Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola 09/2018 - NTB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Kontrola 09/2018 - NTB
# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-05.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-06-2018
# Duration: 00:01:04
# OS: Windows 10 Pro
# Scanned: 41877
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [1455 octets] - [18/04/2018 07:04:03]
AdwCleaner[C00].txt - [1520 octets] - [18/04/2018 07:05:42]
AdwCleaner[S01].txt - [2892 octets] - [27/07/2018 07:10:34]
AdwCleaner[C01].txt - [2784 octets] - [27/07/2018 07:11:15]
AdwCleaner[S02].txt - [1485 octets] - [05/08/2018 10:21:00]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
Děkuji
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-05.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-06-2018
# Duration: 00:01:04
# OS: Windows 10 Pro
# Scanned: 41877
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [1455 octets] - [18/04/2018 07:04:03]
AdwCleaner[C00].txt - [1520 octets] - [18/04/2018 07:05:42]
AdwCleaner[S01].txt - [2892 octets] - [27/07/2018 07:10:34]
AdwCleaner[C01].txt - [2784 octets] - [27/07/2018 07:11:15]
AdwCleaner[S02].txt - [1485 octets] - [05/08/2018 10:21:00]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
Děkuji
Re: Kontrola 09/2018 - NTB
RSIT v příloze
Jedna kontrola, počítač bez známek problémů.
Scany spuštěny v pořadí AdwCleaner, FRST, RSIT.
Děkuji
Jedna kontrola, počítač bez známek problémů.
Scany spuštěny v pořadí AdwCleaner, FRST, RSIT.
Děkuji
- Přílohy
-
- RSIT.rar
- (24.18 KiB) Staženo 107 x
Re: Kontrola 09/2018 - NTB
Ahoj
Trochu to tu zapadlo, kvoli tym samoodpovediam
Otvor poznamkovy blok (Win+R -> notepad -> enter)
Trochu to tu zapadlo, kvoli tym samoodpovediam
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum File: C:\WINDOWS\SysWOW64\OPCEnum.exe File: C:\Program Files (x86)\GEOVAP\LicenseService\LicenseService.Server.exe File: C:\Program Files (x86)\GEOVAP\RelianceOPCServer\OpcDaWrapper.exe File: C:\Program Files (x86)\GEOVAP\Reliance4\R_DrvSrv.exe File: C:\Program Files (x86)\OPC Foundation\UA\v1.1\GDS\Bin\Opc.Ua.DiscoveryServer.exe File: C:\WINDOWS\System32\Drivers\CH341S64.SYS File: C:\WINDOWS\System32\drivers\cysmb.sys File: C:\Windows\System32\Drivers\dpmcslv.sys File: C:\WINDOWS\System32\drivers\VClone.sys CMD: dir /a "D:\data\GoogleDisc\Firefox\Profiles\eo45y78o.default" CMD: dir /a "C:\WINDOWS\system32\0PUQVPPPPPfmis" CMD: dir /a "C:\WINDOWS\system32\0PUQUPPPPPfmis" CMD: dir /a "C:\WINDOWS\system32\0PUQTPQWQafmis" CMD: dir /a "C:\WINDOWS\system32\0PUQTPPPPPfmis" CMD: dir /a "C:\WINDOWS\system32\0PUQSPPPPPfmis" CMD: dir /a "C:\WINDOWS\system32\0PUQsclpQafmis" CMD: dir /a "C:\WINDOWS\system32\0PUQRPPPPPfmis" CMD: dir /a "C:\WINDOWS\system32\0PUQrgWsQafmis" CMD: dir /a "C:\WINDOWS\system32\0PUQQPPPPPfmis" CMD: dir /a "C:\WINDOWS\system32\0PUQQorpWsfmis" CMD: dir /a "C:\WINDOWS\system32\0PUQcsabWsfmis" CMD: dir /a "C:\WINDOWS\system32\0PUQcsabcwfmis" CMD: dir /a "C:\WINDOWS\system32\0PUQ_lcsQafmis" HKU\S-1-5-21-1495226034-248098366-264426019-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1495226034-248098366-264426019-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File Hosts: EmptyTemp: End
- Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola 09/2018 - NTB
Fix result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by plazmas (08-09-2018 16:22:30) Run:1
Running from C:\Users\ruzicka\Desktop
Loaded Profiles: plazmas(Available Profiles: plazmas)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\WINDOWS\SysWOW64\OPCEnum.exe
File: C:\Program Files (x86)\GEOVAP\LicenseService\LicenseService.Server.exe
File: C:\Program Files (x86)\GEOVAP\RelianceOPCServer\OpcDaWrapper.exe
File: C:\Program Files (x86)\GEOVAP\Reliance4\R_DrvSrv.exe
File: C:\Program Files (x86)\OPC Foundation\UA\v1.1\GDS\Bin\Opc.Ua.DiscoveryServer.exe
File: C:\WINDOWS\System32\Drivers\CH341S64.SYS
File: C:\WINDOWS\System32\drivers\cysmb.sys
File: C:\Windows\System32\Drivers\dpmcslv.sys
File: C:\WINDOWS\System32\drivers\VClone.sys
CMD: dir /a "D:\data\GoogleDisc\Firefox\Profiles\eo45y78o.default"
CMD: dir /a "C:\WINDOWS\system32\0PUQVPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQUPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQTPQWQafmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQTPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQSPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQsclpQafmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQRPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQrgWsQafmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQQPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQQorpWsfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQcsabWsfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQcsabcwfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQ_lcsQafmis"
