Dobrý den,prosím o preventivní kontrolu logu,děkuji a přeji krásný den.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-09-2016
Ran by Dominik (administrator) on DOMINIK-PC (29-09-2016 12:45:58)
Running from C:\Users\Dominik\Desktop
Loaded Profiles: Dominik (Available Profiles: Dominik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-10-23] (Power Software Ltd)
HKU\S-1-5-21-707951698-1732677806-592134114-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-707951698-1732677806-592134114-1000\...\MountPoints2: I - I:\setup.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0AA83DC0-B66F-43FD-9DAD-56EA86565672}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-707951698-1732677806-592134114-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-707951698-1732677806-592134114-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-12] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-12] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\k63582xc.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default [2016-09-29]
CHR Extension: (Prezentace Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-16]
CHR Extension: (Dokumenty Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-16]
CHR Extension: (Disk Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-16]
CHR Extension: (YouTube) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-16]
CHR Extension: (Tabulky Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-16]
CHR Extension: (AdBlock) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-16]
CHR Extension: (Gmail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-16]
CHR Extension: (Chrome Media Router) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-04-02] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-09-25] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2016-08-12] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-29] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-29 12:45 - 2016-09-29 12:46 - 00013329 _____ C:\Users\Dominik\Desktop\FRST.txt
2016-09-29 12:35 - 2016-09-29 12:35 - 03861056 _____ C:\Users\Dominik\Downloads\adwcleaner_6.020 (2).exe
2016-09-29 12:00 - 2016-09-29 12:00 - 00020960 _____ C:\Users\Dominik\Downloads\[CzT]Tropicka_boure_Tropic_Thunder_2008_1080p_.torrent
2016-09-28 00:01 - 2016-09-28 00:01 - 00023961 _____ C:\Users\Dominik\Downloads\MNMH-vysledky.rar
2016-09-26 19:23 - 2016-09-26 19:36 - 00000000 ____D C:\Program Files (x86)\Far Cry 4
2016-09-26 19:23 - 2016-09-26 19:23 - 00000888 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 4.lnk
2016-09-26 19:23 - 2016-09-26 19:23 - 00000876 _____ C:\Users\Public\Desktop\Far Cry 4.lnk
2016-09-26 14:06 - 2016-09-26 19:20 - 00000000 ____D C:\Users\Dominik\Downloads\Far.Cry.4.Proper-RELOADED
2016-09-25 20:54 - 2016-09-27 07:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-22 18:05 - 2016-09-22 18:05 - 00390413 _____ C:\Users\Dominik\Downloads\MM_18_4-pravni_vyklad.pdf
2016-09-21 22:10 - 2016-09-21 22:12 - 00000709 _____ C:\Users\Dominik\Desktop\Fixlog.txt
2016-09-21 19:21 - 2016-09-21 19:21 - 03861056 _____ C:\Users\Dominik\Downloads\adwcleaner_6.020.exe
2016-09-21 19:21 - 2016-09-21 19:21 - 03861056 _____ C:\Users\Dominik\Downloads\adwcleaner_6.020 (1).exe
2016-09-21 18:29 - 2016-09-21 18:29 - 00015327 _____ C:\Users\Dominik\Desktop\LM.bat
2016-09-19 19:47 - 2016-09-19 19:47 - 00012350 _____ C:\Users\Dominik\Downloads\[CzT]Assassin_s_Creed_IV_Black_Flag_crack.torrent
2016-09-19 19:38 - 2016-09-19 19:38 - 00105288 _____ C:\Users\Dominik\Downloads\[CzT]Call_of_Duty_Advanced_Warfare_2014_.torrent
2016-09-18 22:24 - 2016-09-18 22:29 - 377939968 _____ C:\Users\Dominik\Downloads\Simpsonovi S26E12 Vynálezce, jenž spadl z nebe.XviD.AC3.CZ.avi
2016-09-16 22:31 - 2016-09-16 22:31 - 00000000 ____D C:\Users\Dominik\Downloads\Tropic Thunder
2016-09-10 17:21 - 2016-09-10 17:21 - 00000000 ____D C:\Users\Dominik\Documents\Assassin's Creed IV Black Flag
2016-09-07 22:44 - 2016-09-07 22:44 - 00024330 _____ C:\Users\Dominik\Downloads\AdvancedInterfaceOptions-1.0.5.zip
2016-09-05 17:06 - 2016-09-05 17:06 - 00001236 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2016-09-05 17:06 - 2016-09-05 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2016-09-05 17:03 - 2016-09-07 11:10 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-09-04 22:27 - 2016-09-04 22:44 - 156977193 _____ C:\Users\Dominik\Downloads\Firestorm - World of Warcraft 6.2.3 Full.zip
2016-09-04 22:25 - 2016-09-04 22:25 - 00072502 _____ C:\Users\Dominik\Downloads\FirestormWorldofWarcraft6.2.3Full.torrent
2016-09-04 22:13 - 2016-09-04 22:13 - 00060088 _____ C:\Users\Dominik\Downloads\CJIZD16CTK01_KLIC.pdf
2016-09-04 22:12 - 2016-09-04 22:12 - 00115537 _____ C:\Users\Dominik\Downloads\AJIZD16C0K01_KLIC.pdf
2016-09-04 22:10 - 2016-09-04 22:27 - 00000000 ____D C:\Program Files (x86)\FirestormLauncher
2016-09-04 22:10 - 2016-09-04 22:10 - 00001115 _____ C:\Users\Public\Desktop\Firestorm Launcher.lnk
2016-09-04 22:10 - 2016-09-04 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm Launcher
2016-09-04 22:01 - 2016-09-04 22:07 - 00000000 ____D C:\Program Files (x86)\Utils
2016-09-04 22:01 - 2016-09-04 22:07 - 00000000 _____ C:\Program Files (x86)\ToDownloadBase.db
2016-09-04 22:01 - 2016-09-04 22:01 - 00000000 ____D C:\Program Files (x86)\Interface
2016-09-04 21:58 - 2016-09-04 21:58 - 20923216 _____ (Firestorm ) C:\Users\Dominik\Downloads\FirestormLauncherSetup.exe
