Faceboook - Virus

[predatorx21]

Dobrý den,potřebuji naléhavou pomoc,vždy si dávám pozor na co klikám na fcb ale teď sem omylem kliknul na klasický fcb virus... Děkuji za pomoc.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2016
Ran by Dominik (administrator) on DOMINIK-PC (05-10-2016 11:29:56)
Running from C:\Users\Dominik\Desktop
Loaded Profiles: Dominik (Available Profiles: Dominik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-10-23] (Power Software Ltd)
HKU\S-1-5-21-707951698-1732677806-592134114-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0AA83DC0-B66F-43FD-9DAD-56EA86565672}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-707951698-1732677806-592134114-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-707951698-1732677806-592134114-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-12] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-12] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: k63582xc.default
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\k63582xc.default [2016-10-04]
FF NewTab: Mozilla\Firefox\Profiles\k63582xc.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\k63582xc.default -> about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default [2016-10-05]
CHR Extension: (Prezentace Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-16]
CHR Extension: (Dokumenty Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-16]
CHR Extension: (Disk Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-16]
CHR Extension: (YouTube) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-16]
CHR Extension: (Tabulky Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-16]
CHR Extension: (AdBlock) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-16]
CHR Extension: (Gmail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-16]
CHR Extension: (Chrome Media Router) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-12] (Electronic Arts)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2016-08-12] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-04 17:39 - 2016-10-04 17:42 - 00001657 _____ C:\Users\Dominik\Desktop\Fixlog.txt
2016-10-04 17:30 - 2016-10-05 11:29 - 00000000 ____D C:\Users\Dominik\Desktop\FRST-OlderVersion
2016-10-02 01:08 - 2016-10-02 01:36 - 338615970 _____ C:\Users\Dominik\Downloads\Simpsonovi-27x22-Ve-vězení-dobře,doma-nejlíp.avi
2016-09-30 00:23 - 2016-09-30 00:23 - 765775722 _____ C:\Users\Dominik\Downloads\PutinModver7(26092016).7z
2016-09-29 12:45 - 2016-10-05 11:30 - 00013210 _____ C:\Users\Dominik\Desktop\FRST.txt
2016-09-29 12:35 - 2016-09-29 12:35 - 03861056 _____ C:\Users\Dominik\Downloads\adwcleaner_6.020 (2).exe
2016-09-29 12:00 - 2016-09-29 12:00 - 00020960 _____ C:\Users\Dominik\Downloads\[CzT]Tropicka_boure_Tropic_Thunder_2008_1080p_.torrent
2016-09-28 00:01 - 2016-09-28 00:01 - 00023961 _____ C:\Users\Dominik\Downloads\MNMH-vysledky.rar
2016-09-26 19:23 - 2016-09-29 18:58 - 00000000 ____D C:\Program Files (x86)\Far Cry 4
2016-09-26 19:23 - 2016-09-26 19:23 - 00000888 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 4.lnk
2016-09-26 19:23 - 2016-09-26 19:23 - 00000876 _____ C:\Users\Public\Desktop\Far Cry 4.lnk
2016-09-26 14:06 - 2016-09-26 19:20 - 00000000 ____D C:\Users\Dominik\Downloads\Far.Cry.4.Proper-RELOADED
2016-09-25 20:54 - 2016-09-27 07:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-22 18:05 - 2016-09-22 18:05 - 00390413 _____ C:\Users\Dominik\Downloads\MM_18_4-pravni_vyklad.pdf
2016-09-21 19:21 - 2016-09-21 19:21 - 03861056 _____ C:\Users\Dominik\Downloads\adwcleaner_6.020.exe
2016-09-21 19:21 - 2016-09-21 19:21 - 03861056 _____ C:\Users\Dominik\Downloads\adwcleaner_6.020 (1).exe
2016-09-21 18:29 - 2016-09-21 18:29 - 00015327 _____ C:\Users\Dominik\Desktop\LM.bat
2016-09-19 19:47 - 2016-09-19 19:47 - 00012350 _____ C:\Users\Dominik\Downloads\[CzT]Assassin_s_Creed_IV_Black_Flag_crack.torrent
2016-09-19 19:38 - 2016-09-19 19:38 - 00105288 _____ C:\Users\Dominik\Downloads\[CzT]Call_of_Duty_Advanced_Warfare_2014_.torrent
2016-09-18 22:24 - 2016-09-18 22:29 - 377939968 _____ C:\Users\Dominik\Downloads\Simpsonovi S26E12 Vynálezce, jenž spadl z nebe.XviD.AC3.CZ.avi
2016-09-16 22:31 - 2016-09-16 22:31 - 00000000 ____D C:\Users\Dominik\Downloads\Tropic Thunder
2016-09-10 17:21 - 2016-09-10 17:21 - 00000000 ____D C:\Users\Dominik\Documents\Assassin's Creed IV Black Flag
2016-09-07 22:44 - 2016-09-07 22:44 - 00024330 _____ C:\Users\Dominik\Downloads\AdvancedInterfaceOptions-1.0.5.zip
2016-09-05 17:06 - 2016-09-05 17:06 - 00001236 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2016-09-05 17:06 - 2016-09-05 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2016-09-05 17:03 - 2016-09-07 11:10 - 00000000 ____D C:\Program Files (x86)\World of Warcraft

