Pěkný den.
Nevím zda mám problém s virem. Dnes jsem normálně zapnul počítač a on se nepřipojil k wifině. To udělal až po třetím restartu. Před restartem počítače jsem kontroloval síť a stále mě hlásilo, že není wifi zapnutá. Když se mě podařílo se připojit, tak jsem udělal kontrolu Esetem. Vše v pořádku(?). Pak jsem se pro jistotu rozhodl vám poslat scen ke kontrole. Prosím o kontrolu a případnou radu. Děkuji kakuk
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-02-2017
Ran by Karel (administrator) on DESKTOP-EVMJ66C (26-02-2017 13:28:11)
Running from C:\Users\Karel\Desktop
Loaded Profiles: Karel (Available Profiles: Karel)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ABBYY (BIT Software)) C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
(Copyright (c) 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.15.2140.0_x64__8wekyb3d8bbwe\Solitaire.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
(ABBYY Software Ltd) C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenshotReader.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2016-12-01] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2016-12-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51984 2016-12-23] (Copyright (c) 2016 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKLM-x32\...\Run: [ABBYY Screenshot Reader Retail] => C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenShotReader.exe [959776 2008-12-09] (ABBYY Software Ltd)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [14870192 2017-01-19] (MyHeritage)
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [ABBYY Screenshot Reader Retail] => [X]
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27864 2014-12-23] ()
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [568904 2017-01-09] (ZONER software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{641f438d-d2a1-4c53-9df1-32a3fe6871ba}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default [2016-12-23]
CHR Extension: (Prezentace Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-05]
CHR Extension: (Dokumenty Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-05]
CHR Extension: (Disk Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-05]
CHR Extension: (YouTube) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-05]
CHR Extension: (Tabulky Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-05]
CHR Extension: (Gmail) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-05]
CHR Extension: (Chrome Media Router) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-05]
Opera:
=======
OPR StartupUrls: "chrome://startpage/bookmarks"
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.ScreenshotReader.9.0; C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe [759072 2008-10-27] (ABBYY (BIT Software))
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2017-02-24] (ESET)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2016-12-01] (ELAN Microelectronics Corp.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55056 2016-12-23] (Copyright (c) 2016 Plays.tv, LLC)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [315664 2016-12-01] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-12-03] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ALSysIO; C:\Users\Karel\AppData\Local\Temp\ALSysIO64.sys [25064 2016-12-24] (Arthur Liberman) <==== ATTENTION
R0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R3 DVB7700ALL; C:\WINDOWS\System32\Drivers\dvb7700all.sys [798760 2016-12-01] (DiBcom)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132272 2017-02-24] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106768 2017-02-24] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-10-13] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180544 2017-02-24] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [49672 2017-02-24] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77616 2017-02-24] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [96856 2017-02-24] (ESET)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ATK64AMD.sys [13680 2016-12-01] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-26 13:28 - 2017-02-26 13:28 - 00010748 _____ C:\Users\Karel\Desktop\FRST.txt
2017-02-26 13:28 - 2017-02-26 13:28 - 00000000 ____D C:\FRST
2017-02-26 13:26 - 2017-02-26 13:26 - 02423296 _____ (Farbar) C:\Users\Karel\Desktop\FRST64.exe
2017-02-26 13:23 - 2017-02-26 13:24 - 00029696 _____ C:\Users\Karel\AppData\Local\MSGBOX.EXE
2017-02-26 13:22 - 2017-02-26 13:22 - 00112640 _____ (forum.viry.cz) C:\Users\Karel\Desktop\FRSTLauncher.exe
2017-02-26 11:19 - 2017-02-26 11:19 - 00000000 ___HD C:\OneDriveTemp
2017-02-25 12:36 - 2017-02-25 12:36 - 00634533 _____ C:\Users\Karel\Desktop\vánoční přání.pdf
2017-02-18 13:42 - 2017-02-18 13:46 - 00000000 ___RD C:\Users\Karel\Desktop\zahrada práce
2017-02-13 15:59 - 2017-02-13 15:59 - 00000000 ____D C:\Users\Karel\Desktop\Nová složka
2017-02-13 15:59 - 2013-03-15 11:49 - 00000110 ____H C:\Users\Karel\Desktop\foto 00002.jpg.uid-zps
2017-02-12 17:54 - 2017-02-12 17:54 - 01033607 _____ C:\Users\Karel\Desktop\DzPFO_2016_Karel Kakuška.xlsx
