer\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\RunOnce: [Gamiconemu] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\SKRILL~1\AppData\Local\783F9B~1\Cegahikec.dat"
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\Run: [uTorrent] => C:\Users\Skrillexer\AppData\Roaming\uTorrent\utorrent.exe [1696096 2015-09-19] (BitTorrent Inc.)
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\Run: [Steam] => D:\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\Run: [MK LOL] => "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Skrillexer\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Skrillexer\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\MountPoints2: {5de7855a-5f0c-11e5-be86-10c37b1f4da4} - "F:\m.exe"
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\MountPoints2: {7424cbd0-6948-11e5-be89-10c37b1f4da4} - "G:\m.exe"
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\MountPoints2: {7424dda8-6948-11e5-be89-10c37b1f4da4} - "H:\setup.exe"
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\MountPoints2: {7866eac9-6a1a-11e7-bfcb-10c37b1f4da4} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-770707743-2238207204-2158057649-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [181280 2017-01-25] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [181280 2017-01-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [158392 2017-01-25] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-04-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.2.1.1 8.8.8.8
Tcpip\..\Interfaces\{9917FFF6-BAAB-4085-9F86-CE9916B8BD82}: [DhcpNameServer] 10.2.1.1 8.8.8.8
Tcpip\..\Interfaces\{DDAB6577-74C5-445D-9499-9BA5A3F474B0}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Internet Explorer:
==================
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-770707743-2238207204-2158057649-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-770707743-2238207204-2158057649-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll => No File
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-01-04] (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll => No File
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-01-04] (McAfee, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL => No File
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-01-04] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-01-04] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Skrillexer\AppData\Roaming\Mozilla\Firefox\Profiles\pjxovhhp.default-1489878830048
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin HKU\S-1-5-21-770707743-2238207204-2158057649-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Skrillexer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: No Name - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-01-22]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
Chrome:
=======
CHR Profile: C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace) - C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-01-11]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-01-11]
CHR Extension: (YouTube) - C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky) - C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-01-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-01-11]
CHR Extension: (Gmail) - C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-26]
CHR Extension: (Chrome Media Router) - C:\Users\Skrillexer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-770707743-2238207204-2158057649-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-770707743-2238207204-2158057649-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-770707743-2238207204-2158057649-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-07] (Broadcom Corporation.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604312 2018-01-04] (McAfee, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-11-16] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S2 ClickToRunSvc; "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUS Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-07] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8462000 2014-04-18] (Broadcom Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-09-19] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 hitmanpro37; C:\WINDOWS\SysWOW64\drivers\hitmanpro37.sys [30616 2018-01-22] ()
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2018-01-22] (Malwarebytes)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-05-03] (NVIDIA Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 cpuz139; \??\C:\Users\SKRILL~1\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-22 06:12 - 2018-01-22 06:12 - 00000000 ____D C:\Program Files\Common Files\Avast Software
