DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10240.17071 BrowserJavaVersion: 11.101.2
Run by dgm at 19:29:16 on 2016-09-14
Microsoft Windows 10 Pro 10.0.10240.0.1250.420.1029.18.4095.2208 [GMT 2:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
C:\Program Files (x86)\Cobian Backup 11\cbService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Windows\SysWOW64\nlssrv32.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\svchost.exe -k appmodel
C:\Program Files (x86)\X-Rite\Devices\Services\ColorMunki\ColorMunkiDeviceService.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\sihost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\dgm\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Users\dgm\AppData\Roaming\NotepadPlusPlusApp\nppApplication.exe
C:\Program Files (x86)\X-Rite\ColorMunki Photo\Tools\ColorMunki Photo Tray.exe
C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\system32\ApplicationFrameHost.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
uRun: [OneDrive] "C:\Users\dgm\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [AdobeBridge] <no file>
mRun: [Cobian Backup 11 interface] "C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe" -service
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.8.0_101\bin\jusched.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\COLORM~1.LNK - C:\Program Files (x86)\X-Rite\ColorMunki Photo\Gamma\CalibrationLoader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\COLORM~2.LNK - C:\Program Files (x86)\X-Rite\ColorMunki Photo\Tools\ColorMunki Photo Tray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Vystřihnout záložku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_101-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-00101-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_101-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_101-windows-i586.cab
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{f11d856a-0791-4a99-93c8-8f2e48e5004a} : DHCPNameServer = 10.0.0.138
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.cz/
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorAV;Řadič Intel(R) SATA diskového pole RAID – Windows;C:\Windows\System32\drivers\iaStorAV.sys [2015-7-10 673120]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\Windows\System32\drivers\WindowsTrustedRT.sys [2015-7-10 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [2015-7-10 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\Windows\System32\drivers\wof.sys [2016-8-2 200528]
R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2015-7-10 215552]
R1 FileCrypt;FileCrypt;C:\Windows\System32\drivers\filecrypt.sys [2015-7-10 83968]
R1 GpuEnergyDrv;GPU Energy Driver;C:\Windows\System32\drivers\gpuenergydrv.sys [2016-8-2 8192]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-3-3 2159320]
R2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [2016-8-4 67584]
R2 CobianBackup11;Cobian Backup 11 Gravity;C:\Program Files (x86)\Cobian Backup 11\cbService.exe [2016-8-4 1131008]
R2 ColorMunkiService;X-Rite Device ColorMunki;C:\Program Files (x86)\X-Rite\Devices\Services\ColorMunki\ColorMunkiDeviceService.exe [2016-8-8 147968]
R2 CoreMessagingRegistrar;CoreMessaging;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2015-7-10 39856]
R2 DiagTrack;Služba diagnostického trasování;C:\Windows\System32\svchost.exe -k utcsvc [2015-7-10 39856]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-9-14 1136608]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-9-14 1514464]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2016-8-3 70768]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2016-9-14 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2016-9-14 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2016-9-14 171928]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-8-8 426040]
R2 storqosflt;Ovladač filtru technologie QoS pro úložiště;C:\Windows\System32\drivers\storqosflt.sys [2015-7-10 61952]
R2 tiledatamodelsvc;Server datového modelu dlaždic;C:\Windows\System32\svchost.exe -k appmodel [2015-7-10 39856]
R2 UserManager;Správce uživatelů;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R2 xritedeviced;X-Rite Device Manager;C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe [2016-8-8 130048]
R3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;C:\Windows\System32\drivers\BthLEEnum.sys [2016-8-2 238080]
R3 lfsvc;Služba sledování zeměpisné polohy;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R3 LicenseManager;Služba správce licencí Windows;C:\Windows\System32\svchost.exe -k LocalService [2015-7-10 39856]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2016-9-14 27008]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2016-9-14 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2016-9-14 65408]
R3 NcbService;Zprostředkovatel síťového připojení;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
R3 NdisVirtualBus;Enumerátor virtuálního síťového adaptéru Microsoft;C:\Windows\System32\drivers\NdisVirtualBus.sys [2015-7-10 20992]
R3 rt640x64;Ovladač Realtek RT640 NT;C:\Windows\System32\drivers\rt640x64.sys [2015-7-10 587264]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8187.sys [2016-8-2 448512]
R3 StateRepository;Služba State Repository;C:\Windows\System32\svchost.exe -k appmodel [2015-7-10 39856]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\drivers\WUDFRd.sys [2015-7-10 214016]
R3 yukonw8;NDIS6.3 Miniport – ovladač pro Marvell Yukon Ethernet Legacy Controllers;C:\Windows\System32\drivers\yk63x64.sys [2015-7-10 295216]
S2 dmwappushservice;dmwappushsvc;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 DoSvc;Optimalizace doručení;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 MapsBroker;Správce stažených map;C:\Windows\System32\svchost.exe -k NetworkService [2015-7-10 39856]
S2 UsoSvc;Aktualizovat službu Orchestrator;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2015-7-10 1135456]
S3 AJRouter;Služba směrovače AllJoyn;C:\Windows\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 AppReadiness;Připravenost aplikací;C:\Windows\System32\svchost.exe -k AppReadiness [2015-7-10 39856]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-7-10 39856]
S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2015-7-10 17624]
S3 BthHFSrv;Služba Bluetooth Handsfree;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-7-10 39856]
S3 buttonconverter;Služba pro zařízení pro ovládání přenosných zařízení;C:\Windows\System32\drivers\buttonconverter.sys [2016-8-2 36352]
S3 CapImg;Ovladač HID pro dotykovou obrazovku CapImg;C:\Windows\System32\drivers\capimg.sys [2015-7-10 116736]
S3 CDPSvc;Služba CDPS;C:\Windows\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 ClipSVC;Služba pro klientské licence (ClipSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-7-10 39856]
S3 colormunki;colormunki;C:\Windows\System32\drivers\colormunki_x64.sys [2016-8-8 51600]
S3 DcpSvc;DataCollectionPublishingService;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DevQueryBroker;DevQuery Backgroud Discovery Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 diagnosticshub.standardcollector.service;Standardní služba sběru dat pro Centrum diagnostiky Microsoft (R);C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-7-10 27136]
S3 DmEnrollmentSvc;Služba zápisu při správě zařízení;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DsSvc;Služba sdílení dat;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 embeddedmode;embeddedmode;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 EntAppSvc;Enterprise App Management Service;C:\Windows\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 fcvsc;fcvsc;C:\Windows\System32\drivers\fcvsc.sys [2015-7-10 31232]
S3 genericusbfn;Obecná funkční třída USB;C:\Windows\System32\drivers\genericusbfn.sys [2015-7-10 20992]
S3 hidinterrupt;Společný ovladač pro tlačítka standardu HID implementovaná s přerušeními;C:\Windows\System32\drivers\hidinterrupt.sys [2015-7-10 50016]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2015-7-10 38128]