HKU\S-1-5-21-1495226034-248098366-264426019-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1495226034-248098366-264426019-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 26073
Average :
Sum : 12236031435
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\WINDOWS\SysWOW64\OPCEnum.exe ========================
C:\WINDOWS\SysWOW64\OPCEnum.exe
File not signed
MD5: EF5166711AAB71713DBE7EA15A07A4FB
Creation and modification date: 2015-06-19 09:03 - 2015-06-19 09:03
Size: 000146432
Attributes: ----A
Company Name: OPC Foundation
Internal Name: OpcEnum
Original Name: OpcEnum.exe
Product: OPC Server Enumerator 1.10
Description: OPC Server Enumerator 1.10
File Version: 1.10.106.0
Product Version: 1.10.106.0
Copyright: Copyright © 1998-2014 OPC Foundation
VirusTotal: https://www.virustotal.com/file/d963410 ... 533689681/
====== End of File: ======
========================= File: C:\Program Files (x86)\GEOVAP\LicenseService\LicenseService.Server.exe ========================
C:\Program Files (x86)\GEOVAP\LicenseService\LicenseService.Server.exe
File not signed
MD5: 473E1D63ED99B9A2DD421732C8F04948
Creation and modification date: 2017-03-30 08:50 - 2017-03-30 08:50
Size: 000180224
Attributes: ----A
Company Name: GEOVAP, spol. s r.o.
Internal Name: LicenseService.Server.exe
Original Name: LicenseService.Server.exe
Product: Licenses.LicenseService.Server
Description: Licenses.LicenseService.Server
File Version: 2.0.19.30881
Product Version: 2.0.19.30881
Copyright: © 1997-2017 GEOVAP, spol. s r.o.
VirusTotal: https://www.virustotal.com/file/5c1a769 ... 516711919/
====== End of File: ======
========================= File: C:\Program Files (x86)\GEOVAP\RelianceOPCServer\OpcDaWrapper.exe ========================
C:\Program Files (x86)\GEOVAP\RelianceOPCServer\OpcDaWrapper.exe
File not signed
MD5: CAB8510D98815D0E792017876781D529
Creation and modification date: 2017-03-06 14:20 - 2017-03-06 14:20
Size: 000250392
Attributes: ----A
Company Name: GEOVAP, spol. s r.o.
Internal Name: OpcDaWrapper
Original Name: OpcDaWrapper.exe
Product: Reliance OPC Data Access 3.00
Description: Reliance OPC Data Access .NET Server Wrapper
File Version: 3.00.100.0
Product Version: 3.00.2.00
Copyright: Copyright © GEOVAP, spol. s r.o. 2009
VirusTotal: 0
====== End of File: ======
========================= File: C:\Program Files (x86)\GEOVAP\Reliance4\R_DrvSrv.exe ========================
C:\Program Files (x86)\GEOVAP\Reliance4\R_DrvSrv.exe
File not signed
MD5: AF9BBBE6F9B05008109CB85441E38D65
Creation and modification date: 2017-05-11 13:42 - 2017-05-11 13:42
Size: 000883712
Attributes: ----A
Company Name: GEOVAP, spol. s r.o.
Internal Name:
Original Name:
Product: Reliance
Description: Reliance 4 Executable/Library
File Version: 4.7.3.31453
Product Version: 4.0.0.0
Copyright: © 1997-2017 GEOVAP, spol. s r.o.
VirusTotal: https://www.virustotal.com/file/72b3917 ... 507132665/
====== End of File: ======
========================= File: C:\Program Files (x86)\OPC Foundation\UA\v1.1\GDS\Bin\Opc.Ua.DiscoveryServer.exe ========================
C:\Program Files (x86)\OPC Foundation\UA\v1.1\GDS\Bin\Opc.Ua.DiscoveryServer.exe
File not signed
MD5: 926E628D4729D2CC3E4D21AA338D5D8E
Creation and modification date: 2011-08-26 00:03 - 2011-08-26 00:03
Size: 000122880
Attributes: ----A
Company Name: OPC Foundation
Internal Name: Opc.Ua.DiscoveryServer.exe
Original Name: Opc.Ua.DiscoveryServer.exe
Product: OPC UA SDK
Description: Opc.Ua.DiscoveryServer
File Version: 1.01.331.0
Product Version: 1.01.331.0
Copyright: Copyright © 2004-2011 OPC Foundation, Inc
VirusTotal: 0
====== End of File: ======
========================= File: C:\WINDOWS\System32\Drivers\CH341S64.SYS ========================
C:\WINDOWS\System32\Drivers\CH341S64.SYS
File not signed
MD5: 3C0A1B6F538E00F318C109F4A3F29515
Creation and modification date: 2015-02-06 07:39 - 2015-02-06 07:39
Size: 000059904
Attributes: ----A
Company Name: http://www.winchiphead.com
Internal Name: CH341SER
Original Name: CH341SER
Product: CH341SER.SYS
Description: WDM_64 for CH341 serial, by W.ch
File Version: 3.40 built by: WinDDK
Product Version: 3.40
Copyright: Copyright (C) W.ch 2001-2014
VirusTotal: 0
====== End of File: ======
========================= File: C:\WINDOWS\System32\drivers\cysmb.sys ========================
C:\WINDOWS\System32\drivers\cysmb.sys
File not signed
MD5: E12939C6D28957C960494DE2EEE30649
Creation and modification date: 2016-06-26 11:18 - 2016-06-26 11:18
Size: 000010752
Attributes: ----A
Company Name: Cypress Semiconductor, Inc.