2018-01-22 06:09 - 2018-01-22 06:22 - 00000308 _____ C:\WINDOWS\Tasks\{783F9B6B-C98B-BCA3-13A3-17ED48324CE0}.job
2018-01-22 06:09 - 2018-01-22 06:09 - 00002646 _____ C:\WINDOWS\System32\Tasks\{783F9B6B-C98B-BCA3-13A3-17ED48324CE0}
2018-01-22 06:09 - 2018-01-22 06:09 - 00000000 ____D C:\Users\Skrillexer\AppData\Local\783F9B6B-C98B-BCA3-13A3-17ED48324CE0
2018-01-22 06:08 - 2018-01-22 06:22 - 00000000 ____D C:\Program Files (x86)\McAfee
2018-01-22 06:08 - 2018-01-22 06:11 - 00000000 ____D C:\ProgramData\AVAST Software
2018-01-22 06:08 - 2018-01-22 06:09 - 00000000 ____D C:\Users\Skrillexer\AppData\Local\cisoseso
2018-01-22 06:08 - 2018-01-22 06:09 - 00000000 ____D C:\Users\Skrillexer\AppData\Local\{B410824C-90B8-EEF4-FD20-CB1CD9483784}
2018-01-22 06:08 - 2018-01-22 06:08 - 00004366 _____ C:\WINDOWS\System32\Tasks\Chromium mesec
2018-01-22 06:08 - 2018-01-22 06:08 - 00000000 ____D C:\ProgramData\{E5052066-6F47-AAA0-E981-34E273C3BF2C}
2018-01-22 06:08 - 2018-01-22 06:08 - 00000000 ____D C:\Program Files\AVAST Software
2018-01-22 06:07 - 2018-01-22 06:07 - 09991328 _____ (Microsoft Corporation) C:\Users\Skrillexer\Downloads\microsoft_word.exe
2018-01-11 02:22 - 2017-12-21 00:56 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-01-11 02:22 - 2017-12-21 00:56 - 00177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-09 23:18 - 2018-01-20 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-01-09 11:23 - 2018-01-02 08:56 - 02530400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-01-09 11:23 - 2018-01-02 07:39 - 22374248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-09 11:23 - 2018-01-02 07:39 - 07408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-09 11:23 - 2018-01-02 07:39 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-09 11:23 - 2018-01-02 07:39 - 00418648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-09 11:23 - 2018-01-02 07:38 - 02176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-01-09 11:23 - 2018-01-02 07:38 - 01662096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-09 11:23 - 2018-01-02 07:37 - 01676056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-09 11:23 - 2018-01-02 07:37 - 01536120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-09 11:23 - 2018-01-02 07:37 - 01500432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-09 11:23 - 2018-01-02 07:37 - 01371352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-09 11:23 - 2018-01-02 07:37 - 01135280 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-01-09 11:23 - 2018-01-02 07:35 - 00989528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-09 11:23 - 2018-01-02 07:03 - 25739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-09 11:23 - 2018-01-02 07:00 - 19790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-09 11:23 - 2018-01-02 06:59 - 01565520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-01-09 11:23 - 2018-01-02 06:59 - 01213784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-09 11:23 - 2018-01-02 06:38 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-09 11:23 - 2018-01-02 06:30 - 02900480 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-09 11:23 - 2018-01-02 06:28 - 05796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-09 11:23 - 2018-01-02 06:20 - 20275200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-09 11:23 - 2018-01-02 05:49 - 02294272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-09 11:23 - 2018-01-02 05:44 - 15284224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-09 11:23 - 2018-01-02 05:40 - 01436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-09 11:23 - 2018-01-02 05:29 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-01-09 11:23 - 2018-01-02 05:27 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-09 11:23 - 2018-01-02 05:26 - 03241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-09 11:23 - 2018-01-02 05:25 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-09 11:23 - 2018-01-02 05:23 - 04508160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-09 11:23 - 2018-01-02 05:20 - 13680128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-09 11:23 - 2018-01-02 05:16 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-09 11:23 - 2018-01-02 05:11 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2018-01-09 11:23 - 2018-01-02 05:06 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-09 