2017-02-10 13:38 - 2017-02-10 13:38 - 01200744 _____ (Adobe Systems Incorporated) C:\Users\Karel\Downloads\flashplayer24pp_fa_install.exe
2017-02-10 09:52 - 2017-02-10 09:52 - 02864984 _____ (ZONER software ) C:\Users\Karel\Downloads\zpsx_cz_valentine.exe
2017-02-04 09:01 - 2017-02-04 09:01 - 00627216 _____ C:\Users\Karel\Downloads\recept-1223.pdf
2017-02-02 13:34 - 2017-02-13 12:27 - 00000000 ____D C:\Users\Karel\Documents\MyHeritage
2017-02-02 13:34 - 2017-02-02 13:34 - 00001194 _____ C:\Users\Karel\Desktop\MyHeritage Family Tree Builder.lnk
2017-02-02 13:34 - 2017-02-02 13:34 - 00000000 ____D C:\Users\Karel\AppData\Roaming\The Complete Genealogy Reporter - FTB
2017-02-02 13:34 - 2017-02-02 13:34 - 00000000 ____D C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2017-02-02 13:34 - 2012-08-02 08:56 - 00606208 _____ (Lorenzi Davide) C:\WINDOWS\SysWOW64\HexUniRTFBox.ocx
2017-02-02 13:34 - 2010-06-17 19:49 - 02029056 _____ (Bytescout) C:\WINDOWS\SysWOW64\PDFDocScout.DLL
2017-02-02 13:34 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unicows.dll
2017-02-02 13:34 - 2003-07-06 14:07 - 00372736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ijl15.dll
2017-02-02 13:34 - 2002-03-07 01:19 - 00454656 _____ () C:\WINDOWS\SysWOW64\PaintX.dll
2017-02-02 13:34 - 2000-05-22 17:58 - 00608448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2017-02-02 13:34 - 1998-06-24 01:00 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmapi32.ocx
2017-02-02 13:33 - 2017-02-02 14:42 - 00000000 ____D C:\Users\Karel\AppData\Roaming\MyHeritage
2017-02-02 13:33 - 2017-02-02 14:26 - 00000000 ____D C:\ProgramData\MyHeritage
2017-02-02 13:33 - 2017-02-02 13:34 - 00000000 ____D C:\Program Files (x86)\MyHeritage
2017-02-02 13:30 - 2017-02-02 13:30 - 47125648 _____ C:\Users\Karel\Downloads\family_tree_builder_8372.exe
2017-02-02 09:22 - 2017-02-02 09:22 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-02 09:22 - 2017-02-02 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-01-29 17:09 - 2017-01-29 17:11 - 00000000 ____D C:\Users\Karel\zoner_callisto
2017-01-29 17:06 - 2017-01-29 17:06 - 00000000 ____D C:\Users\Karel\Documents\dokumenty calisto
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-26 13:19 - 2016-12-01 13:39 - 00000000 ____D C:\Users\Karel\AppData\Roaming\Skype
2017-02-26 12:36 - 2016-12-03 18:46 - 00017920 _____ C:\WINDOWS\system32\rpcnetp.exe
2017-02-26 12:36 - 2016-12-03 18:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-26 11:23 - 2016-12-01 13:41 - 01726236 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-26 11:23 - 2016-07-16 23:25 - 00604600 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-26 11:23 - 2016-07-16 23:25 - 00131822 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-26 11:19 - 2016-12-03 18:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-26 11:19 - 2016-12-01 13:40 - 00073232 _____ (Absolute Software Corp.) C:\WINDOWS\SysWOW64\rpcnet.dll
2017-02-26 11:19 - 2016-12-01 13:39 - 00000000 ___RD C:\Users\Karel\OneDrive
2017-02-26 11:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-26 11:19 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-26 11:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-26 08:01 - 2016-12-03 18:48 - 00000000 ____D C:\Users\Karel
2017-02-26 07:13 - 2016-12-02 11:50 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-25 11:11 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-24 13:34 - 2016-12-03 07:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 13:33 - 2016-12-03 07:22 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-24 12:47 - 2016-12-03 18:52 - 00003970 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1480598633
2017-02-24 12:47 - 2016-12-01 14:23 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-02-24 12:47 - 2016-12-01 14:23 - 00000000 ____D C:\Program Files (x86)\Opera
2017-02-24 12:46 - 2016-10-13 15:39 - 00180544 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00132272 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00106768 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00096856 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00077616 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00049672 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2017-02-24 12:46 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-22 20:52 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 19:51 - 2016-12-01 13:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 12:57 - 2016-12-03 18:47 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-22 12:31 - 2016-12-01 13:37 - 00000000 ____D C:\Users\Karel\AppData\Local\Packages
2017-02-20 13:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-17 18:15 - 2016-12-02 10:10 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-02-17 18:15 - 2016-12-02 10:10 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-14 17:37 - 2016-12-02 10:22 - 00000000 ____D C:\Users\Karel\AppData\Roaming\vlc
2017-02-10 21:22 - 2017-01-14 20:42 - 00000000 ____D C:\Users\Karel\AppData\Roaming\dvdcss