Internal Name: CySmb.sys
Original Name: CySmb.sys
Product: Cypress Trackpad
Description: Trackpad Driver
File Version: 2.5.1.72
Product Version: 2.5.1.72
Copyright: Copyright (C) Cypress Semiconductor, Inc. (2015)
VirusTotal: 0
====== End of File: ======
========================= File: C:\Windows\System32\Drivers\dpmcslv.sys ========================
C:\Windows\System32\Drivers\dpmcslv.sys
File not signed
MD5: 0BD72E62C3974C4F5E4372DBA971901B
Creation and modification date: 2005-07-04 16:04 - 2005-07-04 16:04
Size: 000068280
Attributes: ----A
Company Name: Siemens AG
Internal Name: dpmcslv
Original Name: dpmcslv.sys
Product: SIMATIC NET
Description: PROFIBUS DP-Slave-Driver
File Version: V 6.0.3.3228
Product Version: V 5.2.0.2304
Copyright: Copyright © 2002 SIEMENS AG
VirusTotal: 0
====== End of File: ======
========================= File: C:\WINDOWS\System32\drivers\VClone.sys ========================
C:\WINDOWS\System32\drivers\VClone.sys
File not signed
MD5: F257A2737280F0076EAE3AB489C06474
Creation and modification date: 2014-05-03 18:53 - 2014-05-03 18:53
Size: 000034816
Attributes: ----A
Company Name: Elaborate Bytes AG
Internal Name: ElbyVCD
Original Name: ElbyVCD.sys
Product: Virtual CloneDrive
Description: Virtual CloneDrive storage miniport
File Version: 5.4.7.1
Product Version: 5.4.7.1
Copyright: Copyright © 2002 - 2014 Elaborate Bytes AG
VirusTotal: 0
====== End of File: ======
========= dir /a "D:\data\GoogleDisc\Firefox\Profiles\eo45y78o.default" =========
Syst‚m nem…§e nal‚zt uvedenou cestu.
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQVPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQVPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQUPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQUPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQTPQWQafmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQTPQWQafmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQTPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQTPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQSPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQSPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQsclpQafmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQsclpQafmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQRPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQRPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQrgWsQafmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQrgWsQafmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQQPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQQPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQQorpWsfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQQorpWsfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQcsabWsfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQcsabWsfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQcsabcwfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQcsabcwfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQ_lcsQafmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQ_lcsQafmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
HKU\S-1-5-21-1495226034-248098366-264426019-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-1495226034-248098366-264426019-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => removed successfully
HKLM\Software\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24525669 B
Java, Flash, Steam htmlcache => 244027168 B
Windows/system/drivers => 517714 B
Edge => 1217527 B
Chrome => 520646984 B
Firefox => 14606449 B
Opera => 30396436 B
Temp, IE cache, history, cookies, recent:
Default => 7680 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7680 B
LocalService => 0 B
NetworkService => 7680 B
NetworkService => 0 B
ruzicka => 4910795 B
ruzicka.INELSEV => 18332 B
RecycleBin => 20463551 B
EmptyTemp: => 831.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:26:19 ====
Ran by plazmas (08-09-2018 16:22:30) Run:1
Running from C:\Users\ruzicka\Desktop
Loaded Profiles: plazmas(Available Profiles: plazmas)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\WINDOWS\SysWOW64\OPCEnum.exe
File: C:\Program Files (x86)\GEOVAP\LicenseService\LicenseService.Server.exe
File: C:\Program Files (x86)\GEOVAP\RelianceOPCServer\OpcDaWrapper.exe
File: C:\Program Files (x86)\GEOVAP\Reliance4\R_DrvSrv.exe
File: C:\Program Files (x86)\OPC Foundation\UA\v1.1\GDS\Bin\Opc.Ua.DiscoveryServer.exe
File: C:\WINDOWS\System32\Drivers\CH341S64.SYS
File: C:\WINDOWS\System32\drivers\cysmb.sys
File: C:\Windows\System32\Drivers\dpmcslv.sys
File: C:\WINDOWS\System32\drivers\VClone.sys
CMD: dir /a "D:\data\GoogleDisc\Firefox\Profiles\eo45y78o.default"
CMD: dir /a "C:\WINDOWS\system32\0PUQVPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQUPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQTPQWQafmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQTPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQSPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQsclpQafmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQRPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQrgWsQafmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQQPPPPPfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQQorpWsfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQcsabWsfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQcsabcwfmis"
CMD: dir /a "C:\WINDOWS\system32\0PUQ_lcsQafmis"
HKU\S-1-5-21-1495226034-248098366-264426019-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1495226034-248098366-264426019-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 26073
Average :
Sum : 12236031435
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\WINDOWS\SysWOW64\OPCEnum.exe ========================
C:\WINDOWS\SysWOW64\OPCEnum.exe
File not signed
MD5: EF5166711AAB71713DBE7EA15A07A4FB
Creation and modification date: 2015-06-19 09:03 - 2015-06-19 09:03
Size: 000146432
Attributes: ----A
Company Name: OPC Foundation
Internal Name: OpcEnum
Original Name: OpcEnum.exe
Product: OPC Server Enumerator 1.10
Description: OPC Server Enumerator 1.10
File Version: 1.10.106.0
Product Version: 1.10.106.0
Copyright: Copyright © 1998-2014 OPC Foundation
VirusTotal: https://www.virustotal.com/file/d963410 ... 533689681/
====== End of File: ======
========================= File: C:\Program Files (x86)\GEOVAP\LicenseService\LicenseService.Server.exe ========================
C:\Program Files (x86)\GEOVAP\LicenseService\LicenseService.Server.exe
File not signed
MD5: 473E1D63ED99B9A2DD421732C8F04948
Creation and modification date: 2017-03-30 08:50 - 2017-03-30 08:50
Size: 000180224
Attributes: ----A
Company Name: GEOVAP, spol. s r.o.