11:23 - 2018-01-02 04:57 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2018-01-09 11:23 - 2018-01-02 04:55 - 03548160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-01-09 11:23 - 2017-12-10 14:46 - 07079424 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2018-01-09 11:23 - 2017-12-10 14:24 - 05275136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2018-01-09 11:23 - 2017-12-10 14:06 - 07797760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-09 11:23 - 2017-12-10 13:59 - 05270528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-09 11:23 - 2017-12-06 05:42 - 02452816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-09 11:23 - 2017-12-05 17:58 - 04168192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2018-01-09 11:22 - 2018-01-02 09:00 - 00590680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-09 11:22 - 2018-01-02 09:00 - 00242520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2018-01-09 11:22 - 2018-01-02 09:00 - 00214392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-09 11:22 - 2018-01-02 08:56 - 00567656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-09 11:22 - 2018-01-02 08:56 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-01-09 11:22 - 2018-01-02 08:56 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-09 11:22 - 2018-01-02 07:39 - 00354648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-09 11:22 - 2018-01-02 07:38 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-01-09 11:22 - 2018-01-02 07:37 - 01737600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-09 11:22 - 2018-01-02 07:37 - 00685440 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-09 11:22 - 2018-01-02 07:35 - 01307840 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-09 11:22 - 2018-01-02 07:05 - 00164296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-09 11:22 - 2018-01-02 07:03 - 00341384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-01-09 11:22 - 2018-01-02 07:01 - 01902328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-01-09 11:22 - 2018-01-02 06:58 - 01502000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-09 11:22 - 2018-01-02 06:48 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-09 11:22 - 2018-01-02 06:40 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-09 11:22 - 2018-01-02 06:39 - 00686080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-09 11:22 - 2018-01-02 06:39 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-09 11:22 - 2018-01-02 06:39 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-09 11:22 - 2018-01-02 06:39 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-09 11:22 - 2018-01-02 06:38 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-01-09 11:22 - 2018-01-02 06:38 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-09 11:22 - 2018-01-02 06:38 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-01-09 11:22 - 2018-01-02 06:38 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-01-09 11:22 - 2018-01-02 06:38 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2018-01-09 11:22 - 2018-01-02 06:38 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-01-09 11:22 - 2018-01-02 06:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-09 11:22 - 2018-01-02 06:37 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-09 11:22 - 2018-01-02 06:34 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-09 11:22 - 2018-01-02 06:31 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2018-01-09 11:22 - 2018-01-02 06:28 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-09 11:22 - 2018-01-02 06:28 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-09 11:22 - 2018-01-02 06:28 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2018-01-09 11:22 - 2018-01-02 06:28 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-09 11:22 - 2018-01-02 06:19 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2018-01-09 11:22 - 2018-01-02 06:18 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-09 11:22 - 2018-01-02 06:17 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-09 11:22 - 2018-01-02 06:17 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2018-01-09 11:22 - 2018-01-02 06:16 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-09 11:22 - 2018-01-02 06:09 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-01-09 11:22 - 2018-01-02 06:06 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-09 11:22 - 2018-01-02 06:02 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-01-09 11:22 - 2018-01-02 05:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2018-01-09 