S3 iaLPSSi_I2C;Ovladač řadiče Intel(R) Serial IO I2C;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2015-7-10 122608]
S3 ibbus;Mellanox InfiniBand Bus/AL (ovladač filtru);C:\Windows\System32\drivers\ibbus.sys [2015-7-10 424800]
S3 icssvc;Služba mobilní hotspot systému Windows;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 IEEtwCollectorService;Služba sběru událostí funkce ETW pro aplikaci Internet Explorer;C:\Windows\System32\ieetwcollector.exe [2015-7-10 115200]
S3 intelpep;Ovladač modulu Intel(R) Power Engine Plug-in;C:\Windows\System32\drivers\intelpep.sys [2015-7-10 43872]
S3 IoQos;IoQos;C:\Windows\System32\drivers\ioqos.sys [2015-7-10 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\Windows\System32\drivers\lsi_sas2i.sys [2015-7-10 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\Windows\System32\drivers\lsi_sas3i.sys [2015-7-10 99168]
S3 mlx4_bus;Enumerátor sběrnice Mellanox ConnectX;C:\Windows\System32\drivers\mlx4_bus.sys [2015-7-10 705376]
S3 ndfltr;Služba NetworkDirect;C:\Windows\System32\drivers\ndfltr.sys [2015-7-10 76128]
S3 NetSetupSvc;Služba nastavení sítě;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc.sys [2015-7-10 94720]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 NgcSvc;Microsoft Passport;C:\Windows\System32\lsass.exe [2015-7-10 56344]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2012-12-8 178760]
S3 percsas2i;percsas2i;C:\Windows\System32\drivers\percsas2i.sys [2015-7-10 58208]
S3 percsas3i;percsas3i;C:\Windows\System32\drivers\percsas3i.sys [2015-7-10 58720]
S3 ReFSv1;ReFSv1;C:\Windows\System32\drivers\refsv1.sys [2016-8-2 934752]
S3 RetailDemo;Služba ukázkového režimu pro prodejny;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 ScDeviceEnum;Služba výčtu zařízení čipové karty;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SensorDataService;Služba dat ze senzorů;C:\Windows\System32\SensorDataService.exe [2016-8-2 1031680]
S3 SensorService;Senzorová služba;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2015-7-10 155488]
S3 smphost;Prostory úložiště SMP společnosti Microsoft;C:\Windows\System32\svchost.exe -k smphost [2015-7-10 39856]
S3 SmsRouter;Služba směrovače SMS systému Microsoft Windows;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 stornvme;Ovladač Microsoft Standard NVM Express ;C:\Windows\System32\drivers\stornvme.sys [2016-8-2 80720]
S3 storufs;Ovladač Microsoft Universal Flash Storage (UFS);C:\Windows\System32\drivers\storufs.sys [2015-7-10 40288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\Windows\System32\drivers\UcmCx.sys [2015-7-10 61952]
S3 UcmUcsi;Klient UCSI Správce konektoru USB;C:\Windows\System32\drivers\UcmUcsi.sys [2016-8-2 46080]
S3 UdeCx;USB Device Emulation Support Library;C:\Windows\System32\drivers\Udecx.sys [2015-7-10 44032]
S3 UEFI;Ovladač Microsoft UEFI;C:\Windows\System32\drivers\uefi.sys [2015-7-10 28512]
S3 Ufx01000;USB Function Class Extension;C:\Windows\System32\drivers\ufx01000.sys [2015-7-10 245088]
S3 UfxChipidea;Řadič USB – Chipidea;C:\Windows\System32\drivers\UfxChipidea.sys [2015-7-10 94048]
S3 ufxsynopsys;Řadič USB – Synopsys;C:\Windows\System32\drivers\ufxsynopsys.sys [2015-7-10 127840]
S3 UrsCx01000;USB Role-Switch Support Library;C:\Windows\System32\drivers\urscx01000.sys [2015-7-10 57696]
S3 UrsChipidea;Chipidea – ovladač USB pro přepínání rolí;C:\Windows\System32\drivers\urschipidea.sys [2015-7-10 28512]
S3 UrsSynopsys;Synopsys – ovladač USB pro přepínání rolí;C:\Windows\System32\drivers\urssynopsys.sys [2015-7-10 27488]
S3 vhf;Ovladač VHF (Virtual HID Framework);C:\Windows\System32\drivers\vhf.sys [2015-7-10 31744]
S3 vmicguestinterface;Rozhraní služby hosta technologie Hyper-V;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 vmicvmsession;Služba relací virtuálního počítače s technologií Hyper-V;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;C:\Windows\System32\svchost.exe -k ICService [2015-7-10 39856]
S3 WalletService;WalletService;C:\Windows\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 wampapache64;wampapache64;C:\wamp64\bin\apache\apache2.4.18\bin\httpd.exe [2016-8-8 29696]
S3 wampmysqld64;wampmysqld64;c:\wamp64\bin\mysql\mysql5.7.11\bin\mysqld.exe wampmysqld64 --> c:\wamp64\bin\mysql\mysql5.7.11\bin\mysqld.exe wampmysqld64 [?]
S3 wdiwifi;WDI Driver Framework;C:\Windows\System32\drivers\WdiWiFi.sys [2016-8-2 685568]
S3 WdNisDrv;Systémový ovladač kontroly sítě programu Windows Defender;C:\Windows\System32\drivers\WdNisDrv.sys [2015-7-10 119648]
S3 WdNisSvc;Služba kontroly sítě programu Windows Defender;C:\Program Files\Windows Defender\NisSrv.exe [2015-7-10 362928]
S3 WEPHOSTSVC;Hostitelská služba zprostředkovatele šifrování Windows;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2015-7-10 39856]
S3 WinMad;Služba WinMad;C:\Windows\System32\drivers\winmad.sys [2015-7-10 26976]
S3 WinVerbs;Služba WinVerbs;C:\Windows\System32\drivers\winverbs.sys [2015-7-10 59232]
S3 workfolderssvc;Pracovní složky;C:\Windows\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 WpnService;Služba nabízených oznámení Windows;C:\Windows\System32\svchost.exe -k wswpnservice [2015-7-10 39856]
S3 XblAuthManager;Xbox Live Auth Manager;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 XblGameSave;Uložení hry Xbox Live;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\Windows\System32\drivers\xboxgip.sys [2015-7-10 222720]
S3 XboxNetApiSvc;Síťová služba Xbox Live;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xinputhid;XINPUT HID Filter Driver;C:\Windows\System32\drivers\xinputhid.sys [2015-7-10 25600]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile="C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2016-09-14 17:00:52 16148 ----a-w- C:\Windows\System32\DESKTOP-7FRIM92_dgm_HistoryPrediction.bin
2016-09-14 16:47:18 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-09-14 16:47:05 65408 ----a-w- C:\Windows\System32\drivers\mwac.sys
2016-09-14 16:47:05 27008 ----a-w- C:\Windows\System32\drivers\mbam.sys
2016-09-14 16:47:05 140672 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2016-09-14 16:47:05 -------- d-----w- C:\ProgramData\Malwarebytes
2016-09-14 16:47:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-14 16:45:33 -------- d-----w- C:\Program Files\CCleaner
2016-09-14 16:43:43 -------- d-----w- C:\Program Files\Common Files\AV
2016-09-14 16:38:44 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2016-09-14 16:38:43 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2016-09-14 16:38:36 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-09-14 15:54:06 -------- d-----w- C:\Users\dgm\AppData\Roaming\NotepadPlusPlusApp
2016-09-14 15:16:08 11847048 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0147E4C-5B0F-4512-8C76-BFEEF70520E1}\mpengine.dll
2016-09-14 15:16:07 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{323E7E2B-C180-4263-9B17-60E02AD2324A}\gapaengine.dll
2016-09-13 13:29:35 11847048 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-09-13 13:22:58 -------- d-----w- C:\Program Files\CMAK
2016-09-13 13:22:58 -------- d-----w- C:\Program Files (x86)\CMAK
2016-09-08 16:37:17 -------- d-----w- C:\Users\dgm\AppData\Local\GlobalMapper
2016-09-08 16:36:37 -------- d-----w- C:\Users\dgm\AppData\Local\IIIQF
2016-09-07 16:56:26 -------- d-----w- C:\Users\dgm\Evernote
2016-09-07 16:56:15 -------- d-----w- C:\Program Files (x86)\Evernote
2016-09-07 16:25:39 -------- d-----w- C:\Users\dgm\.oracle_jre_usage
2016-09-07 16:25:35 97856 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2016-09-07 16:25:19 -------- d-----w- C:\ProgramData\Oracle
2016-09-05 13:37:08 -------- d-----w- C:\Program Files (x86)\GPSBabel
2016-09-01 17:48:20 -------- d-----w- C:\Program Files (x86)\GPS Track Editor
2016-08-31 18:35:42 -------- d-----w- C:\Users\dgm\AppData\Roaming\Mobile Atlas Creator
2016-08-16 13:59:21 -------- d-----w- C:\ProgramData\GARMIN
2016-08-15 17:53:44 -------- d-----w- C:\Program Files (x86)\cGPSmapper
.
==================== Find3M ====================
.