Internal Name: LicenseService.Server.exe
Original Name: LicenseService.Server.exe
Product: Licenses.LicenseService.Server
Description: Licenses.LicenseService.Server
File Version: 2.0.19.30881
Product Version: 2.0.19.30881
Copyright: © 1997-2017 GEOVAP, spol. s r.o.
VirusTotal: https://www.virustotal.com/file/5c1a769 ... 516711919/
====== End of File: ======
========================= File: C:\Program Files (x86)\GEOVAP\RelianceOPCServer\OpcDaWrapper.exe ========================
C:\Program Files (x86)\GEOVAP\RelianceOPCServer\OpcDaWrapper.exe
File not signed
MD5: CAB8510D98815D0E792017876781D529
Creation and modification date: 2017-03-06 14:20 - 2017-03-06 14:20
Size: 000250392
Attributes: ----A
Company Name: GEOVAP, spol. s r.o.
Internal Name: OpcDaWrapper
Original Name: OpcDaWrapper.exe
Product: Reliance OPC Data Access 3.00
Description: Reliance OPC Data Access .NET Server Wrapper
File Version: 3.00.100.0
Product Version: 3.00.2.00
Copyright: Copyright © GEOVAP, spol. s r.o. 2009
VirusTotal: 0
====== End of File: ======
========================= File: C:\Program Files (x86)\GEOVAP\Reliance4\R_DrvSrv.exe ========================
C:\Program Files (x86)\GEOVAP\Reliance4\R_DrvSrv.exe
File not signed
MD5: AF9BBBE6F9B05008109CB85441E38D65
Creation and modification date: 2017-05-11 13:42 - 2017-05-11 13:42
Size: 000883712
Attributes: ----A
Company Name: GEOVAP, spol. s r.o.
Internal Name:
Original Name:
Product: Reliance
Description: Reliance 4 Executable/Library
File Version: 4.7.3.31453
Product Version: 4.0.0.0
Copyright: © 1997-2017 GEOVAP, spol. s r.o.
VirusTotal: https://www.virustotal.com/file/72b3917 ... 507132665/
====== End of File: ======
========================= File: C:\Program Files (x86)\OPC Foundation\UA\v1.1\GDS\Bin\Opc.Ua.DiscoveryServer.exe ========================
C:\Program Files (x86)\OPC Foundation\UA\v1.1\GDS\Bin\Opc.Ua.DiscoveryServer.exe
File not signed
MD5: 926E628D4729D2CC3E4D21AA338D5D8E
Creation and modification date: 2011-08-26 00:03 - 2011-08-26 00:03
Size: 000122880
Attributes: ----A
Company Name: OPC Foundation
Internal Name: Opc.Ua.DiscoveryServer.exe
Original Name: Opc.Ua.DiscoveryServer.exe
Product: OPC UA SDK
Description: Opc.Ua.DiscoveryServer
File Version: 1.01.331.0
Product Version: 1.01.331.0
Copyright: Copyright © 2004-2011 OPC Foundation, Inc
VirusTotal: 0
====== End of File: ======
========================= File: C:\WINDOWS\System32\Drivers\CH341S64.SYS ========================
C:\WINDOWS\System32\Drivers\CH341S64.SYS
File not signed
MD5: 3C0A1B6F538E00F318C109F4A3F29515
Creation and modification date: 2015-02-06 07:39 - 2015-02-06 07:39
Size: 000059904
Attributes: ----A
Company Name: http://www.winchiphead.com
Internal Name: CH341SER
Original Name: CH341SER
Product: CH341SER.SYS
Description: WDM_64 for CH341 serial, by W.ch
File Version: 3.40 built by: WinDDK
Product Version: 3.40
Copyright: Copyright (C) W.ch 2001-2014
VirusTotal: 0
====== End of File: ======
========================= File: C:\WINDOWS\System32\drivers\cysmb.sys ========================
C:\WINDOWS\System32\drivers\cysmb.sys
File not signed
MD5: E12939C6D28957C960494DE2EEE30649
Creation and modification date: 2016-06-26 11:18 - 2016-06-26 11:18
Size: 000010752
Attributes: ----A
Company Name: Cypress Semiconductor, Inc.