11:22 - 2018-01-02 05:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2018-01-09 11:22 - 2018-01-02 05:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2018-01-09 11:22 - 2018-01-02 05:56 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2018-01-09 11:22 - 2018-01-02 05:54 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-09 11:22 - 2018-01-02 05:53 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-09 11:22 - 2018-01-02 05:52 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-09 11:22 - 2018-01-02 05:51 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-09 11:22 - 2018-01-02 05:48 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-09 11:22 - 2018-01-02 05:45 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2018-01-09 11:22 - 2018-01-02 05:44 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-09 11:22 - 2018-01-02 05:43 - 00662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-09 11:22 - 2018-01-02 05:42 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-09 11:22 - 2018-01-02 05:42 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-09 11:22 - 2018-01-02 05:41 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-09 11:22 - 2018-01-02 05:40 - 00807936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-09 11:22 - 2018-01-02 05:40 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-09 11:22 - 2018-01-02 05:38 - 02134528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-09 11:22 - 2018-01-02 05:37 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-01-09 11:22 - 2018-01-02 05:34 - 01217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-09 11:22 - 2018-01-02 05:34 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-09 11:22 - 2018-01-02 05:33 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-01-09 11:22 - 2018-01-02 05:33 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-01-09 11:22 - 2018-01-02 05:33 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-09 11:22 - 2018-01-02 05:32 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-09 11:22 - 2018-01-02 05:29 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-09 11:22 - 2018-01-02 05:27 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2018-01-09 11:22 - 2018-01-02 05:25 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-09 11:22 - 2018-01-02 05:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-09 11:22 - 2018-01-02 05:23 - 02882048 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-09 11:22 - 2018-01-02 05:22 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-09 11:22 - 2018-01-02 05:22 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-09 11:22 - 2018-01-02 05:21 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-09 11:22 - 2018-01-02 05:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-09 11:22 - 2018-01-02 05:18 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-09 11:22 - 2018-01-02 05:17 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-09 11:22 - 2018-01-02 05:17 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-09 11:22 - 2018-01-02 05:17 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-09 11:22 - 2018-01-02 05:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-09 11:22 - 2018-01-02 05:16 - 02058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-09 11:22 - 2018-01-02 05:16 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-09 11:22 - 2018-01-02 05:16 - 00464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-09 11:22 - 2018-01-02 05:15 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-09 11:22 - 2018-01-02 05:13 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-09 11:22 - 2018-01-02 05:11 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-09 11:22 - 2018-01-02 05:09 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-09 11:22 - 2018-01-02 05:09 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-01-09 11:22 - 2018-01-02 05:09 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-09 11:22 - 2018-01-02 05:08 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-09 11:22 - 2018-01-02 05:07 - 01265664 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-09 11:22 - 2018-01-02 05:07 - 00440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-09 11:22 - 2018-01-02 05:05 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-09 11:22 - 2018-01-02 05:04 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-09 11:22 - 2018-01-02 04:59 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-09 11:22 - 2018-01-02 04:58 - 02767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-09 