2017-02-10 13:38 - 2016-12-03 18:52 - 00004094 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-02-10 13:38 - 2016-12-01 13:46 - 00000000 ____D C:\Users\Karel\AppData\Local\Adobe
2017-02-10 13:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-10 13:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-10 09:50 - 2016-12-01 15:13 - 00000000 ____D C:\ProgramData\Skype
2017-02-07 12:37 - 2016-12-05 12:04 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 12:37 - 2016-12-05 12:04 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 17:13 - 2016-12-06 21:21 - 00000000 ____D C:\Users\Karel\AppData\Local\CrashDumps
2017-02-02 09:22 - 2016-12-01 13:43 - 00000000 ____D C:\Program Files (x86)\Google
==================== Files in the root of some directories =======
2017-02-26 13:23 - 2017-02-26 13:24 - 0029696 _____ () C:\Users\Karel\AppData\Local\MSGBOX.EXE
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-25 08:59
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu (wifi)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Kontrola logu (wifi)
- Přílohy
-
- Addition.zip
- (8.22 KiB) Staženo 107 x
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu (wifi)
Zdravím!
Spíš to bude náhoda. nebo nějaká chyba. Pro jistotu zkontroluji. Spusťte tuto utilitu:
Spíš to bude náhoda. nebo nějaká chyba. Pro jistotu zkontroluji. Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu (wifi)
Zde je log:
# AdwCleaner v6.043 - Log vytvořen 26/02/2017 v 18:47:59
# Aktualizováno dne 27/01/2017 z Malwarebytes
# Databáze : 2017-02-24.1 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Karel - DESKTOP-EVMJ66C
# Spuštěno z : C:\Users\Karel\Desktop\adwcleaner_6.043.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.slunecnice.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\slunecnice.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.slunecnice.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\slunecnice.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.slunecnice.cz
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [3038 Bajty] - [26/02/2017 18:47:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [3455 Bajty] - [26/02/2017 18:46:54]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3184 Bajty] ##########
# AdwCleaner v6.043 - Log vytvořen 26/02/2017 v 18:47:59
# Aktualizováno dne 27/01/2017 z Malwarebytes
# Databáze : 2017-02-24.1 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : Karel - DESKTOP-EVMJ66C
# Spuštěno z : C:\Users\Karel\Desktop\adwcleaner_6.043.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.slunecnice.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\slunecnice.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.slunecnice.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\slunecnice.cz
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.slunecnice.cz
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [3038 Bajty] - [26/02/2017 18:47:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [3455 Bajty] - [26/02/2017 18:46:54]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3184 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu (wifi)
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu (wifi)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-02-2017
Ran by Karel (administrator) on DESKTOP-EVMJ66C (26-02-2017 19:45:16)
Running from C:\Users\Karel\Desktop
Loaded Profiles: Karel (Available Profiles: Karel)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ABBYY (BIT Software)) C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Copyright (c) 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.15.2140.0_x64__8wekyb3d8bbwe\Solitaire.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.693_none_42ff55c9655f38bf\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2016-12-01] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2016-12-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51984 2016-12-23] (Copyright (c) 2016 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKLM-x32\...\Run: [ABBYY Screenshot Reader Retail] => C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenShotReader.exe [959776 2008-12-09] (ABBYY Software Ltd)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [14870192 2017-01-19] (MyHeritage)
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [ABBYY Screenshot Reader Retail] => [X]
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27864 2014-12-23] ()
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [568904 2017-01-09] (ZONER software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{641f438d-d2a1-4c53-9df1-32a3fe6871ba}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default [2016-12-23]
CHR Extension: (Prezentace Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-05]
CHR Extension: (Dokumenty Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-05]
CHR Extension: (Disk Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-05]
CHR Extension: (YouTube) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-05]
CHR Extension: (Tabulky Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-05]
CHR Extension: (Gmail) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-05]