Internal Name: CySmb.sys
Original Name: CySmb.sys
Product: Cypress Trackpad
Description: Trackpad Driver
File Version: 2.5.1.72
Product Version: 2.5.1.72
Copyright: Copyright (C) Cypress Semiconductor, Inc. (2015)
VirusTotal: 0
====== End of File: ======
========================= File: C:\Windows\System32\Drivers\dpmcslv.sys ========================
C:\Windows\System32\Drivers\dpmcslv.sys
File not signed
MD5: 0BD72E62C3974C4F5E4372DBA971901B
Creation and modification date: 2005-07-04 16:04 - 2005-07-04 16:04
Size: 000068280
Attributes: ----A
Company Name: Siemens AG
Internal Name: dpmcslv
Original Name: dpmcslv.sys
Product: SIMATIC NET
Description: PROFIBUS DP-Slave-Driver
File Version: V 6.0.3.3228
Product Version: V 5.2.0.2304
Copyright: Copyright © 2002 SIEMENS AG
VirusTotal: 0
====== End of File: ======
========================= File: C:\WINDOWS\System32\drivers\VClone.sys ========================
C:\WINDOWS\System32\drivers\VClone.sys
File not signed
MD5: F257A2737280F0076EAE3AB489C06474
Creation and modification date: 2014-05-03 18:53 - 2014-05-03 18:53
Size: 000034816
Attributes: ----A
Company Name: Elaborate Bytes AG
Internal Name: ElbyVCD
Original Name: ElbyVCD.sys
Product: Virtual CloneDrive
Description: Virtual CloneDrive storage miniport
File Version: 5.4.7.1
Product Version: 5.4.7.1
Copyright: Copyright © 2002 - 2014 Elaborate Bytes AG
VirusTotal: 0
====== End of File: ======
========= dir /a "D:\data\GoogleDisc\Firefox\Profiles\eo45y78o.default" =========
Syst‚m nem…§e nal‚zt uvedenou cestu.
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQVPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQVPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQUPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQUPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQTPQWQafmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQTPQWQafmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQTPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQTPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQSPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQSPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQsclpQafmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQsclpQafmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQRPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQRPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙143˙232 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQrgWsQafmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQrgWsQafmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQQPPPPPfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQQPPPPPfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQQorpWsfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQQorpWsfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQcsabWsfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQcsabWsfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQcsabcwfmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQcsabcwfmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
========= dir /a "C:\WINDOWS\system32\0PUQ_lcsQafmis" =========
Volume in drive C is Win10
Volume Serial Number is 8476-5AD6
Directory of C:\WINDOWS\system32\0PUQ_lcsQafmis
05.09.2018 16:24 <DIR> .
05.09.2018 16:24 <DIR> ..
27.03.2018 15:14 1˙280 00000000000000000000.DLL
1 File(s) 1˙280 bytes
2 Dir(s) 13˙682˙139˙136 bytes free
========= End of CMD: =========
HKU\S-1-5-21-1495226034-248098366-264426019-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-1495226034-248098366-264426019-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => removed successfully
HKLM\Software\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24525669 B
Java, Flash, Steam htmlcache => 244027168 B
Windows/system/drivers => 517714 B
Edge => 1217527 B
Chrome => 520646984 B
Firefox => 14606449 B
Opera => 30396436 B
Temp, IE cache, history, cookies, recent:
Default => 7680 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7680 B
LocalService => 0 B
NetworkService => 7680 B
NetworkService => 0 B
ruzicka => 4910795 B
ruzicka.INELSEV => 18332 B
RecycleBin => 20463551 B
EmptyTemp: => 831.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:26:19 ====
Naposledy upravil(a) plazmas dne 09 zář 2018 08:11, celkem upraveno 1 x.