2016-09-02 17:59 - 2016-09-02 17:59 - 00027944 _____ C:\Users\Dominik\Downloads\M16PZTA_C_ZaznamovyArch_DT_CJ-DT.pdf
2016-09-02 13:27 - 2016-09-02 13:27 - 00192774 _____ C:\Users\Dominik\Downloads\CJL_podzim_2016_DT.pdf
2016-08-31 16:07 - 2016-08-31 16:07 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-31 16:07 - 2016-08-25 22:50 - 00133056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-08-31 16:07 - 2016-05-04 04:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-08-31 16:07 - 2016-05-04 04:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-08-31 16:07 - 2016-05-04 04:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-08-31 16:07 - 2016-05-04 04:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-08-31 16:05 - 2016-08-26 01:28 - 40070200 _____ C:\Windows\system32\nvcompiler.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 35182648 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 34801088 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 28207672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 14093368 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-08-31 16:05 - 2016-08-26 01:28 - 10865704 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 10737632 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 10278080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 09086856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 08875408 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 08680696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 03594808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 03160512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 01920960 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437270.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437270.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 01019960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00956352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00941504 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00892864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00686896 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00575984 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00520912 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00493608 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00437696 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00436088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00408784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00181488 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00159352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-08-31 16:05 - 2016-08-26 01:28 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-08-31 14:08 - 2016-08-31 14:08 - 00000000 ____D C:\Users\Dominik\AppData\Local\ElevatedDiagnostics
2016-08-30 13:11 - 2016-08-30 13:11 - 00000000 ____D C:\Users\Dominik\Documents\Battlefield 1 Open Beta
2016-08-30 12:59 - 2016-08-16 07:19 - 00223304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-08-30 12:59 - 2016-08-16 07:19 - 00054728 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-08-30 12:59 - 2016-08-11 16:31 - 01922616 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437254.dll
2016-08-30 12:59 - 2016-08-11 16:31 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437254.dll
2016-08-30 12:59 - 2016-08-11 16:31 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-08-30 12:59 - 2016-08-11 16:31 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2016-08-30 12:44 - 2016-09-24 20:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-30 12:44 - 2016-08-30 12:44 - 00001240 _____ C:\Users\Public\Desktop\Battlefield 1 Open Beta.lnk
2016-08-30 12:44 - 2016-08-30 12:44 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-29 12:45 - 2015-10-26 18:34 - 00000000 ____D C:\FRST
2016-09-29 12:44 - 2016-08-25 21:53 - 00000000 ____D C:\Users\Dominik\Desktop\FRST-OlderVersion
2016-09-29 12:44 - 2016-07-11 11:16 - 02404352 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2016-09-29 12:36 - 2015-09-21 17:27 - 00000000 ____D C:\AdwCleaner
2016-09-29 11:11 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-29 11:11 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-29 10:56 - 2016-04-25 15:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-29 10:55 - 2015-10-29 19:45 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-29 10:55 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-28 10:12 - 2015-10-21 20:28 - 00007602 _____ C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2016-09-27 07:13 - 2015-09-27 22:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-27 00:08 - 2015-12-13 21:39 - 00000000 ____D C:\GOG Games
2016-09-27 00:06 - 2015-09-19 20:01 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\vlc
2016-09-26 23:25 - 2015-09-15 22:08 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype
2016-09-26 19:38 - 2015-09-15 18:28 - 00000000 ____D C:\Nová složka
2016-09-26 01:18 - 2016-07-11 12:34 - 00002740 _____ C:\Users\Dominik\Desktop\Nový textový dokument (8).txt
2016-09-25 18:49 - 2015-10-12 19:19 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-09-25 18:49 - 2015-09-27 22:29 - 00000000 ____D C:\Users\Dominik\AppData\Local\PunkBuster
2016-09-25 18:49 - 2015-09-25 17:42 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-09-25 18:48 - 2015-11-23 18:14 - 00000000 ____D C:\ProgramData\Orbit