CHR Extension: (Chrome Media Router) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-05]
Opera:
=======
OPR StartupUrls: "chrome://startpage/bookmarks"
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.ScreenshotReader.9.0; C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe [759072 2008-10-27] (ABBYY (BIT Software))
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2017-02-24] (ESET)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2016-12-01] (ELAN Microelectronics Corp.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55056 2016-12-23] (Copyright (c) 2016 Plays.tv, LLC)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [315664 2016-12-01] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-12-03] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ALSysIO; C:\Users\Karel\AppData\Local\Temp\ALSysIO64.sys [25064 2016-12-24] (Arthur Liberman) <==== ATTENTION
R0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R3 DVB7700ALL; C:\WINDOWS\System32\Drivers\dvb7700all.sys [798760 2016-12-01] (DiBcom)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132272 2017-02-24] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106768 2017-02-24] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-10-13] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180544 2017-02-24] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [49672 2017-02-24] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77616 2017-02-24] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [96856 2017-02-24] (ESET)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ATK64AMD.sys [13680 2016-12-01] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-26 18:45 - 2017-02-26 18:47 - 00000000 ____D C:\AdwCleaner
2017-02-26 18:44 - 2017-02-26 18:44 - 04015056 _____ C:\Users\Karel\Desktop\adwcleaner_6.043.exe
2017-02-26 14:11 - 2017-02-26 14:12 - 00008420 _____ C:\Users\Karel\Desktop\Addition.zip
2017-02-26 13:28 - 2017-02-26 19:45 - 00010850 _____ C:\Users\Karel\Desktop\FRST.txt
2017-02-26 13:28 - 2017-02-26 19:45 - 00000000 ____D C:\FRST
2017-02-26 13:28 - 2017-02-26 13:29 - 00034801 _____ C:\Users\Karel\Desktop\Addition.txt
2017-02-26 13:26 - 2017-02-26 13:26 - 02423296 _____ (Farbar) C:\Users\Karel\Desktop\FRST64.exe
2017-02-26 13:23 - 2017-02-26 13:24 - 00029696 _____ C:\Users\Karel\AppData\Local\MSGBOX.EXE
2017-02-26 13:22 - 2017-02-26 13:22 - 00112640 _____ (forum.viry.cz) C:\Users\Karel\Desktop\FRSTLauncher.exe
2017-02-26 11:19 - 2017-02-26 11:19 - 00000000 ___HD C:\OneDriveTemp
2017-02-25 12:36 - 2017-02-25 12:36 - 00634533 _____ C:\Users\Karel\Desktop\vánoční přání.pdf
2017-02-18 13:42 - 2017-02-18 13:46 - 00000000 ___RD C:\Users\Karel\Desktop\zahrada práce
2017-02-13 15:59 - 2017-02-13 15:59 - 00000000 ____D C:\Users\Karel\Desktop\Nová složka
2017-02-13 15:59 - 2013-03-15 11:49 - 00000110 ____H C:\Users\Karel\Desktop\foto 00002.jpg.uid-zps
2017-02-12 17:54 - 2017-02-12 17:54 - 01033607 _____ C:\Users\Karel\Desktop\DzPFO_2016_Karel Kakuška.xlsx
2017-02-10 13:38 - 2017-02-10 13:38 - 01200744 _____ (Adobe Systems Incorporated) C:\Users\Karel\Downloads\flashplayer24pp_fa_install.exe
2017-02-10 09:52 - 2017-02-10 09:52 - 02864984 _____ (ZONER software ) C:\Users\Karel\Downloads\zpsx_cz_valentine.exe
2017-02-04 09:01 - 2017-02-04 09:01 - 00627216 _____ C:\Users\Karel\Downloads\recept-1223.pdf
2017-02-02 13:34 - 2017-02-13 12:27 - 00000000 ____D C:\Users\Karel\Documents\MyHeritage
2017-02-02 13:34 - 2017-02-02 13:34 - 00001194 _____ C:\Users\Karel\Desktop\MyHeritage Family Tree Builder.lnk
2017-02-02 13:34 - 2017-02-02 13:34 - 00000000 ____D C:\Users\Karel\AppData\Roaming\The Complete Genealogy Reporter - FTB
2017-02-02 13:34 - 2017-02-02 13:34 - 00000000 ____D C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2017-02-02 13:34 - 2012-08-02 08:56 - 00606208 _____ (Lorenzi Davide) C:\WINDOWS\SysWOW64\HexUniRTFBox.ocx
2017-02-02 13:34 - 2010-06-17 19:49 - 02029056 _____ (Bytescout) C:\WINDOWS\SysWOW64\PDFDocScout.DLL
2017-02-02 13:34 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unicows.dll
2017-02-02 13:34 - 2003-07-06 14:07 - 00372736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ijl15.dll
2017-02-02 13:34 - 2002-03-07 01:19 - 00454656 _____ () C:\WINDOWS\SysWOW64\PaintX.dll
2017-02-02 13:34 - 2000-05-22 17:58 - 00608448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2017-02-02 13:34 - 1998-06-24 01:00 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmapi32.ocx
2017-02-02 13:33 - 2017-02-02 14:42 - 00000000 ____D C:\Users\Karel\AppData\Roaming\MyHeritage
2017-02-02 13:33 - 2017-02-02 14:26 - 00000000 ____D C:\ProgramData\MyHeritage
2017-02-02 13:33 - 2017-02-02 13:34 - 00000000 ____D C:\Program Files (x86)\MyHeritage
2017-02-02 13:30 - 2017-02-02 13:30 - 47125648 _____ C:\Users\Karel\Downloads\family_tree_builder_8372.exe
2017-02-02 09:22 - 2017-02-02 09:22 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-02 09:22 - 2017-02-02 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-01-29 17:09 - 2017-01-29 17:11 - 00000000 ____D C:\Users\Karel\zoner_callisto