Re: Kontrola 09/2018 - NTB
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: VirusTotal: C:\WINDOWS\system32\0PUQVPPPPPfmis\00000000000000000000.DLL File: C:\WINDOWS\system32\0PUQVPPPPPfmis\00000000000000000000.DLLF Folder: C:\WINDOWS\system32\0PUQUPPPPPfmis Folder: C:\WINDOWS\system32\0PTQVPPPPPfmis Folder: C:\WINDOWS\system32\3PQPQpexYafmis FF ProfilePath: D:\data\GoogleDisc\Firefox\Profiles\eo45y78o.default [not found] <==== ATTENTION 2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQVPPPPPfmis 2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQUPPPPPfmis 2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQTPQWQafmis 2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQTPPPPPfmis 2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQSPPPPPfmis 2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQsclpQafmis 2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQRPPPPPfmis 2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQrgWsQafmis 2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQQPPPPPfmis 2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQQorpWsfmis 2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQcsabWsfmis 2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQcsabcwfmis 2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQ_lcsQafmis 2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQVPPPPPfmis 2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQUPPPPPfmis 2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQTPQWQafmis 2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQTPPPPPfmis 2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQSPPPPPfmis 2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQsclpQafmis 2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQRPPPPPfmis 2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQrgWsQafmis 2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQQPPPPPfmis 2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQQorpWsfmis 2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQcsabWsfmis 2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQcsabcwfmis 2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQ_lcsQafmis 2018-09-05 16:24 - 2016-12-14 15:18 - 000000000 ____D C:\WINDOWS\system32\3PQPQpexYafmis 2018-09-05 16:24 - 2016-12-14 14:44 - 000000000 ____D C:\WINDOWS\system32\3PQPRpexYafmis 2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPVPPPPPfmis 2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPUPPPPPfmis 2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPTPPPPPfmis 2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPSPPPPPfmis 2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPRPPPPPfmis 2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPQPPPPPfmis 2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQVPPPPPfmis 2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQUPPPPPfmis 2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQTPQWQafmis 2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQTPPPPPfmis 2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQSPPPPPfmis 2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQsclpQafmis 2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQRPPPPPfmis 2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQrgWsQafmis 2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQQPPPPPfmis 2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQQorpWsfmis 2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQcsabWsfmis 2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQcsabcwfmis 2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQ_lcsQafmis 2018-09-05 16:24 - 2016-12-06 10:39 - 000000000 ____D C:\WINDOWS\system32\5PUPTPQWQattis Hosts: EmptyTemp: End
- Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola 09/2018 - NTB
Fix result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by plazmas (09-09-2018 08:59:29) Run:2
Running from C:\Users\ruzicka\Desktop
Loaded Profiles: plazmas (Available Profiles: plazmas)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
VirusTotal: C:\WINDOWS\system32\0PUQVPPPPPfmis\00000000000000000000.DLL
File: C:\WINDOWS\system32\0PUQVPPPPPfmis\00000000000000000000.DLLF
Folder: C:\WINDOWS\system32\0PUQUPPPPPfmis
Folder: C:\WINDOWS\system32\0PTQVPPPPPfmis
Folder: C:\WINDOWS\system32\3PQPQpexYafmis
FF ProfilePath: D:\data\GoogleDisc\Firefox\Profiles\eo45y78o.default [not found] <==== ATTENTION
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQVPPPPPfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQUPPPPPfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQTPQWQafmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQTPPPPPfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQSPPPPPfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQsclpQafmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQRPPPPPfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQrgWsQafmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQQPPPPPfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQQorpWsfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQcsabWsfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQcsabcwfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQ_lcsQafmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQVPPPPPfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQUPPPPPfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQTPQWQafmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQTPPPPPfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQSPPPPPfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQsclpQafmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQRPPPPPfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQrgWsQafmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQQPPPPPfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQQorpWsfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQcsabWsfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQcsabcwfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQ_lcsQafmis
2018-09-05 16:24 - 2016-12-14 15:18 - 000000000 ____D C:\WINDOWS\system32\3PQPQpexYafmis
2018-09-05 16:24 - 2016-12-14 14:44 - 000000000 ____D C:\WINDOWS\system32\3PQPRpexYafmis
2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPVPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPUPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPTPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPSPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPRPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPQPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQVPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQUPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQTPQWQafmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQTPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQSPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQsclpQafmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQRPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQrgWsQafmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQQPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQQorpWsfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQcsabWsfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQcsabcwfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQ_lcsQafmis