2016-08-14 10:34:48 30568 ----a-w- C:\Windows\System32\drivers\grmngen.sys
2016-08-14 10:34:48 19304 ----a-w- C:\Windows\System32\drivers\grmnusb.sys
2016-08-08 19:20:26 411368 ----a-w- C:\Windows\SysWow64\deploytk.dll
2016-08-03 06:45:18 2718208 ----a-w- C:\Windows\SysWow64\PrintConfig.dll
2016-08-03 06:25:56 953472 ----a-w- C:\Windows\SysWow64\ole32.dll
2016-08-03 06:25:44 365120 ----a-w- C:\Windows\SysWow64\bcryptprimitives.dll
2016-08-03 06:24:58 2152744 ----a-w- C:\Windows\SysWow64\mfcore.dll
2016-08-03 06:24:37 1531368 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2016-08-03 06:24:37 1356368 ----a-w- C:\Windows\SysWow64\winmde.dll
2016-08-03 06:24:34 46480 ----a-w- C:\Windows\SysWow64\wldp.dll
2016-08-03 06:24:34 439648 ----a-w- C:\Windows\SysWow64\SettingSyncHost.exe
2016-08-03 06:24:33 1767008 ----a-w- C:\Windows\SysWow64\CoreUIComponents.dll
2016-08-03 06:23:13 1895576 ----a-w- C:\Windows\SysWow64\hevcdecoder.dll
2016-08-03 06:22:26 1811360 ----a-w- C:\Windows\SysWow64\combase.dll
2016-08-03 06:15:58 468832 ----a-w- C:\Windows\SysWow64\NetSetupEngine.dll
2016-08-03 06:15:57 46080 ----a-w- C:\Windows\SysWow64\NAPCRYPT.DLL
2016-08-03 06:15:06 700256 ----a-w- C:\Windows\SysWow64\WWAHost.exe
2016-08-03 06:14:10 565648 ----a-w- C:\Windows\SysWow64\SHCore.dll
2016-08-03 06:13:40 65096 ----a-w- C:\Windows\SysWow64\Clipc.dll
2016-08-03 06:09:35 185952 ----a-w- C:\Windows\SysWow64\policymanager.dll
2016-08-03 05:44:58 2495776 ----a-w- C:\Windows\System32\CoreUIComponents.dll
2016-08-03 05:44:36 2115936 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2016-08-03 05:44:35 2429792 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2016-08-03 05:44:35 2156400 ----a-w- C:\Windows\System32\hevcdecoder.dll
2016-08-03 05:44:27 388896 ----a-w- C:\Windows\System32\wmpps.dll
2016-08-03 05:44:22 243760 ----a-w- C:\Windows\System32\mfps.dll
2016-08-03 05:39:23 660320 ----a-w- C:\Windows\System32\NetSetupEngine.dll
2016-08-03 05:38:29 801632 ----a-w- C:\Windows\System32\WWAHost.exe
2016-08-03 05:38:25 6525424 ----a-w- C:\Windows\System32\sppsvc.exe
2016-08-03 05:38:20 252760 ----a-w- C:\Windows\System32\ContentDeliveryManager.Utilities.dll
2016-08-03 05:38:12 724168 ----a-w- C:\Windows\System32\SHCore.dll
2016-08-03 05:38:03 78040 ----a-w- C:\Windows\System32\Clipc.dll
2016-08-03 05:38:00 1134792 ----a-w- C:\Windows\System32\ClipUp.exe
2016-08-03 05:37:59 658568 ----a-w- C:\Windows\System32\ClipSVC.dll
2016-08-03 05:33:59 224704 ----a-w- C:\Windows\System32\policymanager.dll
2016-08-03 05:32:22 983904 ----a-w- C:\Windows\System32\SecConfig.efi
2016-08-03 05:09:02 954368 ----a-w- C:\Windows\System32\IKEEXT.DLL
2016-08-03 05:03:18 16708608 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll
2016-08-03 04:57:57 694784 ----a-w- C:\Windows\System32\jscript9diag.dll
2016-08-03 04:57:26 21862912 ----a-w- C:\Windows\System32\edgehtml.dll
2016-08-03 04:57:17 483328 ----a-w- C:\Windows\System32\OneDriveSettingSyncProvider.dll
2016-08-03 04:55:44 290304 ----a-w- C:\Windows\System32\oemlicense.dll
2016-08-03 04:54:07 11557888 ----a-w- C:\Windows\System32\twinui.dll
2016-08-03 04:53:43 7569408 ----a-w- C:\Windows\System32\mos.dll
2016-08-03 04:53:10 13027328 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll
2016-08-03 04:52:41 2418688 ----a-w- C:\Windows\System32\MFMediaEngine.dll
2016-08-03 04:51:59 446976 ----a-w- C:\Windows\System32\MapConfiguration.dll
2016-08-03 04:50:29 2902528 ----a-w- C:\Windows\System32\CertEnroll.dll
2016-08-03 04:49:25 6305792 ----a-w- C:\Windows\System32\Windows.UI.Search.dll
2016-08-03 04:49:20 371712 ----a-w- C:\Windows\SysWow64\OneDriveSettingSyncProvider.dll
2016-08-03 04:49:18 2446336 ----a-w- C:\Windows\System32\InputService.dll
2016-08-03 04:48:38 6788096 ----a-w- C:\Windows\System32\Windows.Data.Pdf.dll
2016-08-03 04:47:42 553472 ----a-w- C:\Windows\System32\GamePanel.exe
2016-08-03 04:47:39 209920 ----a-w- C:\Windows\SysWow64\oemlicense.dll
2016-08-03 04:47:33 293376 ----a-w- C:\Windows\System32\TextInputFramework.dll
2016-08-03 04:47:21 456704 ----a-w- C:\Windows\System32\certcli.dll
2016-08-03 04:47:10 184320 ----a-w- C:\Windows\System32\WSClient.dll
2016-08-03 04:46:49 963072 ----a-w- C:\Windows\System32\WSShared.dll
2016-08-03 04:46:42 1123840 ----a-w- C:\Windows\System32\NaturalLanguage6.dll
2016-08-03 04:46:32 324096 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-03 04:46:30 780288 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.dll
2016-08-03 04:46:27 1416704 ----a-w- C:\Windows\System32\lsasrv.dll
2016-08-03 04:46:22 183808 ----a-w- C:\Windows\System32\WSSync.dll
2016-08-03 04:45:52 147456 ----a-w- C:\Windows\System32\iassvcs.dll
2016-08-03 04:45:13 4847616 ----a-w- C:\Windows\System32\dbgeng.dll
2016-08-03 04:44:57 9889792 ----a-w- C:\Windows\SysWow64\twinui.dll
2016-08-03 04:44:51 814592 ----a-w- C:\Windows\System32\provcore.dll
2016-08-03 04:44:39 328704 ----a-w- C:\Windows\SysWow64\MapConfiguration.dll
2016-08-03 04:44:12 893440 ----a-w- C:\Windows\System32\MbaeApiPublic.dll
2016-08-03 04:44:09 345088 ----a-w- C:\Windows\System32\eappcfg.dll
2016-08-03 04:43:16 326656 ----a-w- C:\Windows\System32\eapp3hst.dll
2016-08-03 04:43:14 279040 ----a-w- C:\Windows\System32\eapphost.dll
2016-08-03 04:43:08 107008 ----a-w- C:\Windows\System32\eappgnui.dll
2016-08-03 04:43:01 7055872 ----a-w- C:\Windows\System32\BingMaps.dll
2016-08-03 04:42:58 65024 ----a-w- C:\Windows\System32\eappprxy.dll
2016-08-03 04:42:33 197632 ----a-w- C:\Windows\System32\NetSetupSvc.dll
2016-08-03 04:42:32 2253824 ----a-w- C:\Windows\System32\WpcWebSync.dll
2016-08-03 04:42:14 2598912 ----a-w- C:\Windows\SysWow64\CertEnroll.dll
2016-08-03 04:42:13 2839040 ----a-w- C:\Windows\System32\Wpc.dll
2016-08-03 04:41:46 1823232 ----a-w- C:\Windows\SysWow64\InputService.dll
2016-08-03 04:41:38 799232 ----a-w- C:\Windows\System32\wpccpl.dll
2016-08-03 04:41:17 4398592 ----a-w- C:\Windows\SysWow64\Windows.UI.Search.dll
2016-08-03 04:41:00 3119104 ----a-w- C:\Windows\System32\wininet.dll
2016-08-03 04:40:56 1918976 ----a-w- C:\Windows\SysWow64\MFMediaEngine.dll
2016-08-03 04:40:53 771072 ----a-w- C:\Windows\System32\Chakradiag.dll
2016-08-03 04:40:33 420352 ----a-w- C:\Windows\SysWow64\GamePanel.exe
2016-08-03 04:40:33 200704 ----a-w- C:\Windows\SysWow64\TextInputFramework.dll
2016-08-03 04:40:13 572928 ----a-w- C:\Windows\System32\vbscript.dll
2016-08-03 04:40:03 5160960 ----a-w- C:\Windows\SysWow64\Windows.Data.Pdf.dll
2016-08-03 04:40:03 338944 ----a-w- C:\Windows\SysWow64\certcli.dll
2016-08-03 04:39:22 587776 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
2016-08-03 04:39:17 806912 ----a-w- C:\Windows\SysWow64\WSShared.dll
2016-08-03 04:39:13 247808 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-03 04:39:08 846848 ----a-w- C:\Windows\SysWow64\NaturalLanguage6.dll
2016-08-03 04:39:08 151552 ----a-w- C:\Windows\SysWow64\WSClient.dll
2016-08-03 04:39:05 5448704 ----a-w- C:\Windows\System32\aclui.dll
2016-08-03 04:39:02 153088 ----a-w- C:\Windows\SysWow64\WSSync.dll
2016-08-03 04:38:48 51200 ----a-w- C:\Windows\System32\Windows.Shell.Search.UriHandler.dll
2016-08-03 04:38:39 110080 ----a-w- C:\Windows\System32\IdCtrls.dll
2016-08-03 04:38:33 819712 ----a-w- C:\Windows\System32\licensingdiag.exe
.