2017-01-29 17:06 - 2017-01-29 17:06 - 00000000 ____D C:\Users\Karel\Documents\dokumenty calisto
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-26 19:44 - 2016-12-03 18:46 - 00017920 _____ C:\WINDOWS\system32\rpcnetp.exe
2017-02-26 19:44 - 2016-12-03 18:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-26 19:44 - 2016-12-01 13:39 - 00000000 ____D C:\Users\Karel\AppData\Roaming\Skype
2017-02-26 18:53 - 2016-12-01 13:41 - 01754886 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-26 18:53 - 2016-07-16 23:25 - 00619398 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-26 18:53 - 2016-07-16 23:25 - 00136222 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-26 18:49 - 2016-12-03 18:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-26 18:49 - 2016-12-01 13:40 - 00073232 _____ (Absolute Software Corp.) C:\WINDOWS\SysWOW64\rpcnet.dll
2017-02-26 18:49 - 2016-12-01 13:39 - 00000000 ___RD C:\Users\Karel\OneDrive
2017-02-26 18:48 - 2016-12-03 18:48 - 00000000 ____D C:\Users\Karel
2017-02-26 18:48 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-26 16:55 - 2016-12-02 11:50 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-26 11:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-26 11:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-25 11:11 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-24 13:34 - 2016-12-03 07:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 13:33 - 2016-12-03 07:22 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-24 12:47 - 2016-12-03 18:52 - 00003970 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1480598633
2017-02-24 12:47 - 2016-12-01 14:23 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-02-24 12:47 - 2016-12-01 14:23 - 00000000 ____D C:\Program Files (x86)\Opera
2017-02-24 12:46 - 2016-10-13 15:39 - 00180544 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00132272 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00106768 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00096856 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00077616 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00049672 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2017-02-24 12:46 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-22 20:52 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 19:51 - 2016-12-01 13:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 12:57 - 2016-12-03 18:47 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-22 12:31 - 2016-12-01 13:37 - 00000000 ____D C:\Users\Karel\AppData\Local\Packages
2017-02-20 13:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-17 18:15 - 2016-12-02 10:10 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-02-17 18:15 - 2016-12-02 10:10 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-14 17:37 - 2016-12-02 10:22 - 00000000 ____D C:\Users\Karel\AppData\Roaming\vlc
2017-02-10 21:22 - 2017-01-14 20:42 - 00000000 ____D C:\Users\Karel\AppData\Roaming\dvdcss
2017-02-10 13:38 - 2016-12-03 18:52 - 00004094 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-02-10 13:38 - 2016-12-01 13:46 - 00000000 ____D C:\Users\Karel\AppData\Local\Adobe
2017-02-10 13:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-10 13:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-10 09:50 - 2016-12-01 15:13 - 00000000 ____D C:\ProgramData\Skype
2017-02-07 12:37 - 2016-12-05 12:04 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 12:37 - 2016-12-05 12:04 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 17:13 - 2016-12-06 21:21 - 00000000 ____D C:\Users\Karel\AppData\Local\CrashDumps
2017-02-02 09:22 - 2016-12-01 13:43 - 00000000 ____D C:\Program Files (x86)\Google
==================== Files in the root of some directories =======
2017-02-26 13:23 - 2017-02-26 13:24 - 0029696 _____ () C:\Users\Karel\AppData\Local\MSGBOX.EXE
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-25 08:59
==================== End of FRST.txt ============================
Ran by Karel (administrator) on DESKTOP-EVMJ66C (26-02-2017 19:45:16)
Running from C:\Users\Karel\Desktop
Loaded Profiles: Karel (Available Profiles: Karel)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ABBYY (BIT Software)) C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Copyright (c) 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.15.2140.0_x64__8wekyb3d8bbwe\Solitaire.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.693_none_42ff55c9655f38bf\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2016-12-01] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2016-12-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51984 2016-12-23] (Copyright (c) 2016 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKLM-x32\...\Run: [ABBYY Screenshot Reader Retail] => C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenShotReader.exe [959776 2008-12-09] (ABBYY Software Ltd)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [14870192 2017-01-19] (MyHeritage)
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [ABBYY Screenshot Reader Retail] => [X]
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27864 2014-12-23] ()
