Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nenačítá se systém.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Nenačítá se systém.
Dobrý den. Mám problém s načítáním win, začalo to že jsem winrarem rozpackovával soubor a začal se mi sekat PC a hlásit neodpovídá a několikrát během toho vyskočila chyba 0x0000006 hkcmd a že ho nelze spustit tak jsem PC restartoval naběhla úvodní obraz "Vítejte" naskočila plocha ale ikony né nešlo nic na ploše provádět a po chvíli vyskočila ta samá chyba. Takže jsem se musel přesunout do nouzového režimu se sítí poradíte jak se toho zbavit? PC bude jistě řádně zavirovaný.
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nenačítá se systém.
Zdravím!
Zkuste nejprve obnovu systému k datu, kdy korektně fungoval. Pak dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Zkuste nejprve obnovu systému k datu, kdy korektně fungoval. Pak dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nenačítá se systém.
Takže obnovení systému pomohlo už opět mohu do systému klasicky a tady je ten log.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2015
Ran by Austin (administrator) on AUSTIN-PC on 11-01-2015 18:02:28
Running from C:\Users\Austin\Desktop
Loaded Profile: Austin (Available profiles: Austin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_223_ActiveX.exe
(forum.viry.cz) C:\Users\Austin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-01] (AVAST Software)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [LightShot] => C:\Users\Austin\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-11-12] ()
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511131190} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2199681317-980097130-1220238891-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-23]
Chrome:
=======
CHR Profile: C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-31]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-31] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
S4 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-09] (globalUpdate) [File not signed]
S4 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-09] (globalUpdate) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-31] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-08] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-11 18:02 - 2015-01-11 18:02 - 00015551 _____ () C:\Users\Austin\Desktop\FRST.txt
2015-01-11 17:59 - 2015-01-11 17:59 - 02124288 _____ (Farbar) C:\Users\Austin\Desktop\FRST64.exe
2015-01-11 17:59 - 2015-01-11 17:59 - 00112640 _____ (forum.viry.cz) C:\Users\Austin\Desktop\FRSTLauncher.exe
2015-01-11 17:39 - 2015-01-11 17:39 - 00000334 _____ () C:\Windows\PFRO.log
2015-01-11 16:53 - 2015-01-11 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-11 16:52 - 2014-10-31 12:07 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-11 16:43 - 2015-01-11 16:43 - 00000679 _____ () C:\Users\Austin\Desktop\VIRY.CZ • Zobrazit téma - Nenačítá se systém..website
2015-01-11 16:39 - 2015-01-11 18:02 - 00000000 ____D () C:\FRST
2015-01-11 16:37 - 2015-01-11 16:46 - 00000000 ____D () C:\Users\Austin\Desktop\Čištění PC
2015-01-11 15:33 - 2015-01-11 15:33 - 00024814 _____ () C:\ComboFix.txt
2015-01-11 15:13 - 2015-01-11 15:33 - 00000000 ____D () C:\Qoobox
2015-01-11 13:25 - 2015-01-11 14:03 - 00000000 ____D () C:\Users\Austin\Downloads\Tomb Raider
2015-01-10 23:06 - 2015-01-10 23:11 - 549547008 _____ () C:\Users\Austin\Downloads\Jursky-park-3.avi.8zigvwp.partial
2015-01-10 20:00 - 2015-01-10 20:18 - 911518208 _____ () C:\Users\Austin\Downloads\Jursky-park-2-ztraceny-svet.avi.yqlxj4m.partial
2015-01-08 16:31 - 2015-01-08 16:37 - 318781229 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_394_1080p_[C5F351B6].mkv
2015-01-08 16:27 - 2015-01-08 16:27 - 00012731 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_394_1080p_[C5F351B6].mkv.torrent
2015-01-06 01:21 - 2015-01-06 01:27 - 734011530 _____ () C:\Users\Austin\Downloads\X-Men-Origins---Wolverine-2009-cz.avi.55ywvfk.partial
2015-01-04 01:00 - 2015-01-11 17:40 - 00000336 _____ () C:\Windows\setupact.log
2015-01-04 01:00 - 2015-01-04 01:00 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-02 15:57 - 2015-01-02 16:06 - 726035086 _____ () C:\Users\Austin\Downloads\IP-MAN-2008-AKCNI-DONNIE-YEN-CZ-DABING.avi