2016-09-25 18:48 - 2015-09-20 11:51 - 00000000 ____D C:\Users\Dominik\Documents\My Games
2016-09-25 18:39 - 2015-09-25 17:42 - 00282512 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-09-25 18:39 - 2015-09-25 17:42 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-09-25 18:39 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-25 18:32 - 2015-10-28 14:13 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-09-25 18:32 - 2015-09-15 16:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-21 18:29 - 2016-08-25 21:52 - 00029696 _____ C:\Users\Dominik\AppData\Local\MSGBOX.EXE
2016-09-19 10:46 - 2016-08-03 21:25 - 00006548 _____ C:\Users\Dominik\Desktop\úklid.odt
2016-09-18 21:55 - 2015-09-25 16:46 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-09-17 17:28 - 2016-04-22 16:23 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-17 17:28 - 2016-04-22 16:23 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-14 23:00 - 2015-09-27 13:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-13 10:41 - 2016-07-04 17:43 - 00000000 ____D C:\Program Files (x86)\Hearts of Iron IV
2016-09-12 22:51 - 2015-12-13 22:19 - 00000000 ____D C:\Users\Dominik\Documents\The Witcher 3
2016-09-10 17:21 - 2015-09-18 18:24 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-10 16:24 - 2016-08-04 20:40 - 00000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps
2016-09-10 00:06 - 2016-03-07 11:17 - 00000000 ____D C:\Users\Dominik\AppData\Local\Battle.net
2016-09-09 23:30 - 2016-03-07 11:17 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-09-09 19:28 - 2011-04-12 10:34 - 00668866 _____ C:\Windows\system32\perfh005.dat
2016-09-09 19:28 - 2011-04-12 10:34 - 00141526 _____ C:\Windows\system32\perfc005.dat
2016-09-09 19:28 - 2009-07-14 07:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-09 19:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-04 22:23 - 2016-06-24 20:23 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-09-03 16:40 - 2015-09-25 15:37 - 00000000 ____D C:\ProgramData\Origin
2016-09-03 16:37 - 2016-05-21 18:54 - 00000000 ____D C:\Program Files (x86)\World of Warcraft Beta
2016-08-31 16:07 - 2015-09-15 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-08-31 16:07 - 2015-09-15 16:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-30 18:28 - 2015-09-27 20:38 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-08-30 13:01 - 2015-09-15 16:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-30 13:01 - 2015-09-15 16:32 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-08-30 12:50 - 2015-09-15 18:03 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-08-30 00:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Files in the root of some directories =======
2016-09-04 22:01 - 2016-09-04 22:07 - 0000000 _____ () C:\Program Files (x86)\ToDownloadBase.db
2016-08-25 21:52 - 2016-09-21 18:29 - 0029696 _____ () C:\Users\Dominik\AppData\Local\MSGBOX.EXE
2016-02-23 18:32 - 2016-02-23 18:32 - 0000913 _____ () C:\Users\Dominik\AppData\Local\recently-used.xbel
2015-10-21 20:28 - 2016-09-28 10:12 - 0007602 _____ () C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2016-08-11 19:14 - 2016-08-11 19:15 - 0101114 _____ () C:\ProgramData\1470935671.bdinstall.bin
2016-08-11 19:18 - 2016-08-11 19:18 - 0198197 _____ () C:\ProgramData\1470935869.bdinstall.bin
Some files in TEMP:
====================
C:\Users\Dominik\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dominik\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Dominik\AppData\Local\Temp\nvStInst.exe
C:\Users\Dominik\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Dominik\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Dominik\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dominik\AppData\Local\Temp\ubi90F8.tmp.exe
C:\Users\Dominik\AppData\Local\Temp\ubi9CA5.tmp.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-25 17:07
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
predatorx21
- Návštěvník
- Příspěvky: 114
- Registrován: 03 čer 2015 13:49
Re: Preventivka
# AdwCleaner v6.020 - Logfile created 04/10/2016 at 16:18:20
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-10-03.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Dominik - DOMINIK-PC
# Running from : C:\Users\Dominik\Downloads\adwcleaner_6.020 (2).exe
# Mode: Clean
# Support : https://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [3012 Bytes] - [21/09/2015 23:45:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [2461 Bytes] - [07/10/2015 20:05:11]
C:\AdwCleaner\AdwCleaner[C3].txt - [2192 Bytes] - [07/10/2015 21:33:17]
C:\AdwCleaner\AdwCleaner[C4].txt - [836 Bytes] - [27/10/2015 13:01:12]
C:\AdwCleaner\AdwCleaner[C5].txt - [2017 Bytes] - [26/08/2016 12:22:13]
C:\AdwCleaner\AdwCleaner[C6].txt - [1863 Bytes] - [28/08/2016 11:13:27]
C:\AdwCleaner\AdwCleaner[C7].txt - [2163 Bytes] - [21/09/2016 20:05:28]
C:\AdwCleaner\AdwCleaner[C8].txt - [1663 Bytes] - [04/10/2016 16:18:20]
C:\AdwCleaner\AdwCleaner[S10].txt - [2251 Bytes] - [15/09/2016 12:05:43]
C:\AdwCleaner\AdwCleaner[S11].txt - [2331 Bytes] - [21/09/2016 20:05:19]
C:\AdwCleaner\AdwCleaner[S12].txt - [2792 Bytes] - [29/09/2016 12:36:45]
C:\AdwCleaner\AdwCleaner[S13].txt - [2866 Bytes] - [04/10/2016 16:18:01]
C:\AdwCleaner\AdwCleaner[S1].txt - [3544 Bytes] - [21/09/2015 17:27:35]
C:\AdwCleaner\AdwCleaner[S2].txt - [2895 Bytes] - [21/09/2015 23:44:45]
C:\AdwCleaner\AdwCleaner[S3].txt - [2293 Bytes] - [07/10/2015 21:32:51]