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [568904 2017-01-09] (ZONER software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{641f438d-d2a1-4c53-9df1-32a3fe6871ba}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default [2016-12-23]
CHR Extension: (Prezentace Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-05]
CHR Extension: (Dokumenty Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-05]
CHR Extension: (Disk Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-05]
CHR Extension: (YouTube) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-05]
CHR Extension: (Tabulky Google) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-05]
CHR Extension: (Gmail) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-05]
CHR Extension: (Chrome Media Router) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-05]
Opera:
=======
OPR StartupUrls: "chrome://startpage/bookmarks"
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.ScreenshotReader.9.0; C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe [759072 2008-10-27] (ABBYY (BIT Software))
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2017-02-24] (ESET)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2016-12-01] (ELAN Microelectronics Corp.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55056 2016-12-23] (Copyright (c) 2016 Plays.tv, LLC)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [315664 2016-12-01] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-12-03] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ALSysIO; C:\Users\Karel\AppData\Local\Temp\ALSysIO64.sys [25064 2016-12-24] (Arthur Liberman) <==== ATTENTION
R0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R3 DVB7700ALL; C:\WINDOWS\System32\Drivers\dvb7700all.sys [798760 2016-12-01] (DiBcom)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132272 2017-02-24] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106768 2017-02-24] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-10-13] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180544 2017-02-24] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [49672 2017-02-24] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77616 2017-02-24] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [96856 2017-02-24] (ESET)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ATK64AMD.sys [13680 2016-12-01] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-26 18:45 - 2017-02-26 18:47 - 00000000 ____D C:\AdwCleaner
2017-02-26 18:44 - 2017-02-26 18:44 - 04015056 _____ C:\Users\Karel\Desktop\adwcleaner_6.043.exe
2017-02-26 14:11 - 2017-02-26 14:12 - 00008420 _____ C:\Users\Karel\Desktop\Addition.zip
2017-02-26 13:28 - 2017-02-26 19:45 - 00010850 _____ C:\Users\Karel\Desktop\FRST.txt
2017-02-26 13:28 - 2017-02-26 19:45 - 00000000 ____D C:\FRST
2017-02-26 13:28 - 2017-02-26 13:29 - 00034801 _____ C:\Users\Karel\Desktop\Addition.txt
2017-02-26 13:26 - 2017-02-26 13:26 - 02423296 _____ (Farbar) C:\Users\Karel\Desktop\FRST64.exe
2017-02-26 13:23 - 2017-02-26 13:24 - 00029696 _____ C:\Users\Karel\AppData\Local\MSGBOX.EXE
2017-02-26 13:22 - 2017-02-26 13:22 - 00112640 _____ (forum.viry.cz) C:\Users\Karel\Desktop\FRSTLauncher.exe
2017-02-26 11:19 - 2017-02-26 11:19 - 00000000 ___HD C:\OneDriveTemp
2017-02-25 12:36 - 2017-02-25 12:36 - 00634533 _____ C:\Users\Karel\Desktop\vánoční přání.pdf
2017-02-18 13:42 - 2017-02-18 13:46 - 00000000 ___RD C:\Users\Karel\Desktop\zahrada práce
2017-02-13 15:59 - 2017-02-13 15:59 - 00000000 ____D C:\Users\Karel\Desktop\Nová složka
2017-02-13 15:59 - 2013-03-15 11:49 - 00000110 ____H C:\Users\Karel\Desktop\foto 00002.jpg.uid-zps
2017-02-12 17:54 - 2017-02-12 17:54 - 01033607 _____ C:\Users\Karel\Desktop\DzPFO_2016_Karel Kakuška.xlsx
2017-02-10 13:38 - 2017-02-10 13:38 - 01200744 _____ (Adobe Systems Incorporated) C:\Users\Karel\Downloads\flashplayer24pp_fa_install.exe
2017-02-10 09:52 - 2017-02-10 09:52 - 02864984 _____ (ZONER software ) C:\Users\Karel\Downloads\zpsx_cz_valentine.exe
2017-02-04 09:01 - 2017-02-04 09:01 - 00627216 _____ C:\Users\Karel\Downloads\recept-1223.pdf
2017-02-02 13:34 - 2017-02-13 12:27 - 00000000 ____D C:\Users\Karel\Documents\MyHeritage
2017-02-02 13:34 - 2017-02-02 13:34 - 00001194 _____ C:\Users\Karel\Desktop\MyHeritage Family Tree Builder.lnk
2017-02-02 13:34 - 2017-02-02 13:34 - 00000000 ____D C:\Users\Karel\AppData\Roaming\The Complete Genealogy Reporter - FTB
2017-02-02 13:34 - 2017-02-02 13:34 - 00000000 ____D C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2017-02-02 13:34 - 2012-08-02 08:56 - 00606208 _____ (Lorenzi Davide) C:\WINDOWS\SysWOW64\HexUniRTFBox.ocx
2017-02-02 13:34 - 2010-06-17 19:49 - 02029056 _____ (Bytescout) C:\WINDOWS\SysWOW64\PDFDocScout.DLL
2017-02-02 13:34 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unicows.dll
2017-02-02 13:34 - 2003-07-06 14:07 - 00372736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ijl15.dll
2017-02-02 13:34 - 2002-03-07 01:19 - 00454656 _____ () C:\WINDOWS\SysWOW64\PaintX.dll