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-05 11:29 - 2016-07-11 11:16 - 02405376 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2016-10-05 11:29 - 2015-10-26 18:34 - 00000000 ____D C:\FRST
2016-10-05 11:24 - 2016-04-25 15:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-05 11:23 - 2015-10-29 19:45 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-05 11:23 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-05 02:01 - 2015-09-18 18:24 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-04 23:14 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-04 23:13 - 2015-09-25 16:46 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-10-04 17:47 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-04 17:47 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-04 17:31 - 2016-08-25 21:54 - 00037295 _____ C:\Users\Dominik\Desktop\Addition.txt
2016-10-04 16:18 - 2015-09-21 17:27 - 00000000 ____D C:\AdwCleaner
2016-10-03 22:58 - 2016-08-25 21:53 - 00000000 ____D C:\FRST-OlderVersion
2016-10-03 21:23 - 2016-04-22 16:23 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 21:23 - 2016-04-22 16:23 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-03 12:35 - 2016-07-11 12:34 - 00003090 _____ C:\Users\Dominik\Desktop\Nový textový dokument (8).txt
2016-10-02 11:36 - 2016-08-31 14:08 - 00000000 ____D C:\Users\Dominik\AppData\Local\ElevatedDiagnostics
2016-09-30 23:00 - 2015-09-27 13:50 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-30 19:26 - 2015-11-12 18:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-09-30 16:36 - 2015-09-15 18:28 - 00000000 ____D C:\Nová složka
2016-09-28 10:12 - 2015-10-21 20:28 - 00007602 _____ C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2016-09-27 07:13 - 2015-09-27 22:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-27 00:08 - 2015-12-13 21:39 - 00000000 ____D C:\GOG Games
2016-09-27 00:06 - 2015-09-19 20:01 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\vlc
2016-09-26 23:25 - 2015-09-15 22:08 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype
2016-09-25 18:49 - 2015-10-12 19:19 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-09-25 18:49 - 2015-09-27 22:29 - 00000000 ____D C:\Users\Dominik\AppData\Local\PunkBuster
2016-09-25 18:48 - 2015-11-23 18:14 - 00000000 ____D C:\ProgramData\Orbit
2016-09-25 18:48 - 2015-09-20 11:51 - 00000000 ____D C:\Users\Dominik\Documents\My Games
2016-09-25 18:39 - 2015-09-25 17:42 - 00282512 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-09-25 18:32 - 2015-10-28 14:13 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-09-25 18:32 - 2015-09-15 16:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-24 20:30 - 2016-08-30 12:44 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-21 18:29 - 2016-08-25 21:52 - 00029696 _____ C:\Users\Dominik\AppData\Local\MSGBOX.EXE
2016-09-19 10:46 - 2016-08-03 21:25 - 00006548 _____ C:\Users\Dominik\Desktop\úklid.odt
2016-09-13 10:41 - 2016-07-04 17:43 - 00000000 ____D C:\Program Files (x86)\Hearts of Iron IV
2016-09-12 22:51 - 2015-12-13 22:19 - 00000000 ____D C:\Users\Dominik\Documents\The Witcher 3
2016-09-10 16:24 - 2016-08-04 20:40 - 00000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps
2016-09-10 00:06 - 2016-03-07 11:17 - 00000000 ____D C:\Users\Dominik\AppData\Local\Battle.net
2016-09-09 23:30 - 2016-03-07 11:17 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-09-09 19:28 - 2011-04-12 10:34 - 00668866 _____ C:\Windows\system32\perfh005.dat
2016-09-09 19:28 - 2011-04-12 10:34 - 00141526 _____ C:\Windows\system32\perfc005.dat
2016-09-09 19:28 - 2009-07-14 07:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-09 19:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf

==================== Files in the root of some directories =======

2016-09-04 22:01 - 2016-09-04 22:07 - 0000000 _____ () C:\Program Files (x86)\ToDownloadBase.db
2016-08-25 21:52 - 2016-09-21 18:29 - 0029696 _____ () C:\Users\Dominik\AppData\Local\MSGBOX.EXE
2016-02-23 18:32 - 2016-02-23 18:32 - 0000913 _____ () C:\Users\Dominik\AppData\Local\recently-used.xbel
2015-10-21 20:28 - 2016-09-28 10:12 - 0007602 _____ () C:\Users\Dominik\AppData\Local\Resmon.ResmonCfg
2016-08-11 19:14 - 2016-08-11 19:15 - 0101114 _____ () C:\ProgramData\1470935671.bdinstall.bin
2016-08-11 19:18 - 2016-08-11 19:18 - 0198197 _____ () C:\ProgramData\1470935869.bdinstall.bin