C:\AdwCleaner\AdwCleaner[S4].txt - [2126 Bytes] - [27/10/2015 13:00:03]
C:\AdwCleaner\AdwCleaner[S5].txt - [2040 Bytes] - [29/10/2015 20:10:48]
C:\AdwCleaner\AdwCleaner[S6].txt - [1463 Bytes] - [09/07/2016 10:41:51]
C:\AdwCleaner\AdwCleaner[S7].txt - [4587 Bytes] - [26/08/2016 12:15:25]
C:\AdwCleaner\AdwCleaner[S8].txt - [2030 Bytes] - [28/08/2016 11:13:07]
C:\AdwCleaner\AdwCleaner[S9].txt - [2176 Bytes] - [31/08/2016 18:12:51]
########## EOF - C:\AdwCleaner\AdwCleaner[C8].txt - [2689 Bytes] ##########
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-10-03.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Dominik - DOMINIK-PC
# Running from : C:\Users\Dominik\Downloads\adwcleaner_6.020 (2).exe
# Mode: Clean
# Support : https://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [3012 Bytes] - [21/09/2015 23:45:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [2461 Bytes] - [07/10/2015 20:05:11]
C:\AdwCleaner\AdwCleaner[C3].txt - [2192 Bytes] - [07/10/2015 21:33:17]
C:\AdwCleaner\AdwCleaner[C4].txt - [836 Bytes] - [27/10/2015 13:01:12]
C:\AdwCleaner\AdwCleaner[C5].txt - [2017 Bytes] - [26/08/2016 12:22:13]
C:\AdwCleaner\AdwCleaner[C6].txt - [1863 Bytes] - [28/08/2016 11:13:27]
C:\AdwCleaner\AdwCleaner[C7].txt - [2163 Bytes] - [21/09/2016 20:05:28]
C:\AdwCleaner\AdwCleaner[C8].txt - [1663 Bytes] - [04/10/2016 16:18:20]
C:\AdwCleaner\AdwCleaner[S10].txt - [2251 Bytes] - [15/09/2016 12:05:43]
C:\AdwCleaner\AdwCleaner[S11].txt - [2331 Bytes] - [21/09/2016 20:05:19]
C:\AdwCleaner\AdwCleaner[S12].txt - [2792 Bytes] - [29/09/2016 12:36:45]
C:\AdwCleaner\AdwCleaner[S13].txt - [2866 Bytes] - [04/10/2016 16:18:01]
C:\AdwCleaner\AdwCleaner[S1].txt - [3544 Bytes] - [21/09/2015 17:27:35]
C:\AdwCleaner\AdwCleaner[S2].txt - [2895 Bytes] - [21/09/2015 23:44:45]
C:\AdwCleaner\AdwCleaner[S3].txt - [2293 Bytes] - [07/10/2015 21:32:51]
C:\AdwCleaner\AdwCleaner[S4].txt - [2126 Bytes] - [27/10/2015 13:00:03]
C:\AdwCleaner\AdwCleaner[S5].txt - [2040 Bytes] - [29/10/2015 20:10:48]
C:\AdwCleaner\AdwCleaner[S6].txt - [1463 Bytes] - [09/07/2016 10:41:51]
C:\AdwCleaner\AdwCleaner[S7].txt - [4587 Bytes] - [26/08/2016 12:15:25]
C:\AdwCleaner\AdwCleaner[S8].txt - [2030 Bytes] - [28/08/2016 11:13:07]
C:\AdwCleaner\AdwCleaner[S9].txt - [2176 Bytes] - [31/08/2016 18:12:51]
########## EOF - C:\AdwCleaner\AdwCleaner[C8].txt - [2689 Bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
predatorx21
- Návštěvník
- Příspěvky: 114
- Registrován: 03 čer 2015 13:49
Re: Preventivka
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2016
Ran by Dominik (administrator) on DOMINIK-PC (04-10-2016 17:30:58)
Running from C:\Users\Dominik\Desktop
Loaded Profiles: Dominik (Available Profiles: Dominik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-10-23] (Power Software Ltd)
HKU\S-1-5-21-707951698-1732677806-592134114-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-707951698-1732677806-592134114-1000\...\MountPoints2: I - I:\setup.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0AA83DC0-B66F-43FD-9DAD-56EA86565672}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-707951698-1732677806-592134114-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-707951698-1732677806-592134114-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-12] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-12] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: k63582xc.default
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\k63582xc.default [2016-10-04]
FF NewTab: Mozilla\Firefox\Profiles\k63582xc.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\k63582xc.default -> about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default [2016-10-04]
CHR Extension: (Prezentace Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-16]
CHR Extension: (Dokumenty Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-16]
CHR Extension: (Disk Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-16]
CHR Extension: (YouTube) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-16]
CHR Extension: (Tabulky Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-16]
CHR Extension: (AdBlock) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-16]
CHR Extension: (Gmail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-16]
CHR Extension: (Chrome Media Router) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-04-02] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-09-25] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2016-08-12] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-04] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-04 17:30 - 2016-10-04 17:30 - 00000000 ____D C:\Users\Dominik\Desktop\FRST-OlderVersion
2016-10-02 01:08 - 2016-10-02 01:36 - 338615970 _____ C:\Users\Dominik\Downloads\Simpsonovi-27x22-Ve-vězení-dobře,doma-nejlíp.avi
2016-09-30 00:23 - 2016-09-30 00:23 - 765775722 _____ C:\Users\Dominik\Downloads\PutinModver7(26092016).7z
2016-09-29 12:45 - 2016-10-04 17:31 - 00013544 _____ C:\Users\Dominik\Desktop\FRST.txt
2016-09-29 12:35 - 2016-09-29 12:35 - 03861056 _____ C:\Users\Dominik\Downloads\adwcleaner_6.020 (2).exe
2016-09-29 12:00 - 2016-09-29 12:00 - 00020960 _____ C:\Users\Dominik\Downloads\[CzT]Tropicka_boure_Tropic_Thunder_2008_1080p_.torrent
2016-09-28 00:01 - 2016-09-28 00:01 - 00023961 _____ C:\Users\Dominik\Downloads\MNMH-vysledky.rar
2016-09-26 19:23 - 2016-09-29 18:58 - 00000000 ____D C:\Program Files (x86)\Far Cry 4