2017-02-02 13:34 - 2000-05-22 17:58 - 00608448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2017-02-02 13:34 - 1998-06-24 01:00 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmapi32.ocx
2017-02-02 13:33 - 2017-02-02 14:42 - 00000000 ____D C:\Users\Karel\AppData\Roaming\MyHeritage
2017-02-02 13:33 - 2017-02-02 14:26 - 00000000 ____D C:\ProgramData\MyHeritage
2017-02-02 13:33 - 2017-02-02 13:34 - 00000000 ____D C:\Program Files (x86)\MyHeritage
2017-02-02 13:30 - 2017-02-02 13:30 - 47125648 _____ C:\Users\Karel\Downloads\family_tree_builder_8372.exe
2017-02-02 09:22 - 2017-02-02 09:22 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-02 09:22 - 2017-02-02 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-01-29 17:09 - 2017-01-29 17:11 - 00000000 ____D C:\Users\Karel\zoner_callisto
2017-01-29 17:06 - 2017-01-29 17:06 - 00000000 ____D C:\Users\Karel\Documents\dokumenty calisto
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-26 19:44 - 2016-12-03 18:46 - 00017920 _____ C:\WINDOWS\system32\rpcnetp.exe
2017-02-26 19:44 - 2016-12-03 18:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-26 19:44 - 2016-12-01 13:39 - 00000000 ____D C:\Users\Karel\AppData\Roaming\Skype
2017-02-26 18:53 - 2016-12-01 13:41 - 01754886 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-26 18:53 - 2016-07-16 23:25 - 00619398 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-26 18:53 - 2016-07-16 23:25 - 00136222 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-26 18:49 - 2016-12-03 18:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-26 18:49 - 2016-12-01 13:40 - 00073232 _____ (Absolute Software Corp.) C:\WINDOWS\SysWOW64\rpcnet.dll
2017-02-26 18:49 - 2016-12-01 13:39 - 00000000 ___RD C:\Users\Karel\OneDrive
2017-02-26 18:48 - 2016-12-03 18:48 - 00000000 ____D C:\Users\Karel
2017-02-26 18:48 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-26 16:55 - 2016-12-02 11:50 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-26 11:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-26 11:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-25 11:11 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-24 13:34 - 2016-12-03 07:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 13:33 - 2016-12-03 07:22 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-24 12:47 - 2016-12-03 18:52 - 00003970 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1480598633
2017-02-24 12:47 - 2016-12-01 14:23 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-02-24 12:47 - 2016-12-01 14:23 - 00000000 ____D C:\Program Files (x86)\Opera
2017-02-24 12:46 - 2016-10-13 15:39 - 00180544 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00132272 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00106768 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00096856 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00077616 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2017-02-24 12:46 - 2016-10-13 15:39 - 00049672 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2017-02-24 12:46 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-22 20:52 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 19:51 - 2016-12-01 13:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 12:57 - 2016-12-03 18:47 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-22 12:31 - 2016-12-01 13:37 - 00000000 ____D C:\Users\Karel\AppData\Local\Packages
2017-02-20 13:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-17 18:15 - 2016-12-02 10:10 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-02-17 18:15 - 2016-12-02 10:10 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-14 17:37 - 2016-12-02 10:22 - 00000000 ____D C:\Users\Karel\AppData\Roaming\vlc
2017-02-10 21:22 - 2017-01-14 20:42 - 00000000 ____D C:\Users\Karel\AppData\Roaming\dvdcss
2017-02-10 13:38 - 2016-12-03 18:52 - 00004094 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-02-10 13:38 - 2016-12-01 13:46 - 00000000 ____D C:\Users\Karel\AppData\Local\Adobe
2017-02-10 13:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-10 13:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-10 09:50 - 2016-12-01 15:13 - 00000000 ____D C:\ProgramData\Skype
2017-02-07 12:37 - 2016-12-05 12:04 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 12:37 - 2016-12-05 12:04 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 17:13 - 2016-12-06 21:21 - 00000000 ____D C:\Users\Karel\AppData\Local\CrashDumps
2017-02-02 09:22 - 2016-12-01 13:43 - 00000000 ____D C:\Program Files (x86)\Google
==================== Files in the root of some directories =======
2017-02-26 13:23 - 2017-02-26 13:24 - 0029696 _____ () C:\Users\Karel\AppData\Local\MSGBOX.EXE
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-25 08:59
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.zip
- (8.33 KiB) Staženo 121 x
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu (wifi)
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujteStart
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [ABBYY Screenshot Reader Retail] => [X]
Task: {1E7E6A8E-3C8E-44DC-95D6-FDFB59F8030E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-05] (Google Inc.)