============= FINISH: 19:29:29,56 ===============
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu (zpouštění nežádoucích str. v prohlíž
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119495
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu (zpouštění nežádoucích str. v pro
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu (zpouštění nežádoucích str. v pro
Přikládám scan AdwCleaner po scanování a vyčištění, stránky jako:
ru.aliexpress.com
http://chain-reaction-pro.co/ref/cr06
http://thirafsleb-si.ru/?token=v7rfq
http://apytrc.com/apref/6dc3d948-b1fc.....
a pod. se opakovaně ve Firefoxu náhodně otevírají:
Zatím děkuji.
# AdwCleaner v6.020 - Log soubor vytvořen 15/09/2016 na 14:06:40
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-14.2 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : dgm - DESKTOP-7FRIM92
# Beží od : C:\Users\dgm\Desktop\adwcleaner_6.020(1).exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Adresáře ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}
[-] Klíč smazán:HKU\S-1-5-21-2758356745-1180579949-2161618819-1001\Software\IM
[#] Klíč smazán po restartování:HKCU\Software\IM
[-] Klíč smazán:HKLM\SOFTWARE\HPRewriter
[#] Klíč smazán po restartování:[x64] HKCU\Software\IM
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1141 Bajtů] - [15/09/2016 14:06:40]
C:\AdwCleaner\AdwCleaner[S0].txt - [1384 Bajtů] - [15/09/2016 14:01:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [1708 Bajtů] - [15/09/2016 14:06:24]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1363 Bajtů] ##########
ru.aliexpress.com
http://chain-reaction-pro.co/ref/cr06
http://thirafsleb-si.ru/?token=v7rfq
http://apytrc.com/apref/6dc3d948-b1fc.....
a pod. se opakovaně ve Firefoxu náhodně otevírají:
Zatím děkuji.
# AdwCleaner v6.020 - Log soubor vytvořen 15/09/2016 na 14:06:40
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-14.2 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : dgm - DESKTOP-7FRIM92
# Beží od : C:\Users\dgm\Desktop\adwcleaner_6.020(1).exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Adresáře ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}
[-] Klíč smazán:HKU\S-1-5-21-2758356745-1180579949-2161618819-1001\Software\IM
[#] Klíč smazán po restartování:HKCU\Software\IM
[-] Klíč smazán:HKLM\SOFTWARE\HPRewriter
[#] Klíč smazán po restartování:[x64] HKCU\Software\IM
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1141 Bajtů] - [15/09/2016 14:06:40]
C:\AdwCleaner\AdwCleaner[S0].txt - [1384 Bajtů] - [15/09/2016 14:01:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [1708 Bajtů] - [15/09/2016 14:06:24]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1363 Bajtů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119495
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu (zpouštění nežádoucích str. v pro
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu (zpouštění nežádoucích str. v pro
Přikládám lof FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-09-2016
Ran by dgm (administrator) on DESKTOP-7FRIM92 (15-09-2016 19:20:00)
Running from C:\Users\dgm\Desktop
Loaded Profiles: dgm (Available Profiles: dgm)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\ColorMunki\ColorMunkiDeviceService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(PoloPurple Horsea) C:\Users\dgm\AppData\Roaming\NotepadPlusPlusApp\nppApplication.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
() C:\Program Files (x86)\X-Rite\ColorMunki Photo\Tools\ColorMunki Photo Tray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\dgm\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794888 2016-08-02] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cobian Backup 11 interface] => C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2758356745-1180579949-2161618819-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2016-08-02] (BitTorrent, Inc.)
HKU\S-1-5-21-2758356745-1180579949-2161618819-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2758356745-1180579949-2161618819-1001\...\Run: [nppApplication] => C:\Users\dgm\AppData\Roaming\NotepadPlusPlusApp\nppApplication.exe [1068032 2016-08-19] (PoloPurple Horsea)
HKU\S-1-5-21-2758356745-1180579949-2161618819-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2758356745-1180579949-2161618819-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorMunki Gamma.lnk [2016-08-08]
ShortcutTarget: ColorMunki Gamma.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Photo\Gamma\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorMunkiPhotoTray.exe.lnk [2016-08-08]
ShortcutTarget: ColorMunkiPhotoTray.exe.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Photo\Tools\ColorMunki Photo Tray.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f11d856a-0791-4a99-93c8-8f2e48e5004a}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-08-11] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2758356745-1180579949-2161618819-1001 -> hxxp://google.com/
FireFox:
========
FF ProfilePath: C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314
FF Homepage: hxxps://www.google.cz/
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-08-25] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-08] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Extension: (Flash Block) - C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi [2016-09-14]
FF Extension: (Menu Wizard) - C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\extensions\s3menu@wizard.xpi [2016-09-14]
FF Extension: (Firefox Hotfix) - C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-14]
FF Extension: (Adblock Plus) - C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-09-14]
FF Extension: (web_clipper) - C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2016-09-14]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
R2 ColorMunkiService; C:\Program Files (x86)\X-Rite\Devices\Services\ColorMunki\ColorMunkiDeviceService.exe [147968 2009-10-21] (X-Rite Inc.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.18\bin\httpd.exe [29696 2015-12-09] (Apache Software Foundation) [File not signed]
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.11\bin\mysqld.exe [39622144 2016-02-02] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24856 2016-08-03] (Microsoft Corporation)
R2 xritedeviced; C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe [130048 2009-10-21] (X-Rite Inc.) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 colormunki; C:\Windows\System32\Drivers\colormunki_x64.sys [51600 2007-10-02] (Thesycon GmbH, Germany)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-15] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2016-08-02] ()
R3 PdiPorts; C:\Windows\System32\drivers\PdiPorts.sys [19248 2006-11-16] (Portrait Displays, Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 yukonw8; C:\Windows\System32\drivers\yk63x64.sys [295216 2015-07-10] (Marvell)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-15 19:20 - 2016-09-15 19:20 - 00013620 _____ C:\Users\dgm\Desktop\FRST.txt
2016-09-15 19:18 - 2016-09-15 19:20 - 00000000 ____D C:\FRST
2016-09-15 19:18 - 2016-09-15 19:16 - 02398720 _____ (Farbar) C:\Users\dgm\Desktop\FRST64.exe
2016-09-15 19:12 - 2016-09-15 19:12 - 00112640 _____ (forum.viry.cz) C:\Users\dgm\Desktop\FRSTLauncher.exe
2016-09-15 18:28 - 2016-09-15 18:29 - 00062496 _____ C:\Users\dgm\Documents\cc_20160915_182854.reg
2016-09-15 18:25 - 2016-09-15 18:25 - 00016148 _____ C:\Windows\system32\DESKTOP-7FRIM92_dgm_HistoryPrediction.bin
2016-09-15 14:00 - 2016-09-15 13:57 - 03861056 _____ C:\Users\dgm\Desktop\adwcleaner_6.020(1).exe
2016-09-15 13:59 - 2016-09-15 14:06 - 00000000 ____D C:\AdwCleaner
2016-09-14 19:59 - 2016-09-14 19:59 - 00000000 ____D C:\Users\dgm\AppData\Roaming\Notepad++
2016-09-14 19:35 - 2016-09-14 19:35 - 00000242 _____ C:\Users\dgm\Desktop\VIRY.CZ • Zobrazit téma - Prosím o kontrolu logu (zpouštění nežádoucích str. v prohlíž.URL
2016-09-14 19:29 - 2016-09-14 19:29 - 00032890 _____ C:\Users\dgm\Desktop\dds.txt
2016-09-14 19:29 - 2016-09-14 19:29 - 00006248 _____ C:\Users\dgm\Desktop\attach.txt
2016-09-14 19:28 - 2016-09-14 19:28 - 00688992 ____R (Swearware) C:\Users\dgm\Desktop\dds.exe
2016-09-14 18:47 - 2016-09-15 19:08 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-14 18:47 - 2016-09-14 18:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-14 18:47 - 2016-09-14 18:47 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-14 18:47 - 2016-09-14 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-14 18:47 - 2016-09-14 18:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-14 18:47 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-09-14 18:47 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-14 18:47 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-09-14 18:45 - 2016-09-14 18:46 - 00000000 ____D C:\Program Files\CCleaner