2014-12-31 17:02 - 2014-12-31 17:26 - 1571845950 _____ () C:\Users\Austin\Downloads\Toy-Story-3---Pribeh-hracek-3---by-pablos32.avi.frcy1lg.partial
2014-12-30 23:14 - 2014-12-30 23:27 - 640977920 _____ () C:\Users\Austin\Downloads\Toy-Story-2---Pribeh-hracek.Toy-Story-2-1999-CZ-Dabing-Animovany.avi
2014-12-30 18:33 - 2014-12-30 18:33 - 00170117 _____ () C:\Users\Austin\Downloads\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz (1).rar
2014-12-30 18:22 - 2014-12-30 18:22 - 00170117 _____ () C:\Users\Austin\Downloads\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz.rar
2014-12-30 04:06 - 2014-12-30 04:36 - 3556048896 _____ () C:\Users\Austin\Downloads\Bully-Schoolarship-edition.iso
2014-12-29 20:20 - 2014-12-29 20:30 - 716419072 _____ () C:\Users\Austin\Downloads\Toy-Story---Pribeh-hracek.avi
2014-12-28 18:11 - 2014-12-28 18:11 - 00010820 _____ () C:\Users\Austin\Desktop\Poslední-samuraj-cz-(titulky-k-japonstine).srt
2014-12-28 03:11 - 2014-12-28 03:11 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-12-28 03:11 - 2014-12-28 03:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-12-28 02:02 - 2014-12-28 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-28 02:01 - 2014-12-28 02:01 - 26951680 _____ () C:\Users\Austin\Downloads\SkypeSetup_6.21.0.104.msi
2014-12-27 19:22 - 2014-12-27 20:24 - 00239354 _____ () C:\Users\Austin\Downloads\OptiFine-HD-U-D3-1.4.7.zip.8xvarnc.partial
2014-12-27 16:38 - 2014-12-27 17:58 - 1424154342 _____ () C:\Users\Austin\Downloads\Ip-Man-2.cz-dub.avi
2014-12-27 00:35 - 2014-12-27 00:35 - 00000000 ____D () C:\Users\Austin\Desktop\NEW
2014-12-26 23:46 - 2014-12-27 19:58 - 00000000 ____D () C:\Users\Austin\Desktop\MultiMC
2014-12-26 23:46 - 2014-12-26 23:46 - 23304531 _____ () C:\Users\Austin\Downloads\mmc-stable-win32.zip
2014-12-26 19:50 - 2014-12-26 20:05 - 1411080192 _____ () C:\Users\Austin\Downloads\Pelisky-CZ-GHOST04.avi
2014-12-26 18:44 - 2014-12-27 19:16 - 00000000 ____D () C:\Users\Austin\Desktop\Nargonovy mody
2014-12-26 03:51 - 2014-12-26 03:55 - 377332595 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_393_1080p_[CA589F5F].mkv
2014-12-26 03:39 - 2014-12-26 03:39 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-26 03:39 - 2014-12-26 03:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-25 13:01 - 2014-12-25 13:09 - 734771200 _____ () C:\Users\Austin\Downloads\Nejkrasnejsi-hadanka.avi
2014-12-25 02:30 - 2015-01-03 17:37 - 22764208 _____ () C:\Users\Austin\Desktop\TechnicLauncher.exe
2014-12-25 02:30 - 2015-01-03 17:24 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\.technic
2014-12-24 12:09 - 2014-12-24 12:09 - 00000000 ____D () C:\Users\Austin\Downloads\Nargbox.1.4.7.Beta7
2014-12-24 12:05 - 2014-12-24 12:07 - 128800855 _____ () C:\Users\Austin\Downloads\Nargbox.1.4.7.Beta7.zip
2014-12-24 03:02 - 2014-12-24 03:02 - 00000000 ____D () C:\Program Files\Java
2014-12-23 20:48 - 2014-12-23 20:59 - 766353408 _____ () C:\Users\Austin\Downloads\Vanocni-prazdniny-cz-dabing.avi.4wxzeqj.partial
2014-12-22 19:48 - 2014-12-22 20:08 - 1048872076 _____ () C:\Users\Austin\Downloads\Sam-doma-a-bohaty.avi.vsgjkfp.partial
2014-12-22 18:12 - 2014-12-22 19:18 - 611838592 _____ () C:\Users\Austin\Downloads\Windows-XP-Professional-SP3-32bit-(CZ).zip
2014-12-21 22:53 - 2014-12-21 22:53 - 00001444 _____ () C:\Users\Austin\AppData\Local\recently-used.xbel
2014-12-20 14:01 - 2014-12-20 14:01 - 04740913 _____ ( ) C:\Users\Austin\Downloads\ExplorerSuite(1).exe
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\Users\Public\Documents\Explorer Suite Signatures
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\Program Files\NTCore
2014-12-20 14:00 - 2014-12-20 14:00 - 00231920 _____ () C:\Users\Austin\Downloads\ExplorerSuite.exe
2014-12-20 13:29 - 2014-12-21 21:39 - 00000000 ____D () C:\Users\Austin\Desktop\Attomey ---
2014-12-20 13:12 - 2014-12-20 13:23 - 966764556 _____ () C:\Users\Austin\Downloads\Attomey.rar
2014-12-20 05:21 - 2014-12-20 05:28 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
2014-12-20 05:21 - 2014-12-20 05:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
2014-12-20 05:20 - 2014-12-20 05:21 - 00000000 ____D () C:\Program Files (x86)\Return to Castle Wolfenstein
2014-12-20 05:19 - 2014-12-20 05:21 - 00000810 _____ () C:\Windows\Rtcw.INI