Task: {BE3FD81B-B512-4378-BAF3-84138D79D19D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-05] (Google Inc.)
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu (wifi)
Fix result of Farbar Recovery Scan Tool (x64) Version: 25-02-2017
Ran by Karel (26-02-2017 20:12:28) Run:2
Running from C:\Users\Karel\Desktop
Loaded Profiles: Karel (Available Profiles: Karel)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [ABBYY Screenshot Reader Retail] => [X]
Task: {1E7E6A8E-3C8E-44DC-95D6-FDFB59F8030E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-05] (Google Inc.)
Task: {BE3FD81B-B512-4378-BAF3-84138D79D19D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-05] (Google Inc.)
EmptyTemp:
End
*****************
HKU\S-1-5-21-107700930-4146309689-737119941-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ABBYY Screenshot Reader Retail => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E7E6A8E-3C8E-44DC-95D6-FDFB59F8030E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E7E6A8E-3C8E-44DC-95D6-FDFB59F8030E} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BE3FD81B-B512-4378-BAF3-84138D79D19D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE3FD81B-B512-4378-BAF3-84138D79D19D} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 84230867 B
Java, Flash, Steam htmlcache => 78756531 B
Windows/system/drivers => 476538104 B
Edge => 530000 B
Chrome => 7511580 B
Firefox => 524288 B
Opera => 370755247 B
Temp, IE cache, history, cookies, recent:
Default => 1536 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 10610 B
NetworkService => 128 B
Karel => 894434097 B
RecycleBin => 448921524 B
EmptyTemp: => 2.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:13:13 ====
Ran by Karel (26-02-2017 20:12:28) Run:2
Running from C:\Users\Karel\Desktop
Loaded Profiles: Karel (Available Profiles: Karel)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-107700930-4146309689-737119941-1001\...\Run: [ABBYY Screenshot Reader Retail] => [X]
Task: {1E7E6A8E-3C8E-44DC-95D6-FDFB59F8030E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-05] (Google Inc.)
Task: {BE3FD81B-B512-4378-BAF3-84138D79D19D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-05] (Google Inc.)
EmptyTemp:
End
*****************
HKU\S-1-5-21-107700930-4146309689-737119941-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ABBYY Screenshot Reader Retail => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E7E6A8E-3C8E-44DC-95D6-FDFB59F8030E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E7E6A8E-3C8E-44DC-95D6-FDFB59F8030E} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BE3FD81B-B512-4378-BAF3-84138D79D19D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE3FD81B-B512-4378-BAF3-84138D79D19D} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 84230867 B
Java, Flash, Steam htmlcache => 78756531 B
Windows/system/drivers => 476538104 B
Edge => 530000 B
Chrome => 7511580 B
Firefox => 524288 B
Opera => 370755247 B
Temp, IE cache, history, cookies, recent:
Default => 1536 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 10610 B
NetworkService => 128 B
Karel => 894434097 B
RecycleBin => 448921524 B
EmptyTemp: => 2.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:13:13 ====
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu (wifi)
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu (wifi)
Pěkný podvečer.
Zdá se, že je vše v pořádku. Děkuji za váš čas. Kakuk
Zdá se, že je vše v pořádku. Děkuji za váš čas. Kakuk
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu (wifi)
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?