2016-09-26 19:23 - 2016-09-26 19:23 - 00000888 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 4.lnk
2016-09-26 19:23 - 2016-09-26 19:23 - 00000876 _____ C:\Users\Public\Desktop\Far Cry 4.lnk
2016-09-26 14:06 - 2016-09-26 19:20 - 00000000 ____D C:\Users\Dominik\Downloads\Far.Cry.4.Proper-RELOADED
2016-09-25 20:54 - 2016-09-27 07:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-22 18:05 - 2016-09-22 18:05 - 00390413 _____ C:\Users\Dominik\Downloads\MM_18_4-pravni_vyklad.pdf
2016-09-21 22:10 - 2016-09-21 22:12 - 00000709 _____ C:\Users\Dominik\Desktop\Fixlog.txt
2016-09-21 19:21 - 2016-09-21 19:21 - 03861056 _____ C:\Users\Dominik\Downloads\adwcleaner_6.020.exe
2016-09-21 19:21 - 2016-09-21 19:21 - 03861056 _____ C:\Users\Dominik\Downloads\adwcleaner_6.020 (1).exe
2016-09-21 18:29 - 2016-09-21 18:29 - 00015327 _____ C:\Users\Dominik\Desktop\LM.bat
2016-09-19 19:47 - 2016-09-19 19:47 - 00012350 _____ C:\Users\Dominik\Downloads\[CzT]Assassin_s_Creed_IV_Black_Flag_crack.torrent
2016-09-19 19:38 - 2016-09-19 19:38 - 00105288 _____ C:\Users\Dominik\Downloads\[CzT]Call_of_Duty_Advanced_Warfare_2014_.torrent
2016-09-18 22:24 - 2016-09-18 22:29 - 377939968 _____ C:\Users\Dominik\Downloads\Simpsonovi S26E12 Vynálezce, jenž spadl z nebe.XviD.AC3.CZ.avi
2016-09-16 22:31 - 2016-09-16 22:31 - 00000000 ____D C:\Users\Dominik\Downloads\Tropic Thunder
2016-09-10 17:21 - 2016-09-10 17:21 - 00000000 ____D C:\Users\Dominik\Documents\Assassin's Creed IV Black Flag
2016-09-07 22:44 - 2016-09-07 22:44 - 00024330 _____ C:\Users\Dominik\Downloads\AdvancedInterfaceOptions-1.0.5.zip
2016-09-05 17:06 - 2016-09-05 17:06 - 00001236 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2016-09-05 17:06 - 2016-09-05 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2016-09-05 17:03 - 2016-09-07 11:10 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-09-04 22:27 - 2016-09-04 22:44 - 156977193 _____ C:\Users\Dominik\Downloads\Firestorm - World of Warcraft 6.2.3 Full.zip
2016-09-04 22:25 - 2016-09-04 22:25 - 00072502 _____ C:\Users\Dominik\Downloads\FirestormWorldofWarcraft6.2.3Full.torrent
2016-09-04 22:13 - 2016-09-04 22:13 - 00060088 _____ C:\Users\Dominik\Downloads\CJIZD16CTK01_KLIC.pdf
2016-09-04 22:12 - 2016-09-04 22:12 - 00115537 _____ C:\Users\Dominik\Downloads\AJIZD16C0K01_KLIC.pdf
2016-09-04 22:10 - 2016-09-04 22:27 - 00000000 ____D C:\Program Files (x86)\FirestormLauncher
2016-09-04 22:10 - 2016-09-04 22:10 - 00001115 _____ C:\Users\Public\Desktop\Firestorm Launcher.lnk
2016-09-04 22:10 - 2016-09-04 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm Launcher
2016-09-04 22:01 - 2016-09-04 22:07 - 00000000 ____D C:\Program Files (x86)\Utils
2016-09-04 22:01 - 2016-09-04 22:07 - 00000000 _____ C:\Program Files (x86)\ToDownloadBase.db
2016-09-04 22:01 - 2016-09-04 22:01 - 00000000 ____D C:\Program Files (x86)\Interface
2016-09-04 21:58 - 2016-09-04 21:58 - 20923216 _____ (Firestorm ) C:\Users\Dominik\Downloads\FirestormLauncherSetup.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-04 17:30 - 2016-07-11 11:16 - 02404864 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2016-10-04 17:30 - 2015-10-26 18:34 - 00000000 ____D C:\FRST
2016-10-04 16:24 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-04 16:24 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-04 16:19 - 2016-04-25 15:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-04 16:19 - 2015-10-29 19:45 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-04 16:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-04 16:18 - 2015-09-21 17:27 - 00000000 ____D C:\AdwCleaner
2016-10-03 22:58 - 2016-08-25 21:53 - 00000000 ____D C:\FRST-OlderVersion
2016-10-03 21:23 - 2016-04-22 16:23 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 21:23 - 2016-04-22 16:23 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-03 12:35 - 2016-07-11 12:34 - 00003090 _____ C:\Users\Dominik\Desktop\Nový textový dokument (8).txt
2016-10-02 11:36 - 2016-08-31 14:08 - 00000000 ____D C:\Users\Dominik\AppData\Local\ElevatedDiagnostics
2016-09-30 23:00 - 2015-09-27 13:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-30 19:26 - 2015-11-12 18:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-09-30 16:36 - 2015-09-15 18:28 - 00000000 ____D C:\Nová složka
2016-09-29 12:46 - 2016-08-25 21:54 - 00038368 _____ C:\Users\Dominik\Desktop\Addition.txt
2016-09-28 10:12 - 2015-10-21 20:28 - 00007602 _____ C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2016-09-27 07:13 - 2015-09-27 22:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-27 00:08 - 2015-12-13 21:39 - 00000000 ____D C:\GOG Games
2016-09-27 00:06 - 2015-09-19 20:01 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\vlc
2016-09-26 23:25 - 2015-09-15 22:08 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype
2016-09-25 18:49 - 2015-10-12 19:19 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-09-25 18:49 - 2015-09-27 22:29 - 00000000 ____D C:\Users\Dominik\AppData\Local\PunkBuster
2016-09-25 18:49 - 2015-09-25 17:42 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-09-25 18:48 - 2015-11-23 18:14 - 00000000 ____D C:\ProgramData\Orbit
2016-09-25 18:48 - 2015-09-20 11:51 - 00000000 ____D C:\Users\Dominik\Documents\My Games