2016-09-14 18:45 - 2016-09-14 18:45 - 00002866 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-09-14 18:45 - 2016-09-14 18:45 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-14 18:45 - 2016-09-14 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-14 18:43 - 2016-09-14 18:43 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-14 18:43 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-09-14 18:38 - 2016-09-14 19:58 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-09-14 18:38 - 2016-09-14 18:43 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-09-14 18:38 - 2016-09-14 18:38 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-09-14 18:38 - 2016-09-14 18:38 - 00001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-09-14 18:38 - 2016-09-14 18:38 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-09-14 18:38 - 2016-09-14 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-09-14 18:38 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-09-14 18:25 - 2016-09-14 18:25 - 00000000 ____D C:\Users\dgm\Desktop\Původní data aplikace Firefox
2016-09-14 17:56 - 2016-09-14 17:56 - 00000270 __RSH C:\Users\dgm\ntuser.pol
2016-09-14 17:54 - 2016-09-14 17:54 - 00001806 __RSH C:\ProgramData\ntuser.pol
2016-09-14 17:54 - 2016-09-14 17:54 - 00001212 _____ C:\Users\dgm\Desktop\notepad++.lnk
2016-09-14 17:54 - 2016-09-14 17:54 - 00000000 ____D C:\Users\dgm\AppData\Roaming\NotepadPlusPlusApp
2016-09-14 17:53 - 2016-09-14 17:53 - 00002128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2016-09-13 15:22 - 2016-09-13 15:22 - 00000000 ____D C:\Program Files\CMAK
2016-09-13 15:22 - 2016-09-13 15:22 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-09-13 15:19 - 2016-09-13 15:19 - 00001009 _____ C:\Users\dgm\Desktop\greenland_2016_work_2 – zástupce.lnk
2016-09-08 19:43 - 2016-09-08 19:43 - 00000000 ____D C:\Users\dgm\AppData\LocalLow\Temp
2016-09-08 18:37 - 2016-09-12 18:49 - 00000000 ____D C:\Users\dgm\AppData\Local\GlobalMapper
2016-09-08 18:36 - 2016-09-14 17:37 - 00000000 ____D C:\Users\dgm\AppData\Local\IIIQF
2016-09-08 06:19 - 2016-09-08 06:19 - 00003334 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task
2016-09-08 06:18 - 2016-09-08 06:18 - 00000000 ____D C:\Users\dgm\AppData\Roaming\Skype
2016-09-07 20:11 - 2016-09-07 20:11 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-09-07 20:11 - 2016-09-07 20:11 - 00000000 ____D C:\Users\dgm\AppData\LocalLow\Google
2016-09-07 20:11 - 2016-09-07 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-09-07 18:56 - 2016-09-07 18:56 - 00002523 _____ C:\Users\Public\Desktop\Evernote.lnk
2016-09-07 18:56 - 2016-09-07 18:56 - 00000000 ____D C:\Users\dgm\Evernote
2016-09-07 18:56 - 2016-09-07 18:56 - 00000000 ____D C:\Users\dgm\AppData\LocalLow\Evernote
2016-09-07 18:56 - 2016-09-07 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-09-07 18:56 - 2016-09-07 18:56 - 00000000 ____D C:\Program Files (x86)\Evernote
2016-09-07 18:25 - 2016-09-07 18:27 - 00000000 ____D C:\ProgramData\Oracle
2016-09-07 18:25 - 2016-09-07 18:25 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-09-07 18:25 - 2016-09-07 18:25 - 00000000 ____D C:\Users\dgm\AppData\Roaming\Sun
2016-09-07 18:25 - 2016-09-07 18:25 - 00000000 ____D C:\Users\dgm\.oracle_jre_usage
2016-09-07 18:25 - 2016-09-07 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-05 17:44 - 2016-09-13 15:24 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-09-05 15:37 - 2016-09-05 15:37 - 00001090 _____ C:\Users\Public\Desktop\GPSBabel.lnk
2016-09-05 15:37 - 2016-09-05 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPSBabel
2016-09-05 15:37 - 2016-09-05 15:37 - 00000000 ____D C:\Program Files (x86)\GPSBabel
2016-09-01 19:48 - 2016-09-01 19:48 - 00001166 _____ C:\Users\dgm\Desktop\GPS Track Editor.lnk
2016-09-01 19:48 - 2016-09-01 19:48 - 00000000 ____D C:\Users\dgm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GPS Track Editor
2016-09-01 19:48 - 2016-09-01 19:48 - 00000000 ____D C:\Program Files (x86)\GPS Track Editor
2016-08-31 20:35 - 2016-08-31 20:35 - 00000000 ____D C:\Users\dgm\AppData\Roaming\Mobile Atlas Creator
2016-08-16 16:16 - 2016-08-16 16:16 - 00001650 _____ C:\Users\dgm\Desktop\BaseCamp.lnk
2016-08-16 15:59 - 2016-08-16 15:59 - 00000000 ____D C:\ProgramData\GARMIN
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-15 19:20 - 2016-08-02 18:07 - 00000000 ____D C:\Users\dgm\AppData\Roaming\uTorrent
2016-09-15 19:15 - 2016-08-09 19:25 - 00000000 ____D C:\Users\dgm\Desktop\Nová složka
2016-09-15 18:40 - 2016-08-04 20:07 - 00000000 ____D C:\Users\dgm\AppData\Roaming\MPC-HC
2016-09-15 18:39 - 2016-08-08 19:28 - 00000992 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-15 18:28 - 2016-08-02 17:45 - 00000000 ____D C:\Windows\Panther
2016-09-15 18:28 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF
2016-09-15 18:22 - 2016-08-02 17:01 - 01762290 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-15 18:22 - 2015-07-10 18:02 - 00745406 _____ C:\Windows\system32\perfh005.dat
2016-09-15 18:22 - 2015-07-10 18:02 - 00149344 _____ C:\Windows\system32\perfc005.dat
2016-09-15 18:19 - 2016-08-02 17:00 - 00003808 _____ C:\Windows\System32\Tasks\AutoKMS
2016-09-15 18:16 - 2016-08-08 19:28 - 00000988 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-15 18:15 - 2016-08-02 17:02 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-15 18:15 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-15 18:14 - 2015-07-10 11:05 - 00131072 ___SH C:\Windows\system32\config\BBI
2016-09-15 17:51 - 2016-08-03 18:16 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-15 14:31 - 2016-08-02 17:46 - 00000000 ____D C:\Windows\system32\MRT
2016-09-15 14:31 - 2015-07-10 18:05 - 00000000 ____D C:\Windows\ShellNew
2016-09-15 14:31 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp
2016-09-15 14:28 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\rescache
2016-09-15 14:27 - 2016-08-03 17:19 - 00005258 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-7FRIM92-dgm DESKTOP-7FRIM92
2016-09-15 14:27 - 2016-08-02 17:45 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-15 13:48 - 2016-08-02 19:53 - 00000000 ____D C:\Users\dgm\AppData\Local\Adobe
2016-09-14 19:00 - 2015-07-10 18:03 - 00000000 ____D C:\Windows\SKB
2016-09-14 18:52 - 2016-08-02 16:55 - 00000000 ____D C:\Users\dgm
2016-09-14 18:09 - 2016-08-15 18:29 - 00000000 ____D C:\Users\dgm\AppData\Roaming\Garmin
2016-09-14 17:54 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-09-14 17:13 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\AppReadiness
2016-09-13 15:24 - 2016-08-02 19:58 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-13 15:24 - 2016-08-02 17:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-13 15:22 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-09-13 15:22 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\DevicesFlow
2016-09-13 15:22 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-09-13 15:22 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\oobe
2016-09-13 15:22 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Defender
2016-09-13 15:22 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-13 15:17 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-08 06:19 - 2016-08-02 16:57 - 00002385 _____ C:\Users\dgm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-08 06:19 - 2016-08-02 16:57 - 00000000 ___RD C:\Users\dgm\OneDrive
2016-09-07 20:11 - 2016-08-08 19:28 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-07 18:26 - 2016-08-08 21:20 - 00000000 ____D C:\Program Files (x86)\Java
2016-09-07 18:25 - 2016-08-08 21:20 - 00269888 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2016-09-07 03:02 - 2015-07-10 13:06 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:02 - 2015-07-10 13:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-16 19:17 - 2016-08-15 18:30 - 00000000 ____D C:\Users\dgm\AppData\Local\Garmin
2016-08-16 18:20 - 2016-08-15 19:54 - 00000000 ____D C:\ProgramData\TEMP
2016-08-16 16:12 - 2016-08-02 16:55 - 00000000 ____D C:\Users\dgm\AppData\Local\VirtualStore
2016-08-16 16:00 - 2016-08-15 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-08-16 15:54 - 2016-08-14 13:38 - 00001080 _____ C:\Users\Public\Desktop\GMapTool.lnk
2016-08-16 15:54 - 2016-08-14 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMapTool
2016-08-16 15:54 - 2016-08-14 13:38 - 00000000 ____D C:\Program Files (x86)\GMapTool
==================== Files in the root of some directories =======
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-08 19:17
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:238.47 GB) (Free:193.82 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (D_Raid) (Fixed) (Total:1863.01 GB) (Free:155.51 GB) NTFS
Drive e: (E_Raid_1) (Fixed) (Total:698.63 GB) (Free:415.16 GB) NTFS
Drive f: (G_disk) (Fixed) (Total:698.64 GB) (Free:6.36 GB) NTFS
Drive g: (F_disk) (Fixed) (Total:298.09 GB) (Free:297.92 GB) NTFS
Drive h: (H_Raid) (Fixed) (Total:931.51 GB) (Free:228.66 GB) NTFS
Drive j: () (Removable) (Total:29.05 GB) (Free:11.42 GB) NTFS
Drive x: (X_swap) (Fixed) (Total:111.79 GB) (Free:94.2 GB) NTFS