11:22 - 2018-01-02 04:56 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-01-09 11:22 - 2018-01-02 04:54 - 01313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-09 11:22 - 2018-01-02 04:53 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-09 11:22 - 2017-12-29 09:21 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2018-01-09 11:22 - 2017-12-15 00:26 - 00374096 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-09 11:22 - 2017-12-14 22:39 - 00315736 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-09 11:22 - 2017-12-14 11:19 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-09 11:22 - 2017-12-14 11:17 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-09 11:22 - 2017-12-10 14:59 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-09 11:22 - 2017-12-10 14:58 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-05 22:23 - 2018-01-05 22:23 - 00000799 _____ C:\Users\Administrator\Desktop\Mafia.lnk
2018-01-05 22:23 - 2018-01-05 22:23 - 00000000 ____D C:\Users\Skrillexer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
2018-01-05 22:19 - 2018-01-05 23:16 - 00000000 ____D C:\Program Files\Mafia
2018-01-05 21:00 - 2018-01-05 21:00 - 00000000 ____D C:\Program Files (x86)\directx
2018-01-05 20:59 - 2018-01-05 20:59 - 00000000 ____D C:\Program Files (x86)\Creative
2018-01-05 20:59 - 2003-04-09 04:28 - 00233472 ____R () C:\WINDOWS\SysWOW64\MafiaSetup.exe
2018-01-05 20:59 - 2002-06-06 14:38 - 00139264 _____ (Creative Technology Ltd) C:\WINDOWS\SysWOW64\eax.dll
2018-01-05 20:59 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2018-01-05 20:56 - 2018-01-05 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2018-01-05 20:47 - 2003-04-09 04:28 - 00233472 ____R () C:\Users\Skrillexer\AppData\Roaming\MafiaSetup.exe
2018-01-05 17:19 - 2018-01-05 17:50 - 00000000 ____D C:\Users\Skrillexer\Downloads\Mafia - The City of Lost Heaven [PC-Game]
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-22 06:47 - 2015-07-23 09:43 - 00000000 ____D C:\FRST
2018-01-22 06:47 - 2015-04-22 09:13 - 00000000 ___RD C:\Users\Skrillexer\Desktop\AntiVir PROGRÁMKY
2018-01-22 06:46 - 2015-09-19 19:31 - 00030616 _____ C:\WINDOWS\SysWOW64\Drivers\hitmanpro37.sys
2018-01-22 06:42 - 2017-09-18 21:59 - 00000000 ____D C:\Users\Skrillexer\Desktop\Auto
2018-01-22 06:29 - 2017-07-22 15:03 - 00000000 ____D C:\Users\Skrillexer\AppData\Roaming\Seznam.cz
2018-01-22 06:26 - 2015-07-26 02:53 - 00000062 _____ C:\Users\Skrillexer\AppData\Roaming\sp_data.sys
2018-01-22 06:26 - 2014-08-25 23:01 - 00000000 ___RD C:\Users\Skrillexer\Desktop\Games
2018-01-22 06:24 - 2017-12-09 14:46 - 00252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-01-22 06:24 - 2015-07-26 13:56 - 00000000 __RDO C:\Users\Skrillexer\OneDrive
2018-01-22 06:23 - 2014-04-18 04:03 - 00000000 ____D C:\ProgramData\NVIDIA
2018-01-22 06:22 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-22 06:21 - 2013-08-22 15:44 - 05047888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-22 06:20 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2018-01-22 06:19 - 2015-04-29 17:07 - 00000000 ____D C:\AdwCleaner
2018-01-22 06:15 - 2015-07-26 14:01 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-770707743-2238207204-2158057649-1002
2018-01-22 06:10 - 2015-07-27 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-01-22 06:08 - 2013-05-01 12:18 - 00000000 ____D C:\ProgramData\McAfee
2018-01-22 06:05 - 2014-11-21 05:34 - 00000000 ____D C:\WINDOWS\ShellNew
2018-01-22 06:05 - 2013-05-01 12:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2018-01-22 06:03 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2018-01-22 05:35 - 2015-10-03 01:32 - 00000000 ____D C:\Users\Skrillexer\Downloads\QuadCoreM2
2018-01-22 05:12 - 2015-07-26 14:00 - 00003998 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{99BA6691-4500-4856-BCCE-CBB73FDFB55B}
2018-01-21 17:29 - 2015-07-26 14:16 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2018-01-21 17:29 - 2015-07-26 14:16 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2018-01-20 14:27 - 2015-07-26 14:10 - 00001324 _____ C:\Users\Public\Desktop\Skype.lnk
2018-01-20 14:26 - 2017-02-20 14:05 - 00000000 ____D C:\Users\Skrillexer\AppData\Local\CrashDumps
2018-01-20 02:36 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2018-01-12 00:20 - 2014-11-21 05:53 - 01748728 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-12 00:20 - 2014-11-21 05:10 - 00740822 _____ C:\WINDOWS\system32\perfh005.dat
2018-01-12 00:20 - 2014-11-21 05:10 - 00151948 _____ C:\WINDOWS\system32\perfc005.dat