2016-09-25 18:39 - 2015-09-25 17:42 - 00282512 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-09-25 18:39 - 2015-09-25 17:42 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-09-25 18:39 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-25 18:32 - 2015-10-28 14:13 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-09-25 18:32 - 2015-09-15 16:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-24 20:30 - 2016-08-30 12:44 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-21 18:29 - 2016-08-25 21:52 - 00029696 _____ C:\Users\Dominik\AppData\Local\MSGBOX.EXE
2016-09-19 10:46 - 2016-08-03 21:25 - 00006548 _____ C:\Users\Dominik\Desktop\úklid.odt
2016-09-18 21:55 - 2015-09-25 16:46 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-09-13 10:41 - 2016-07-04 17:43 - 00000000 ____D C:\Program Files (x86)\Hearts of Iron IV
2016-09-12 22:51 - 2015-12-13 22:19 - 00000000 ____D C:\Users\Dominik\Documents\The Witcher 3
2016-09-10 17:21 - 2015-09-18 18:24 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-10 16:24 - 2016-08-04 20:40 - 00000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps
2016-09-10 00:06 - 2016-03-07 11:17 - 00000000 ____D C:\Users\Dominik\AppData\Local\Battle.net
2016-09-09 23:30 - 2016-03-07 11:17 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-09-09 19:28 - 2011-04-12 10:34 - 00668866 _____ C:\Windows\system32\perfh005.dat
2016-09-09 19:28 - 2011-04-12 10:34 - 00141526 _____ C:\Windows\system32\perfc005.dat
2016-09-09 19:28 - 2009-07-14 07:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-09 19:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-04 22:23 - 2016-06-24 20:23 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
==================== Files in the root of some directories =======
2016-09-04 22:01 - 2016-09-04 22:07 - 0000000 _____ () C:\Program Files (x86)\ToDownloadBase.db
2016-08-25 21:52 - 2016-09-21 18:29 - 0029696 _____ () C:\Users\Dominik\AppData\Local\MSGBOX.EXE
2016-02-23 18:32 - 2016-02-23 18:32 - 0000913 _____ () C:\Users\Dominik\AppData\Local\recently-used.xbel
2015-10-21 20:28 - 2016-09-28 10:12 - 0007602 _____ () C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2016-08-11 19:14 - 2016-08-11 19:15 - 0101114 _____ () C:\ProgramData\1470935671.bdinstall.bin
2016-08-11 19:18 - 2016-08-11 19:18 - 0198197 _____ () C:\ProgramData\1470935869.bdinstall.bin
Some files in TEMP:
====================
C:\Users\Dominik\AppData\Local\Temp\libeay32.dll
C:\Users\Dominik\AppData\Local\Temp\msvcr120.dll
C:\Users\Dominik\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dominik\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Dominik\AppData\Local\Temp\nvStInst.exe
C:\Users\Dominik\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Dominik\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Dominik\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dominik\AppData\Local\Temp\sqlite3.dll
C:\Users\Dominik\AppData\Local\Temp\ubi90F8.tmp.exe
C:\Users\Dominik\AppData\Local\Temp\ubi9CA5.tmp.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-25 17:07
==================== End of FRST.txt ============================
Ran by Dominik (administrator) on DOMINIK-PC (04-10-2016 17:30:58)
Running from C:\Users\Dominik\Desktop
Loaded Profiles: Dominik (Available Profiles: Dominik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-10-23] (Power Software Ltd)
HKU\S-1-5-21-707951698-1732677806-592134114-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-707951698-1732677806-592134114-1000\...\MountPoints2: I - I:\setup.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0AA83DC0-B66F-43FD-9DAD-56EA86565672}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-707951698-1732677806-592134114-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-707951698-1732677806-592134114-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-12] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-12] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: k63582xc.default
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\k63582xc.default [2016-10-04]
FF NewTab: Mozilla\Firefox\Profiles\k63582xc.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\k63582xc.default -> about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default [2016-10-04]
CHR Extension: (Prezentace Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-16]
CHR Extension: (Dokumenty Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-16]
CHR Extension: (Disk Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-16]
CHR Extension: (YouTube) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-16]
CHR Extension: (Tabulky Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-16]
CHR Extension: (AdBlock) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-16]
CHR Extension: (Gmail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-16]
CHR Extension: (Chrome Media Router) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-04-02] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-09-25] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2016-08-12] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-04] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-04 17:30 - 2016-10-04 17:30 - 00000000 ____D C:\Users\Dominik\Desktop\FRST-OlderVersion
2016-10-02 01:08 - 2016-10-02 01:36 - 338615970 _____ C:\Users\Dominik\Downloads\Simpsonovi-27x22-Ve-vězení-dobře,doma-nejlíp.avi
2016-09-30 00:23 - 2016-09-30 00:23 - 765775722 _____ C:\Users\Dominik\Downloads\PutinModver7(26092016).7z
2016-09-29 12:45 - 2016-10-04 17:31 - 00013544 _____ C:\Users\Dominik\Desktop\FRST.txt
2016-09-29 12:35 - 2016-09-29 12:35 - 03861056 _____ C:\Users\Dominik\Downloads\adwcleaner_6.020 (2).exe