Available physical RAM: 2298.18 MB
Total physical RAM: 4095.08 MB
Percentage of memory in use: 43%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D306D499)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 3373FD60)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 5D88F10B)
Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS)
Disk: 3 (Size: 698.6 GB) (Disk ID: 612E1E50)
Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS)
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9E899E89)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
Disk: 5 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: FEDFFEDF)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)
Disk: 6 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: ADB599DA)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
Disk: 7 (Size: 29.1 GB) (Disk ID: 00000000)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:5F64C164 [290]
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\dgm\Desktop" je 94 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-09-2016
Ran by dgm (administrator) on DESKTOP-7FRIM92 (15-09-2016 19:20:00)
Running from C:\Users\dgm\Desktop
Loaded Profiles: dgm (Available Profiles: dgm)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\ColorMunki\ColorMunkiDeviceService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(PoloPurple Horsea) C:\Users\dgm\AppData\Roaming\NotepadPlusPlusApp\nppApplication.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
() C:\Program Files (x86)\X-Rite\ColorMunki Photo\Tools\ColorMunki Photo Tray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\dgm\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794888 2016-08-02] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cobian Backup 11 interface] => C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2758356745-1180579949-2161618819-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2016-08-02] (BitTorrent, Inc.)
HKU\S-1-5-21-2758356745-1180579949-2161618819-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2758356745-1180579949-2161618819-1001\...\Run: [nppApplication] => C:\Users\dgm\AppData\Roaming\NotepadPlusPlusApp\nppApplication.exe [1068032 2016-08-19] (PoloPurple Horsea)
HKU\S-1-5-21-2758356745-1180579949-2161618819-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2758356745-1180579949-2161618819-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorMunki Gamma.lnk [2016-08-08]
ShortcutTarget: ColorMunki Gamma.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Photo\Gamma\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorMunkiPhotoTray.exe.lnk [2016-08-08]
ShortcutTarget: ColorMunkiPhotoTray.exe.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Photo\Tools\ColorMunki Photo Tray.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f11d856a-0791-4a99-93c8-8f2e48e5004a}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-08-11] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2758356745-1180579949-2161618819-1001 -> hxxp://google.com/
FireFox:
========
FF ProfilePath: C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314
FF Homepage: hxxps://www.google.cz/
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-08-25] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-08] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Extension: (Flash Block) - C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi [2016-09-14]
FF Extension: (Menu Wizard) - C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\extensions\s3menu@wizard.xpi [2016-09-14]
FF Extension: (Firefox Hotfix) - C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-14]
FF Extension: (Adblock Plus) - C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-09-14]
FF Extension: (web_clipper) - C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2016-09-14]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
R2 ColorMunkiService; C:\Program Files (x86)\X-Rite\Devices\Services\ColorMunki\ColorMunkiDeviceService.exe [147968 2009-10-21] (X-Rite Inc.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.18\bin\httpd.exe [29696 2015-12-09] (Apache Software Foundation) [File not signed]
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.11\bin\mysqld.exe [39622144 2016-02-02] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24856 2016-08-03] (Microsoft Corporation)
R2 xritedeviced; C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe [130048 2009-10-21] (X-Rite Inc.) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 colormunki; C:\Windows\System32\Drivers\colormunki_x64.sys [51600 2007-10-02] (Thesycon GmbH, Germany)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-15] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2016-08-02] ()
R3 PdiPorts; C:\Windows\System32\drivers\PdiPorts.sys [19248 2006-11-16] (Portrait Displays, Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 yukonw8; C:\Windows\System32\drivers\yk63x64.sys [295216 2015-07-10] (Marvell)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-15 19:20 - 2016-09-15 19:20 - 00013620 _____ C:\Users\dgm\Desktop\FRST.txt
2016-09-15 19:18 - 2016-09-15 19:20 - 00000000 ____D C:\FRST
2016-09-15 19:18 - 2016-09-15 19:16 - 02398720 _____ (Farbar) C:\Users\dgm\Desktop\FRST64.exe
2016-09-15 19:12 - 2016-09-15 19:12 - 00112640 _____ (forum.viry.cz) C:\Users\dgm\Desktop\FRSTLauncher.exe
2016-09-15 18:28 - 2016-09-15 18:29 - 00062496 _____ C:\Users\dgm\Documents\cc_20160915_182854.reg
2016-09-15 18:25 - 2016-09-15 18:25 - 00016148 _____ C:\Windows\system32\DESKTOP-7FRIM92_dgm_HistoryPrediction.bin
2016-09-15 14:00 - 2016-09-15 13:57 - 03861056 _____ C:\Users\dgm\Desktop\adwcleaner_6.020(1).exe
2016-09-15 13:59 - 2016-09-15 14:06 - 00000000 ____D C:\AdwCleaner
2016-09-14 19:59 - 2016-09-14 19:59 - 00000000 ____D C:\Users\dgm\AppData\Roaming\Notepad++
2016-09-14 19:35 - 2016-09-14 19:35 - 00000242 _____ C:\Users\dgm\Desktop\VIRY.CZ • Zobrazit téma - Prosím o kontrolu logu (zpouštění nežádoucích str. v prohlíž.URL
2016-09-14 19:29 - 2016-09-14 19:29 - 00032890 _____ C:\Users\dgm\Desktop\dds.txt
2016-09-14 19:29 - 2016-09-14 19:29 - 00006248 _____ C:\Users\dgm\Desktop\attach.txt
2016-09-14 19:28 - 2016-09-14 19:28 - 00688992 ____R (Swearware) C:\Users\dgm\Desktop\dds.exe
2016-09-14 18:47 - 2016-09-15 19:08 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-14 18:47 - 2016-09-14 18:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-14 18:47 - 2016-09-14 18:47 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-14 18:47 - 2016-09-14 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-14 18:47 - 2016-09-14 18:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-14 18:47 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-09-14 18:47 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-14 18:47 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-09-14 18:45 - 2016-09-14 18:46 - 00000000 ____D C:\Program Files\CCleaner
2016-09-14 18:45 - 2016-09-14 18:45 - 00002866 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-09-14 18:45 - 2016-09-14 18:45 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-14 18:45 - 2016-09-14 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-14 18:43 - 2016-09-14 18:43 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-14 18:43 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-09-14 18:38 - 2016-09-14 19:58 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-09-14 18:38 - 2016-09-14 18:43 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-09-14 18:38 - 2016-09-14 18:38 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-09-14 18:38 - 2016-09-14 18:38 - 00001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-09-14 18:38 - 2016-09-14 18:38 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-09-14 18:38 - 2016-09-14 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-09-14 18:38 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-09-14 18:25 - 2016-09-14 18:25 - 00000000 ____D C:\Users\dgm\Desktop\Původní data aplikace Firefox
2016-09-14 17:56 - 2016-09-14 17:56 - 00000270 __RSH C:\Users\dgm\ntuser.pol
2016-09-14 17:54 - 2016-09-14 17:54 - 00001806 __RSH C:\ProgramData\ntuser.pol
2016-09-14 17:54 - 2016-09-14 17:54 - 00001212 _____ C:\Users\dgm\Desktop\notepad++.lnk
2016-09-14 17:54 - 2016-09-14 17:54 - 00000000 ____D C:\Users\dgm\AppData\Roaming\NotepadPlusPlusApp
2016-09-14 17:53 - 2016-09-14 17:53 - 00002128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2016-09-13 15:22 - 2016-09-13 15:22 - 00000000 ____D C:\Program Files\CMAK
2016-09-13 15:22 - 2016-09-13 15:22 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-09-13 15:19 - 2016-09-13 15:19 - 00001009 _____ C:\Users\dgm\Desktop\greenland_2016_work_2 – zástupce.lnk
2016-09-08 19:43 - 2016-09-08 19:43 - 00000000 ____D C:\Users\dgm\AppData\LocalLow\Temp
2016-09-08 18:37 - 2016-09-12 18:49 - 00000000 ____D C:\Users\dgm\AppData\Local\GlobalMapper
2016-09-08 18:36 - 2016-09-14 17:37 - 00000000 ____D C:\Users\dgm\AppData\Local\IIIQF