Some files in TEMP:
====================
C:\Users\Dominik\AppData\Local\Temp\libeay32.dll
C:\Users\Dominik\AppData\Local\Temp\msvcr120.dll
C:\Users\Dominik\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dominik\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Dominik\AppData\Local\Temp\nvStInst.exe
C:\Users\Dominik\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Dominik\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Dominik\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Dominik\AppData\Local\Temp\sqlite3.dll
C:\Users\Dominik\AppData\Local\Temp\ubi90F8.tmp.exe
C:\Users\Dominik\AppData\Local\Temp\ubi9CA5.tmp.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-25 17:07

==================== End of FRST.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utiltu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[predatorx21]

# AdwCleaner v6.020 - Logfile created 05/10/2016 at 18:47:15
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-10-03.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Dominik - DOMINIK-PC
# Running from : C:\Users\Dominik\Downloads\adwcleaner_6.020 (2).exe
# Mode: Clean
# Support : https://toolslib.net/forum



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****



***** [ Web browsers ] *****



*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3012 Bytes] - [21/09/2015 23:45:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [2461 Bytes] - [07/10/2015 20:05:11]
C:\AdwCleaner\AdwCleaner[C3].txt - [2192 Bytes] - [07/10/2015 21:33:17]
C:\AdwCleaner\AdwCleaner[C4].txt - [836 Bytes] - [27/10/2015 13:01:12]
C:\AdwCleaner\AdwCleaner[C5].txt - [2017 Bytes] - [26/08/2016 12:22:13]
C:\AdwCleaner\AdwCleaner[C6].txt - [1863 Bytes] - [28/08/2016 11:13:27]
C:\AdwCleaner\AdwCleaner[C7].txt - [2163 Bytes] - [21/09/2016 20:05:28]
C:\AdwCleaner\AdwCleaner[C8].txt - [2776 Bytes] - [04/10/2016 16:18:20]
C:\AdwCleaner\AdwCleaner[C9].txt - [1352 Bytes] - [05/10/2016 18:47:15]
C:\AdwCleaner\AdwCleaner[S10].txt - [2251 Bytes] - [15/09/2016 12:05:43]
C:\AdwCleaner\AdwCleaner[S11].txt - [2331 Bytes] - [21/09/2016 20:05:19]
C:\AdwCleaner\AdwCleaner[S12].txt - [2792 Bytes] - [29/09/2016 12:36:45]
C:\AdwCleaner\AdwCleaner[S13].txt - [2866 Bytes] - [04/10/2016 16:18:01]
C:\AdwCleaner\AdwCleaner[S14].txt - [2699 Bytes] - [05/10/2016 11:37:56]
C:\AdwCleaner\AdwCleaner[S15].txt - [2773 Bytes] - [05/10/2016 18:46:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [3544 Bytes] - [21/09/2015 17:27:35]
C:\AdwCleaner\AdwCleaner[S2].txt - [2895 Bytes] - [21/09/2015 23:44:45]
C:\AdwCleaner\AdwCleaner[S3].txt - [2293 Bytes] - [07/10/2015 21:32:51]
C:\AdwCleaner\AdwCleaner[S4].txt - [2126 Bytes] - [27/10/2015 13:00:03]
C:\AdwCleaner\AdwCleaner[S5].txt - [2040 Bytes] - [29/10/2015 20:10:48]
C:\AdwCleaner\AdwCleaner[S6].txt - [1463 Bytes] - [09/07/2016 10:41:51]
C:\AdwCleaner\AdwCleaner[S7].txt - [4587 Bytes] - [26/08/2016 12:15:25]
C:\AdwCleaner\AdwCleaner[S8].txt - [2030 Bytes] - [28/08/2016 11:13:07]
C:\AdwCleaner\AdwCleaner[S9].txt - [2176 Bytes] - [31/08/2016 18:12:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C9].txt - [2526 Bytes] ##########

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
C:\Users\Dominik\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[predatorx21]

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-10-2016
Ran by Dominik (05-10-2016 19:19:10) Run:9
Running from C:\Users\Dominik\Desktop
Loaded Profiles: Dominik (Available Profiles: Dominik)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\Users\Dominik\AppData\Local\Temp
End

*****************


"C:\Users\Dominik\AppData\Local\Temp" folder move:

Could not move "C:\Users\Dominik\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-10-2016 19:29:52)

"C:\Users\Dominik\AppData\Local\Temp" => Could not move

==== End of Fixlog 19:29:54 ====

[Rudy]

Smazáno, log již bude čistý. Na žádný virus jsem ale nenarazil.

[predatorx21]

Děkuji za pomoc,já raději ihned po tom co sem na ten odkaz kliknul napsal,jsem rád že je všechno v pořádku a děkuji za pomoc,přeji hezký zbytek večera

[Rudy]

Nemáte zač a hezký den!