2018-09-05 16:24 - 2016-12-06 10:39 - 000000000 ____D C:\WINDOWS\system32\5PUPTPQWQattis
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
VirusTotal: C:\WINDOWS\system32\0PUQVPPPPPfmis\00000000000000000000.DLL => https://www.virustotal.com/file/bfe492b ... 535688907/
========================= File: C:\WINDOWS\system32\0PUQVPPPPPfmis\00000000000000000000.DLLF ========================
"C:\WINDOWS\system32\0PUQVPPPPPfmis\00000000000000000000.DLLF" => not found
====== End of File: ======
========================= Folder: C:\WINDOWS\system32\0PUQUPPPPPfmis ========================
2018-03-27 15:14 - 2018-03-27 15:14 - 000001280 ____A [A5058431022AD56A091A49521B5CB35B] () C:\WINDOWS\system32\0PUQUPPPPPfmis\00000000000000000000.DLL
====== End of Folder: ======
========================= Folder: C:\WINDOWS\system32\0PTQVPPPPPfmis ========================
2017-04-27 07:47 - 2017-04-27 07:47 - 000001280 ____A [A5058431022AD56A091A49521B5CB35B] () C:\WINDOWS\system32\0PTQVPPPPPfmis\00000000000000000000.DLL
====== End of Folder: ======
========================= Folder: C:\WINDOWS\system32\3PQPQpexYafmis ========================
2016-12-14 15:18 - 2016-12-14 15:18 - 000001280 ____A [A5058431022AD56A091A49521B5CB35B] () C:\WINDOWS\system32\3PQPQpexYafmis\00000000000000000000.DLL
====== End of Folder: ======
D:\data\GoogleDisc\Firefox\Profiles\eo45y78o.default => path removed successfully
C:\WINDOWS\system32\0PUQVPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PUQUPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PUQTPQWQafmis => moved successfully
C:\WINDOWS\system32\0PUQTPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PUQSPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PUQsclpQafmis => moved successfully
C:\WINDOWS\system32\0PUQRPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PUQrgWsQafmis => moved successfully
C:\WINDOWS\system32\0PUQQPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PUQQorpWsfmis => moved successfully
C:\WINDOWS\system32\0PUQcsabWsfmis => moved successfully
C:\WINDOWS\system32\0PUQcsabcwfmis => moved successfully
C:\WINDOWS\system32\0PUQ_lcsQafmis => moved successfully
C:\WINDOWS\system32\0PTQVPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PTQUPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PTQTPQWQafmis => moved successfully
C:\WINDOWS\system32\0PTQTPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PTQSPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PTQsclpQafmis => moved successfully
C:\WINDOWS\system32\0PTQRPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PTQrgWsQafmis => moved successfully
C:\WINDOWS\system32\0PTQQPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PTQQorpWsfmis => moved successfully
C:\WINDOWS\system32\0PTQcsabWsfmis => moved successfully
C:\WINDOWS\system32\0PTQcsabcwfmis => moved successfully
C:\WINDOWS\system32\0PTQ_lcsQafmis => moved successfully
C:\WINDOWS\system32\3PQPQpexYafmis => moved successfully
C:\WINDOWS\system32\3PQPRpexYafmis => moved successfully
C:\WINDOWS\system32\5PUPVPPPPPfmis => moved successfully
C:\WINDOWS\system32\5PUPUPPPPPfmis => moved successfully
C:\WINDOWS\system32\5PUPTPPPPPfmis => moved successfully
C:\WINDOWS\system32\5PUPSPPPPPfmis => moved successfully
C:\WINDOWS\system32\5PUPRPPPPPfmis => moved successfully
C:\WINDOWS\system32\5PUPQPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PSQVPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PSQUPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PSQTPQWQafmis => moved successfully
C:\WINDOWS\system32\0PSQTPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PSQSPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PSQsclpQafmis => moved successfully
C:\WINDOWS\system32\0PSQRPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PSQrgWsQafmis => moved successfully
C:\WINDOWS\system32\0PSQQPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PSQQorpWsfmis => moved successfully
C:\WINDOWS\system32\0PSQcsabWsfmis => moved successfully
C:\WINDOWS\system32\0PSQcsabcwfmis => moved successfully
C:\WINDOWS\system32\0PSQ_lcsQafmis => moved successfully
C:\WINDOWS\system32\5PUPTPQWQattis => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 13393920 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14829614 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 53897 B
Edge => 0 B
Chrome => 288209111 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
ruzicka => 15706 B
ruzicka.INELSEV => 0 B
RecycleBin => 0 B
EmptyTemp: => 301.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 09:01:25 ====
Ran by plazmas (09-09-2018 08:59:29) Run:2
Running from C:\Users\ruzicka\Desktop
Loaded Profiles: plazmas (Available Profiles: plazmas)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
VirusTotal: C:\WINDOWS\system32\0PUQVPPPPPfmis\00000000000000000000.DLL
File: C:\WINDOWS\system32\0PUQVPPPPPfmis\00000000000000000000.DLLF
Folder: C:\WINDOWS\system32\0PUQUPPPPPfmis
Folder: C:\WINDOWS\system32\0PTQVPPPPPfmis
Folder: C:\WINDOWS\system32\3PQPQpexYafmis
FF ProfilePath: D:\data\GoogleDisc\Firefox\Profiles\eo45y78o.default [not found] <==== ATTENTION
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQVPPPPPfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQUPPPPPfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQTPQWQafmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQTPPPPPfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQSPPPPPfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQsclpQafmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQRPPPPPfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQrgWsQafmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQQPPPPPfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQQorpWsfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQcsabWsfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQcsabcwfmis
2018-09-05 16:24 - 2018-03-27 15:14 - 000000000 ____D C:\WINDOWS\system32\0PUQ_lcsQafmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQVPPPPPfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQUPPPPPfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQTPQWQafmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQTPPPPPfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQSPPPPPfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQsclpQafmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQRPPPPPfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQrgWsQafmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQQPPPPPfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQQorpWsfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQcsabWsfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQcsabcwfmis
2018-09-05 16:24 - 2017-04-27 07:47 - 000000000 ____D C:\WINDOWS\system32\0PTQ_lcsQafmis
2018-09-05 16:24 - 2016-12-14 15:18 - 000000000 ____D C:\WINDOWS\system32\3PQPQpexYafmis
2018-09-05 16:24 - 2016-12-14 14:44 - 000000000 ____D C:\WINDOWS\system32\3PQPRpexYafmis
2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPVPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPUPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPTPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPSPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPRPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:47 - 000000000 ____D C:\WINDOWS\system32\5PUPQPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQVPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQUPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQTPQWQafmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQTPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQSPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQsclpQafmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQRPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQrgWsQafmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQQPPPPPfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQQorpWsfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQcsabWsfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQcsabcwfmis
2018-09-05 16:24 - 2016-12-08 13:25 - 000000000 ____D C:\WINDOWS\system32\0PSQ_lcsQafmis
2018-09-05 16:24 - 2016-12-06 10:39 - 000000000 ____D C:\WINDOWS\system32\5PUPTPQWQattis
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
VirusTotal: C:\WINDOWS\system32\0PUQVPPPPPfmis\00000000000000000000.DLL => https://www.virustotal.com/file/bfe492b ... 535688907/
========================= File: C:\WINDOWS\system32\0PUQVPPPPPfmis\00000000000000000000.DLLF ========================
"C:\WINDOWS\system32\0PUQVPPPPPfmis\00000000000000000000.DLLF" => not found
====== End of File: ======
========================= Folder: C:\WINDOWS\system32\0PUQUPPPPPfmis ========================
2018-03-27 15:14 - 2018-03-27 15:14 - 000001280 ____A [A5058431022AD56A091A49521B5CB35B] () C:\WINDOWS\system32\0PUQUPPPPPfmis\00000000000000000000.DLL
====== End of Folder: ======
========================= Folder: C:\WINDOWS\system32\0PTQVPPPPPfmis ========================
2017-04-27 07:47 - 2017-04-27 07:47 - 000001280 ____A [A5058431022AD56A091A49521B5CB35B] () C:\WINDOWS\system32\0PTQVPPPPPfmis\00000000000000000000.DLL
====== End of Folder: ======
========================= Folder: C:\WINDOWS\system32\3PQPQpexYafmis ========================
2016-12-14 15:18 - 2016-12-14 15:18 - 000001280 ____A [A5058431022AD56A091A49521B5CB35B] () C:\WINDOWS\system32\3PQPQpexYafmis\00000000000000000000.DLL
====== End of Folder: ======
D:\data\GoogleDisc\Firefox\Profiles\eo45y78o.default => path removed successfully
C:\WINDOWS\system32\0PUQVPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PUQUPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PUQTPQWQafmis => moved successfully
C:\WINDOWS\system32\0PUQTPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PUQSPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PUQsclpQafmis => moved successfully
C:\WINDOWS\system32\0PUQRPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PUQrgWsQafmis => moved successfully
C:\WINDOWS\system32\0PUQQPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PUQQorpWsfmis => moved successfully
C:\WINDOWS\system32\0PUQcsabWsfmis => moved successfully
C:\WINDOWS\system32\0PUQcsabcwfmis => moved successfully
C:\WINDOWS\system32\0PUQ_lcsQafmis => moved successfully
C:\WINDOWS\system32\0PTQVPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PTQUPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PTQTPQWQafmis => moved successfully
C:\WINDOWS\system32\0PTQTPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PTQSPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PTQsclpQafmis => moved successfully
C:\WINDOWS\system32\0PTQRPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PTQrgWsQafmis => moved successfully
C:\WINDOWS\system32\0PTQQPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PTQQorpWsfmis => moved successfully
C:\WINDOWS\system32\0PTQcsabWsfmis => moved successfully
C:\WINDOWS\system32\0PTQcsabcwfmis => moved successfully
C:\WINDOWS\system32\0PTQ_lcsQafmis => moved successfully
C:\WINDOWS\system32\3PQPQpexYafmis => moved successfully
C:\WINDOWS\system32\3PQPRpexYafmis => moved successfully
C:\WINDOWS\system32\5PUPVPPPPPfmis => moved successfully
C:\WINDOWS\system32\5PUPUPPPPPfmis => moved successfully
C:\WINDOWS\system32\5PUPTPPPPPfmis => moved successfully
C:\WINDOWS\system32\5PUPSPPPPPfmis => moved successfully
C:\WINDOWS\system32\5PUPRPPPPPfmis => moved successfully
C:\WINDOWS\system32\5PUPQPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PSQVPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PSQUPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PSQTPQWQafmis => moved successfully
C:\WINDOWS\system32\0PSQTPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PSQSPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PSQsclpQafmis => moved successfully
C:\WINDOWS\system32\0PSQRPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PSQrgWsQafmis => moved successfully
C:\WINDOWS\system32\0PSQQPPPPPfmis => moved successfully
C:\WINDOWS\system32\0PSQQorpWsfmis => moved successfully
C:\WINDOWS\system32\0PSQcsabWsfmis => moved successfully
C:\WINDOWS\system32\0PSQcsabcwfmis => moved successfully
C:\WINDOWS\system32\0PSQ_lcsQafmis => moved successfully
C:\WINDOWS\system32\5PUPTPQWQattis => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 13393920 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14829614 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 53897 B
Edge => 0 B
Chrome => 288209111 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
ruzicka => 15706 B
ruzicka.INELSEV => 0 B
RecycleBin => 0 B
EmptyTemp: => 301.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 09:01:25 ====
Re: Kontrola 09/2018 - NTB
Vyzera to OK. Nastala nejaka zmena alebo su este nejake problemy?
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola 09/2018 - NTB
Kontrola byla jen preventivní, žádné problémy jsem nepozoroval.
Jak byly problémy, které se odstraňovali závažné?
Jak byly problémy, které se odstraňovali závažné?
Re: Kontrola 09/2018 - NTB
Bolo to ciste, iba sme precistili rozne zbytocnosti.
Plocha ma vyse 10 GB. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.
A este upraceme po pouzitych nastrojoch:
Plocha ma vyse 10 GB. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.
A este upraceme po pouzitych nastrojoch:
- Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
- Uloz na plochu a spusti
- Nechaj oznacenu moznost "Remove disinfection tools"
- Klikni na "Run"
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Kontrola 09/2018 - NTB
Děkuji
Re: Kontrola 09/2018 - NTB
Nie je zaco, rad som pomohol
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!