2016-09-08 06:19 - 2016-09-08 06:19 - 00003334 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task
2016-09-08 06:18 - 2016-09-08 06:18 - 00000000 ____D C:\Users\dgm\AppData\Roaming\Skype
2016-09-07 20:11 - 2016-09-07 20:11 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-09-07 20:11 - 2016-09-07 20:11 - 00000000 ____D C:\Users\dgm\AppData\LocalLow\Google
2016-09-07 20:11 - 2016-09-07 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-09-07 18:56 - 2016-09-07 18:56 - 00002523 _____ C:\Users\Public\Desktop\Evernote.lnk
2016-09-07 18:56 - 2016-09-07 18:56 - 00000000 ____D C:\Users\dgm\Evernote
2016-09-07 18:56 - 2016-09-07 18:56 - 00000000 ____D C:\Users\dgm\AppData\LocalLow\Evernote
2016-09-07 18:56 - 2016-09-07 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-09-07 18:56 - 2016-09-07 18:56 - 00000000 ____D C:\Program Files (x86)\Evernote
2016-09-07 18:25 - 2016-09-07 18:27 - 00000000 ____D C:\ProgramData\Oracle
2016-09-07 18:25 - 2016-09-07 18:25 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-09-07 18:25 - 2016-09-07 18:25 - 00000000 ____D C:\Users\dgm\AppData\Roaming\Sun
2016-09-07 18:25 - 2016-09-07 18:25 - 00000000 ____D C:\Users\dgm\.oracle_jre_usage
2016-09-07 18:25 - 2016-09-07 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-05 17:44 - 2016-09-13 15:24 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-09-05 15:37 - 2016-09-05 15:37 - 00001090 _____ C:\Users\Public\Desktop\GPSBabel.lnk
2016-09-05 15:37 - 2016-09-05 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPSBabel
2016-09-05 15:37 - 2016-09-05 15:37 - 00000000 ____D C:\Program Files (x86)\GPSBabel
2016-09-01 19:48 - 2016-09-01 19:48 - 00001166 _____ C:\Users\dgm\Desktop\GPS Track Editor.lnk
2016-09-01 19:48 - 2016-09-01 19:48 - 00000000 ____D C:\Users\dgm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GPS Track Editor
2016-09-01 19:48 - 2016-09-01 19:48 - 00000000 ____D C:\Program Files (x86)\GPS Track Editor
2016-08-31 20:35 - 2016-08-31 20:35 - 00000000 ____D C:\Users\dgm\AppData\Roaming\Mobile Atlas Creator
2016-08-16 16:16 - 2016-08-16 16:16 - 00001650 _____ C:\Users\dgm\Desktop\BaseCamp.lnk
2016-08-16 15:59 - 2016-08-16 15:59 - 00000000 ____D C:\ProgramData\GARMIN
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-15 19:20 - 2016-08-02 18:07 - 00000000 ____D C:\Users\dgm\AppData\Roaming\uTorrent
2016-09-15 19:15 - 2016-08-09 19:25 - 00000000 ____D C:\Users\dgm\Desktop\Nová složka
2016-09-15 18:40 - 2016-08-04 20:07 - 00000000 ____D C:\Users\dgm\AppData\Roaming\MPC-HC
2016-09-15 18:39 - 2016-08-08 19:28 - 00000992 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-15 18:28 - 2016-08-02 17:45 - 00000000 ____D C:\Windows\Panther
2016-09-15 18:28 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF
2016-09-15 18:22 - 2016-08-02 17:01 - 01762290 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-15 18:22 - 2015-07-10 18:02 - 00745406 _____ C:\Windows\system32\perfh005.dat
2016-09-15 18:22 - 2015-07-10 18:02 - 00149344 _____ C:\Windows\system32\perfc005.dat
2016-09-15 18:19 - 2016-08-02 17:00 - 00003808 _____ C:\Windows\System32\Tasks\AutoKMS
2016-09-15 18:16 - 2016-08-08 19:28 - 00000988 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-15 18:15 - 2016-08-02 17:02 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-15 18:15 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-15 18:14 - 2015-07-10 11:05 - 00131072 ___SH C:\Windows\system32\config\BBI
2016-09-15 17:51 - 2016-08-03 18:16 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-15 14:31 - 2016-08-02 17:46 - 00000000 ____D C:\Windows\system32\MRT
2016-09-15 14:31 - 2015-07-10 18:05 - 00000000 ____D C:\Windows\ShellNew
2016-09-15 14:31 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp
2016-09-15 14:28 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\rescache
2016-09-15 14:27 - 2016-08-03 17:19 - 00005258 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-7FRIM92-dgm DESKTOP-7FRIM92
2016-09-15 14:27 - 2016-08-02 17:45 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-15 13:48 - 2016-08-02 19:53 - 00000000 ____D C:\Users\dgm\AppData\Local\Adobe
2016-09-14 19:00 - 2015-07-10 18:03 - 00000000 ____D C:\Windows\SKB
2016-09-14 18:52 - 2016-08-02 16:55 - 00000000 ____D C:\Users\dgm
2016-09-14 18:09 - 2016-08-15 18:29 - 00000000 ____D C:\Users\dgm\AppData\Roaming\Garmin
2016-09-14 17:54 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-09-14 17:13 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\AppReadiness
2016-09-13 15:24 - 2016-08-02 19:58 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-13 15:24 - 2016-08-02 17:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-13 15:22 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-09-13 15:22 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\DevicesFlow
2016-09-13 15:22 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-09-13 15:22 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\oobe
2016-09-13 15:22 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Defender
2016-09-13 15:22 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-13 15:17 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-08 06:19 - 2016-08-02 16:57 - 00002385 _____ C:\Users\dgm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-08 06:19 - 2016-08-02 16:57 - 00000000 ___RD C:\Users\dgm\OneDrive
2016-09-07 20:11 - 2016-08-08 19:28 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-07 18:26 - 2016-08-08 21:20 - 00000000 ____D C:\Program Files (x86)\Java
2016-09-07 18:25 - 2016-08-08 21:20 - 00269888 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2016-09-07 03:02 - 2015-07-10 13:06 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:02 - 2015-07-10 13:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-16 19:17 - 2016-08-15 18:30 - 00000000 ____D C:\Users\dgm\AppData\Local\Garmin
2016-08-16 18:20 - 2016-08-15 19:54 - 00000000 ____D C:\ProgramData\TEMP
2016-08-16 16:12 - 2016-08-02 16:55 - 00000000 ____D C:\Users\dgm\AppData\Local\VirtualStore
2016-08-16 16:00 - 2016-08-15 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-08-16 15:54 - 2016-08-14 13:38 - 00001080 _____ C:\Users\Public\Desktop\GMapTool.lnk
2016-08-16 15:54 - 2016-08-14 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMapTool
2016-08-16 15:54 - 2016-08-14 13:38 - 00000000 ____D C:\Program Files (x86)\GMapTool
==================== Files in the root of some directories =======
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-08 19:17
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:238.47 GB) (Free:193.82 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (D_Raid) (Fixed) (Total:1863.01 GB) (Free:155.51 GB) NTFS
Drive e: (E_Raid_1) (Fixed) (Total:698.63 GB) (Free:415.16 GB) NTFS
Drive f: (G_disk) (Fixed) (Total:698.64 GB) (Free:6.36 GB) NTFS
Drive g: (F_disk) (Fixed) (Total:298.09 GB) (Free:297.92 GB) NTFS
Drive h: (H_Raid) (Fixed) (Total:931.51 GB) (Free:228.66 GB) NTFS
Drive j: () (Removable) (Total:29.05 GB) (Free:11.42 GB) NTFS
Drive x: (X_swap) (Fixed) (Total:111.79 GB) (Free:94.2 GB) NTFS
Available physical RAM: 2298.18 MB
Total physical RAM: 4095.08 MB
Percentage of memory in use: 43%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D306D499)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 3373FD60)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 5D88F10B)
Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS)
Disk: 3 (Size: 698.6 GB) (Disk ID: 612E1E50)
Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS)
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9E899E89)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
Disk: 5 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: FEDFFEDF)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)
Disk: 6 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: ADB599DA)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
Disk: 7 (Size: 29.1 GB) (Disk ID: 00000000)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:5F64C164 [290]
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\dgm\Desktop" je 94 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119495
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu (zpouštění nežádoucích str. v pro
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\System32\Tasks\AutoKMS
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:5F64C164 [290]
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu (zpouštění nežádoucích str. v pro
Přikládám log:
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-09-2016
Ran by dgm (15-09-2016 20:30:50) Run:1
Running from C:\Users\dgm\Desktop
Loaded Profiles: dgm (Available Profiles: dgm)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\System32\Tasks\AutoKMS
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:5F64C164 [290]
End
*****************
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Tasks\AutoKMS => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows => ":nlsPreferences" ADS removed successfully.