2018-01-11 14:06 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2018-01-11 02:14 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2018-01-10 16:21 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2018-01-10 16:20 - 2015-07-26 04:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2018-01-10 16:16 - 2017-10-11 20:14 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-10 16:16 - 2015-07-26 04:32 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-09 23:18 - 2015-07-26 14:10 - 00000000 ____D C:\ProgramData\Skype
2018-01-09 23:17 - 2015-07-26 14:11 - 00000000 ____D C:\Users\Skrillexer\AppData\Roaming\Skype
2018-01-09 00:55 - 2016-12-29 00:02 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-09 00:55 - 2016-12-29 00:02 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-07 18:54 - 2017-09-03 15:20 - 00000089 _____ C:\Users\Skrillexer\Desktop\quadcore.txt
2018-01-05 21:37 - 2015-07-26 02:48 - 00000000 ____D C:\Users\Skrillexer\AppData\Local\VirtualStore
2018-01-05 20:46 - 2015-09-19 19:26 - 00000000 ____D C:\Users\Skrillexer\AppData\Roaming\uTorrent
2018-01-05 20:46 - 2015-04-22 07:04 - 00000000 ___RD C:\Users\Skrillexer\Desktop\Fotky
2018-01-03 20:09 - 2014-08-26 11:31 - 12605952 ___SH C:\Users\Skrillexer\Desktop\Thumbs.db
2017-12-31 15:41 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-12-30 14:32 - 2014-09-27 00:44 - 01977856 ___SH C:\Users\Skrillexer\Downloads\Thumbs.db
==================== Files in the root of some directories =======
2018-01-05 20:47 - 2003-04-09 04:28 - 0233472 ____R () C:\Users\Skrillexer\AppData\Roaming\MafiaSetup.exe
2015-07-26 02:53 - 2018-01-22 06:26 - 0000062 _____ () C:\Users\Skrillexer\AppData\Roaming\sp_data.sys
2017-08-18 15:37 - 2017-08-18 15:37 - 0072265 _____ () C:\Users\Skrillexer\AppData\Local\recently-used.xbel
2015-08-03 19:51 - 2015-08-03 19:51 - 0007604 _____ () C:\Users\Skrillexer\AppData\Local\Resmon.ResmonCfg
2013-05-01 12:15 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 12:15 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
Files to move or delete:
====================
C:\Windows\Tasks\{783F9B6B-C98B-BCA3-13A3-17ED48324CE0}.job
Some files in TEMP:
====================
C:\Users\Skrillexer\AppData\Local\Temp\0144771516597706mcinst.exe
C:\Users\Skrillexer\AppData\Local\Temp\amigo_setup.exe
C:\Users\Skrillexer\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Skrillexer\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\Skrillexer\AppData\Local\Temp\GrLauncherTempSetup.exe
C:\Users\Skrillexer\AppData\Local\Temp\Opera_installer_20173154243562.dll
C:\Users\Skrillexer\AppData\Local\Temp\ShellHook.dll
C:\Users\Skrillexer\AppData\Local\Temp\SIntf16.dll
C:\Users\Skrillexer\AppData\Local\Temp\SIntf32.dll
C:\Users\Skrillexer\AppData\Local\Temp\SIntfNT.dll
C:\Users\Skrillexer\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Skrillexer\AppData\Local\Temp\_is79C2.exe
C:\Users\Skrillexer\AppData\Local\Temp\_is8DC9.exe
C:\Users\Skrillexer\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-01-21 04:48
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu.Zatížení disku Hostitel služby:Místní syst
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu.Zatížení disku Hostitel služby:Místní syst
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu.Zatížení disku Hostitel služby:Místní
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu.Zatížení disku Hostitel služby:Místní
Dobrej. Děkuji za rychlou odpověď, přikládám výsledek
- # AdwCleaner 7.0.7.0 - Logfile created on Mon Jan 22 14:47:20 2018
# Updated on 2018/18/01 by Malwarebytes
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
No malicious registry entries deleted.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C1].txt - [747 B] - [2016/2/6 13:9:18]
C:/AdwCleaner/AdwCleaner[C2].txt - [745 B] - [2016/2/6 13:16:13]
C:/AdwCleaner/AdwCleaner[C3].txt - [827 B] - [2016/3/31 15:26:9]
C:/AdwCleaner/AdwCleaner[C4].txt - [2120 B] - [2016/11/5 20:58:26]
C:/AdwCleaner/AdwCleaner[C5].txt - [2186 B] - [2017/1/28 13:18:18]
C:/AdwCleaner/AdwCleaner[C6].txt - [2263 B] - [2017/1/29 17:59:7]
C:/AdwCleaner/AdwCleaner[C7].txt - [2812 B] - [2017/5/1 18:1:54]
C:/AdwCleaner/AdwCleaner[S0].txt - [2552 B] - [2015/4/29 16:8:37]
C:/AdwCleaner/AdwCleaner[S10].txt - [4445 B] - [2017/5/1 17:55:33]
C:/AdwCleaner/AdwCleaner[S11].txt - [3210 B] - [2017/8/1 18:10:16]
C:/AdwCleaner/AdwCleaner[S12].txt - [2432 B] - [2017/8/30 10:2:43]
C:/AdwCleaner/AdwCleaner[S13].txt - [2727 B] - [2018/1/22 5:19:54]
C:/AdwCleaner/AdwCleaner[S14].txt - [2357 B] - [2018/1/22 14:27:32]