2016-09-29 12:00 - 2016-09-29 12:00 - 00020960 _____ C:\Users\Dominik\Downloads\[CzT]Tropicka_boure_Tropic_Thunder_2008_1080p_.torrent
2016-09-28 00:01 - 2016-09-28 00:01 - 00023961 _____ C:\Users\Dominik\Downloads\MNMH-vysledky.rar
2016-09-26 19:23 - 2016-09-29 18:58 - 00000000 ____D C:\Program Files (x86)\Far Cry 4
2016-09-26 19:23 - 2016-09-26 19:23 - 00000888 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 4.lnk
2016-09-26 19:23 - 2016-09-26 19:23 - 00000876 _____ C:\Users\Public\Desktop\Far Cry 4.lnk
2016-09-26 14:06 - 2016-09-26 19:20 - 00000000 ____D C:\Users\Dominik\Downloads\Far.Cry.4.Proper-RELOADED
2016-09-25 20:54 - 2016-09-27 07:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-22 18:05 - 2016-09-22 18:05 - 00390413 _____ C:\Users\Dominik\Downloads\MM_18_4-pravni_vyklad.pdf
2016-09-21 22:10 - 2016-09-21 22:12 - 00000709 _____ C:\Users\Dominik\Desktop\Fixlog.txt
2016-09-21 19:21 - 2016-09-21 19:21 - 03861056 _____ C:\Users\Dominik\Downloads\adwcleaner_6.020.exe
2016-09-21 19:21 - 2016-09-21 19:21 - 03861056 _____ C:\Users\Dominik\Downloads\adwcleaner_6.020 (1).exe
2016-09-21 18:29 - 2016-09-21 18:29 - 00015327 _____ C:\Users\Dominik\Desktop\LM.bat
2016-09-19 19:47 - 2016-09-19 19:47 - 00012350 _____ C:\Users\Dominik\Downloads\[CzT]Assassin_s_Creed_IV_Black_Flag_crack.torrent
2016-09-19 19:38 - 2016-09-19 19:38 - 00105288 _____ C:\Users\Dominik\Downloads\[CzT]Call_of_Duty_Advanced_Warfare_2014_.torrent
2016-09-18 22:24 - 2016-09-18 22:29 - 377939968 _____ C:\Users\Dominik\Downloads\Simpsonovi S26E12 Vynálezce, jenž spadl z nebe.XviD.AC3.CZ.avi
2016-09-16 22:31 - 2016-09-16 22:31 - 00000000 ____D C:\Users\Dominik\Downloads\Tropic Thunder
2016-09-10 17:21 - 2016-09-10 17:21 - 00000000 ____D C:\Users\Dominik\Documents\Assassin's Creed IV Black Flag
2016-09-07 22:44 - 2016-09-07 22:44 - 00024330 _____ C:\Users\Dominik\Downloads\AdvancedInterfaceOptions-1.0.5.zip
2016-09-05 17:06 - 2016-09-05 17:06 - 00001236 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2016-09-05 17:06 - 2016-09-05 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2016-09-05 17:03 - 2016-09-07 11:10 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-09-04 22:27 - 2016-09-04 22:44 - 156977193 _____ C:\Users\Dominik\Downloads\Firestorm - World of Warcraft 6.2.3 Full.zip
2016-09-04 22:25 - 2016-09-04 22:25 - 00072502 _____ C:\Users\Dominik\Downloads\FirestormWorldofWarcraft6.2.3Full.torrent
2016-09-04 22:13 - 2016-09-04 22:13 - 00060088 _____ C:\Users\Dominik\Downloads\CJIZD16CTK01_KLIC.pdf
2016-09-04 22:12 - 2016-09-04 22:12 - 00115537 _____ C:\Users\Dominik\Downloads\AJIZD16C0K01_KLIC.pdf
2016-09-04 22:10 - 2016-09-04 22:27 - 00000000 ____D C:\Program Files (x86)\FirestormLauncher
2016-09-04 22:10 - 2016-09-04 22:10 - 00001115 _____ C:\Users\Public\Desktop\Firestorm Launcher.lnk
2016-09-04 22:10 - 2016-09-04 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm Launcher
2016-09-04 22:01 - 2016-09-04 22:07 - 00000000 ____D C:\Program Files (x86)\Utils
2016-09-04 22:01 - 2016-09-04 22:07 - 00000000 _____ C:\Program Files (x86)\ToDownloadBase.db
2016-09-04 22:01 - 2016-09-04 22:01 - 00000000 ____D C:\Program Files (x86)\Interface
2016-09-04 21:58 - 2016-09-04 21:58 - 20923216 _____ (Firestorm ) C:\Users\Dominik\Downloads\FirestormLauncherSetup.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-04 17:30 - 2016-07-11 11:16 - 02404864 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2016-10-04 17:30 - 2015-10-26 18:34 - 00000000 ____D C:\FRST
2016-10-04 16:24 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-04 16:24 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-04 16:19 - 2016-04-25 15:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-04 16:19 - 2015-10-29 19:45 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-04 16:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-04 16:18 - 2015-09-21 17:27 - 00000000 ____D C:\AdwCleaner
2016-10-03 22:58 - 2016-08-25 21:53 - 00000000 ____D C:\FRST-OlderVersion
2016-10-03 21:23 - 2016-04-22 16:23 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 21:23 - 2016-04-22 16:23 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-03 12:35 - 2016-07-11 12:34 - 00003090 _____ C:\Users\Dominik\Desktop\Nový textový dokument (8).txt
2016-10-02 11:36 - 2016-08-31 14:08 - 00000000 ____D C:\Users\Dominik\AppData\Local\ElevatedDiagnostics
2016-09-30 23:00 - 2015-09-27 13:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-30 19:26 - 2015-11-12 18:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-09-30 16:36 - 2015-09-15 18:28 - 00000000 ____D C:\Nová složka
2016-09-29 12:46 - 2016-08-25 21:54 - 00038368 _____ C:\Users\Dominik\Desktop\Addition.txt
2016-09-28 10:12 - 2015-10-21 20:28 - 00007602 _____ C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2016-09-27 07:13 - 2015-09-27 22:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-27 00:08 - 2015-12-13 21:39 - 00000000 ____D C:\GOG Games
2016-09-27 00:06 - 2015-09-19 20:01 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\vlc
2016-09-26 23:25 - 2015-09-15 22:08 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype
2016-09-25 18:49 - 2015-10-12 19:19 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-09-25 18:49 - 2015-09-27 22:29 - 00000000 ____D C:\Users\Dominik\AppData\Local\PunkBuster
2016-09-25 18:49 - 2015-09-25 17:42 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-09-25 18:48 - 2015-11-23 18:14 - 00000000 ____D C:\ProgramData\Orbit