C:\ProgramData\TEMP => ":5F64C164" ADS removed successfully.
==== End of Fixlog 20:30:50 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-09-2016
Ran by dgm (15-09-2016 20:30:50) Run:1
Running from C:\Users\dgm\Desktop
Loaded Profiles: dgm (Available Profiles: dgm)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\System32\Tasks\AutoKMS
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:5F64C164 [290]
End
*****************
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Tasks\AutoKMS => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows => ":nlsPreferences" ADS removed successfully.
C:\ProgramData\TEMP => ":5F64C164" ADS removed successfully.
==== End of Fixlog 20:30:50 ====
-
Rudy
- Site Admin
- Příspěvky: 119495
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu (zpouštění nežádoucích str. v pro
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu (zpouštění nežádoucích str. v pro
Dobrý den, bohužel ne, v příloze zasílám snímek z historie Firefoxu, kde jsou uvedeny pravidelně otevírané nežádoucí stránky.
Jako domovskou stránku mám nastavený google.com
Zatím děkuji.
Jako domovskou stránku mám nastavený google.com
Zatím děkuji.
- Přílohy
-
- Výstřižek.JPG (29.64 KiB) Zobrazeno 2892 x
-
Rudy
- Site Admin
- Příspěvky: 119495
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu (zpouštění nežádoucích str. v pro
Proveďte tyto skeny:
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu (zpouštění nežádoucích str. v pro
Přikládám skeny.
Zatím díky.
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by dgm on 19.09.2016 at 19:43:00,33.
Microsoft Windows 10 Pro 10.0.10240 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\dgm\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
19.09.2016 19:43:41 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\Nalpeiron deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\dgm\AppData\Local\NetworkTiles deleted successfully
C:\Users\dgm\AppData\Local\PeerDistRepub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2758356745-1180579949-2161618819-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.cz/");
user_pref("services.sync.prefs.sync.browser.search.selectedEngine", true);
Added to C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\PROGRA~2\My Program deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Adm deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\jetpack deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314
- <--Block site--> - %ProfilePath%\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
- Undetermined - %ProfilePath%\extensions\AdBlockerLavaSoftFF@lavasoft.com.xpi
- Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi
- Menu Wizard - %ProfilePath%\extensions\s3menu@wizard.xpi
- Flash Block - %ProfilePath%\extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- web_clipper - %ProfilePath%\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\dgm\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\dgm\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\dgm\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\dgm\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\dgm\AppData\Local\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\cache2 emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=42 folders=50 43894863 bytes)
==== Empty Temp Folders ======================
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\dgm\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 19.09.2016 at 20:01:12,20 ======================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Pro x64
Ran by dgm (Administrator) on 19.09.2016 at 20:19:21,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.09.2016 at 20:20:19,81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Zatím díky.
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by dgm on 19.09.2016 at 19:43:00,33.
Microsoft Windows 10 Pro 10.0.10240 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\dgm\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
19.09.2016 19:43:41 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\Nalpeiron deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\dgm\AppData\Local\NetworkTiles deleted successfully
C:\Users\dgm\AppData\Local\PeerDistRepub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2758356745-1180579949-2161618819-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.cz/");
user_pref("services.sync.prefs.sync.browser.search.selectedEngine", true);
Added to C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\PROGRA~2\My Program deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Adm deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\jetpack deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\dgm\AppData\Roaming\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314
- <--Block site--> - %ProfilePath%\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
- Undetermined - %ProfilePath%\extensions\AdBlockerLavaSoftFF@lavasoft.com.xpi
- Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi
- Menu Wizard - %ProfilePath%\extensions\s3menu@wizard.xpi
- Flash Block - %ProfilePath%\extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- web_clipper - %ProfilePath%\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\dgm\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\dgm\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\dgm\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\dgm\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\dgm\AppData\Local\Mozilla\Firefox\Profiles\dklcazrp.default-1473870339314\cache2 emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=42 folders=50 43894863 bytes)
==== Empty Temp Folders ======================
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\dgm\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 19.09.2016 at 20:01:12,20 ======================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Pro x64
Ran by dgm (Administrator) on 19.09.2016 at 20:19:21,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.09.2016 at 20:20:19,81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 119495
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu (zpouštění nežádoucích str. v pro
Jak to vypadá teď?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu (zpouštění nežádoucích str. v pro
Dobrý den, bohužel ty stejné stránky nabíhají po zapnutí Firefoxu, po restartu PC a zapnutí Firefox prakticky hned, pak v průbehu práce náhodně.
Jsou to ty stejné stránky jako jsem uvedl v příloze mého dřívějšho příspěvku.
Zdravím. M.
Jsou to ty stejné stránky jako jsem uvedl v příloze mého dřívějšho příspěvku.
Zdravím. M.
-
Rudy
- Site Admin
- Příspěvky: 119495
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu (zpouštění nežádoucích str. v pro
FF zazálohujte pomocí MozBackup: http://www.stahuj.centrum.cz/utility_a_ ... mozbackup/ . Pak FF odinstalujte vč. jeho profilu (podadresáře Mozilla v c:\users\dgm\appdata\local, c:\users\dgm\appdata\roaming, c:\users\dgm\data aplikací, c:\users\dgm\local settings a v c:\program data musí být smazány). Proveďte novou, čistou instalaci firefoxu a zpět ze zálohy nakopírujte pouze záložky a hesla.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu (zpouštění nežádoucích str. v pro
Dobrý den, bohužel bez úspěchu.
Odinstaloval jsem Firefox přes Win 10, odebrat programy.
Vymazal složku Mozily v Program Files.
Vymazal složku Mozily a Firefoxu v Datech aplikací.
Pročistil všecny možné cookies, historii, hesla atd. přes CCleaner.
Stáhnul novou instalačku Firefoxu.
Nainstaloval a neobnovoval zatím nic z původních preferencí, nechal jen čistou instalaci a opět ty známé stránky - viz příloha, snímek z historie Firefoxu.
Zdraví M.
Odinstaloval jsem Firefox přes Win 10, odebrat programy.
Vymazal složku Mozily v Program Files.
Vymazal složku Mozily a Firefoxu v Datech aplikací.
Pročistil všecny možné cookies, historii, hesla atd. přes CCleaner.
Stáhnul novou instalačku Firefoxu.
Nainstaloval a neobnovoval zatím nic z původních preferencí, nechal jen čistou instalaci a opět ty známé stránky - viz příloha, snímek z historie Firefoxu.
Zdraví M.
- Přílohy
-
- Výstřižek_2.JPG (18.5 KiB) Zobrazeno 2843 x
Přispějete na provoz fóra?