C:/AdwCleaner/AdwCleaner[S15].txt - [2426 B] - [2018/1/22 14:46:56]
C:/AdwCleaner/AdwCleaner[S1].txt - [1596 B] - [2015/6/16 10:19:26]
C:/AdwCleaner/AdwCleaner[S2].txt - [1826 B] - [2015/7/14 5:7:16]
C:/AdwCleaner/AdwCleaner[S3].txt - [1942 B] - [2015/7/24 11:24:21]
C:/AdwCleaner/AdwCleaner[S4].txt - [9203 B] - [2016/11/5 20:51:26]
C:/AdwCleaner/AdwCleaner[S5].txt - [2436 B] - [2016/11/5 20:57:43]
C:/AdwCleaner/AdwCleaner[S6].txt - [2482 B] - [2017/1/28 13:16:37]
C:/AdwCleaner/AdwCleaner[S7].txt - [2609 B] - [2017/1/29 17:58:45]
C:/AdwCleaner/AdwCleaner[S8].txt - [2755 B] - [2017/2/22 20:37:25]
C:/AdwCleaner/AdwCleaner[S9].txt - [2830 B] - [2017/3/15 21:11:35]
########## EOF - C:\AdwCleaner\AdwCleaner[C7].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu.Zatížení disku Hostitel služby:Místní
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Skrillexer\Desktop\AntiVir PROGRÁMKY jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\RunOnce: [Gamiconemu] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\SKRILL~1\AppData\Local\783F9B~1\Cegahikec.dat"
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\MountPoints2: {5de7855a-5f0c-11e5-be86-10c37b1f4da4} - "F:\m.exe"
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\MountPoints2: {7424cbd0-6948-11e5-be89-10c37b1f4da4} - "G:\m.exe"
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\MountPoints2: {7424dda8-6948-11e5-be89-10c37b1f4da4} - "H:\setup.exe"
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\MountPoints2: {7866eac9-6a1a-11e7-bfcb-10c37b1f4da4} - "F:\HiSuiteDownLoader.exe"
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
C:\Windows\Tasks\{783F9B6B-C98B-BCA3-13A3-17ED48324CE0}.job
C:\Users\Skrillexer\AppData\Local\Temp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu.Zatížení disku Hostitel služby:Místní
- Fix result of Farbar Recovery Scan Tool (x64) Version:27-01-2016
Ran by Skrillexer (2018-01-22 18:00:19) Run:3
Running from C:\Users\Skrillexer\Desktop
Loaded Profiles: Skrillexer (Available Profiles: Skrillexer & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\RunOnce: [Gamiconemu] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\SKRILL~1\AppData\Local\783F9B~1\Cegahikec.dat"
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\MountPoints2: {5de7855a-5f0c-11e5-be86-10c37b1f4da4} - "F:\m.exe"
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\MountPoints2: {7424cbd0-6948-11e5-be89-10c37b1f4da4} - "G:\m.exe"
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\MountPoints2: {7424dda8-6948-11e5-be89-10c37b1f4da4} - "H:\setup.exe"
HKU\S-1-5-21-770707743-2238207204-2158057649-1002\...\MountPoints2: {7866eac9-6a1a-11e7-bfcb-10c37b1f4da4} - "F:\HiSuiteDownLoader.exe"
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
C:\Windows\Tasks\{783F9B6B-C98B-BCA3-13A3-17ED48324CE0}.job
C:\Users\Skrillexer\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\Gamiconemu => value removed successfully
"HKU\S-1-5-21-770707743-2238207204-2158057649-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5de7855a-5f0c-11e5-be86-10c37b1f4da4}" => key removed successfully
HKCR\CLSID\{5de7855a-5f0c-11e5-be86-10c37b1f4da4} => key not found.
"HKU\S-1-5-21-770707743-2238207204-2158057649-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7424cbd0-6948-11e5-be89-10c37b1f4da4}" => key removed successfully
HKCR\CLSID\{7424cbd0-6948-11e5-be89-10c37b1f4da4} => key not found.
"HKU\S-1-5-21-770707743-2238207204-2158057649-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7424dda8-6948-11e5-be89-10c37b1f4da4}" => key removed successfully
HKCR\CLSID\{7424dda8-6948-11e5-be89-10c37b1f4da4} => key not found.
"HKU\S-1-5-21-770707743-2238207204-2158057649-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7866eac9-6a1a-11e7-bfcb-10c37b1f4da4}" => key removed successfully
HKCR\CLSID\{7866eac9-6a1a-11e7-bfcb-10c37b1f4da4} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
C:\Windows\Tasks\{783F9B6B-C98B-BCA3-13A3-17ED48324CE0}.job => moved successfully
C:\Users\Skrillexer\AppData\Local\Temp => moved successfully
EmptyTemp: => 1.2 GB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 18:01:19 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu.Zatížení disku Hostitel služby:Místní
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu.Zatížení disku Hostitel služby:Místní
Počítač má teď hladší chod, moc děkuji za pomoc 
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu.Zatížení disku Hostitel služby:Místní
To jsem rád. Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?