2016-09-25 18:48 - 2015-09-20 11:51 - 00000000 ____D C:\Users\Dominik\Documents\My Games
2016-09-25 18:39 - 2015-09-25 17:42 - 00282512 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-09-25 18:39 - 2015-09-25 17:42 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-09-25 18:39 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-25 18:32 - 2015-10-28 14:13 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-09-25 18:32 - 2015-09-15 16:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-24 20:30 - 2016-08-30 12:44 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-21 18:29 - 2016-08-25 21:52 - 00029696 _____ C:\Users\Dominik\AppData\Local\MSGBOX.EXE
2016-09-19 10:46 - 2016-08-03 21:25 - 00006548 _____ C:\Users\Dominik\Desktop\úklid.odt
2016-09-18 21:55 - 2015-09-25 16:46 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-09-13 10:41 - 2016-07-04 17:43 - 00000000 ____D C:\Program Files (x86)\Hearts of Iron IV
2016-09-12 22:51 - 2015-12-13 22:19 - 00000000 ____D C:\Users\Dominik\Documents\The Witcher 3
2016-09-10 17:21 - 2015-09-18 18:24 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-10 16:24 - 2016-08-04 20:40 - 00000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps
2016-09-10 00:06 - 2016-03-07 11:17 - 00000000 ____D C:\Users\Dominik\AppData\Local\Battle.net
2016-09-09 23:30 - 2016-03-07 11:17 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-09-09 19:28 - 2011-04-12 10:34 - 00668866 _____ C:\Windows\system32\perfh005.dat
2016-09-09 19:28 - 2011-04-12 10:34 - 00141526 _____ C:\Windows\system32\perfc005.dat
2016-09-09 19:28 - 2009-07-14 07:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-09 19:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-04 22:23 - 2016-06-24 20:23 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
==================== Files in the root of some directories =======
2016-09-04 22:01 - 2016-09-04 22:07 - 0000000 _____ () C:\Program Files (x86)\ToDownloadBase.db
2016-08-25 21:52 - 2016-09-21 18:29 - 0029696 _____ () C:\Users\Dominik\AppData\Local\MSGBOX.EXE
2016-02-23 18:32 - 2016-02-23 18:32 - 0000913 _____ () C:\Users\Dominik\AppData\Local\recently-used.xbel
2015-10-21 20:28 - 2016-09-28 10:12 - 0007602 _____ () C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2016-08-11 19:14 - 2016-08-11 19:15 - 0101114 _____ () C:\ProgramData\1470935671.bdinstall.bin
2016-08-11 19:18 - 2016-08-11 19:18 - 0198197 _____ () C:\ProgramData\1470935869.bdinstall.bin
Some files in TEMP:
====================
C:\Users\Dominik\AppData\Local\Temp\libeay32.dll
C:\Users\Dominik\AppData\Local\Temp\msvcr120.dll
C:\Users\Dominik\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dominik\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Dominik\AppData\Local\Temp\nvStInst.exe
C:\Users\Dominik\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Dominik\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Dominik\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dominik\AppData\Local\Temp\sqlite3.dll
C:\Users\Dominik\AppData\Local\Temp\ubi90F8.tmp.exe
C:\Users\Dominik\AppData\Local\Temp\ubi9CA5.tmp.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-25 17:07
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-707951698-1732677806-592134114-1000\...\MountPoints2: I - I:\setup.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
C:\Users\Dominik\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
predatorx21
- Návštěvník
- Příspěvky: 114
- Registrován: 03 čer 2015 13:49
Re: Preventivka
Fix result of Farbar Recovery Scan Tool (x64) Version: 03-10-2016
Ran by Dominik (04-10-2016 17:39:05) Run:8
Running from C:\Users\Dominik\Desktop
Loaded Profiles: Dominik (Available Profiles: Dominik)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-707951698-1732677806-592134114-1000\...\MountPoints2: I - I:\setup.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
C:\Users\Dominik\AppData\Local\Temp
End
*****************
"HKU\S-1-5-21-707951698-1732677806-592134114-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"C:\Users\Dominik\AppData\Local\Temp" folder move:
Could not move "C:\Users\Dominik\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-10-2016 17:42:27)
"C:\Users\Dominik\AppData\Local\Temp" => Could not move
==== End of Fixlog 17:42:30 ====
Ran by Dominik (04-10-2016 17:39:05) Run:8
Running from C:\Users\Dominik\Desktop
Loaded Profiles: Dominik (Available Profiles: Dominik)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-707951698-1732677806-592134114-1000\...\MountPoints2: I - I:\setup.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
C:\Users\Dominik\AppData\Local\Temp
End
*****************
"HKU\S-1-5-21-707951698-1732677806-592134114-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"C:\Users\Dominik\AppData\Local\Temp" folder move:
Could not move "C:\Users\Dominik\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-10-2016 17:42:27)
"C:\Users\Dominik\AppData\Local\Temp" => Could not move
==== End of Fixlog 17:42:30 ====
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka
Smazáno. Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
predatorx21
- Návštěvník
- Příspěvky: 114
- Registrován: 03 čer 2015 13:49
Re: Preventivka
Děkuji za pomoc a přeji hezký zbytek večera 
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka
Přeji totéž a nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?