2014-12-20 05:19 - 2001-06-19 17:53 - 00266293 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.000
2014-12-20 05:17 - 2014-11-25 21:21 - 00000000 ____D () C:\Users\Austin\Desktop\Return to Castle Wolfenstein cz
2014-12-20 05:09 - 2015-01-11 16:46 - 00000000 ____D () C:\Users\Austin\Desktop\LaroxionMT2
2014-12-20 03:59 - 2014-12-26 18:43 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\.minecraft
2014-12-20 03:24 - 2014-12-20 04:45 - 1448469712 _____ () C:\Users\Austin\Downloads\Return-to-Castle-Wolfenstein-cz.rar
2014-12-20 01:58 - 2014-12-20 02:11 - 1216820711 _____ () C:\Users\Austin\Downloads\LaRoXion_full.exe
2014-12-18 23:58 - 2014-12-19 00:03 - 421119135 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_392_1080p_[5B314FBD].mkv
2014-12-17 16:17 - 2014-12-17 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-12-16 03:35 - 2014-12-16 04:43 - 873164800 _____ () C:\Users\Austin\Downloads\Sam-doma-2---Ztracen-v-New-Yorku.avi
2014-12-15 17:18 - 2014-12-15 18:03 - 525991292 _____ () C:\Users\Austin\Downloads\dabelsky-santa-komedie-filmy-cz-avi.avi.ygpbrx7.partial
2014-12-14 22:37 - 2014-12-14 23:40 - 734597120 _____ () C:\Users\Austin\Downloads\Sam-doma-1-cz.avi
2014-12-13 21:42 - 2014-12-13 21:42 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-13 21:36 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-13 21:36 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-11 17:49 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-11 17:49 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-11 17:47 - 2014-07-04 17:56 - 01642660 _____ () C:\Windows\WindowsUpdate.log
2015-01-11 17:44 - 2014-08-02 23:09 - 00000390 _____ () C:\Windows\Tasks\update-sys.job
2015-01-11 17:42 - 2014-07-04 19:24 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Skype
2015-01-11 17:41 - 2014-07-23 11:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-11 17:40 - 2014-07-09 16:21 - 00003794 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00002304 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00001538 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00001436 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00001416 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00001322 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00000942 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-01-11 17:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-11 17:28 - 2014-07-04 19:20 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-11 17:26 - 2014-07-09 16:21 - 00000946 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-01-11 16:46 - 2014-10-04 12:25 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Webshare
2015-01-11 16:46 - 2014-07-08 17:10 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-01-11 16:46 - 2014-07-04 20:01 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\vlc
2015-01-11 16:46 - 2014-07-04 19:55 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\uTorrent
2015-01-11 16:46 - 2014-07-04 18:01 - 00000000 ____D () C:\Users\Austin
2015-01-11 16:46 - 2010-11-21 10:38 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-11 16:45 - 2014-07-09 21:31 - 00000000 ____D () C:\Games
2015-01-11 15:23 - 2009-07-14 03:34 - 58195968 _____ () C:\Windows\system32\config\SOFTWARE.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 16252928 _____ () C:\Windows\system32\config\SYSTEM.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2015-01-07 19:44 - 2014-07-11 18:04 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\TeamViewer
2015-01-07 13:12 - 2014-07-05 07:27 - 00000000 ____D () C:\Austin - Filmy
2015-01-05 12:36 - 2014-08-02 23:09 - 00000390 _____ () C:\Windows\Tasks\update-S-1-5-21-2199681317-980097130-1220238891-1000.job
2015-01-05 10:54 - 2014-07-04 18:16 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E6826CC3-287E-4C04-9349-6664373E43B5}
2015-01-02 13:43 - 2014-07-09 10:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-02 13:43 - 2014-07-08 17:37 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\DAEMON Tools Lite
2015-01-02 00:42 - 2014-08-16 11:30 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\TS3Client
2014-12-29 14:01 - 2014-08-12 22:57 - 00000000 ____D () C:\Users\Austin\AppData\Local\PMB Files
2014-12-29 03:28 - 2014-11-03 19:14 - 00921636 _____ () C:\PA7302.DAT
2014-12-28 03:43 - 2014-08-12 22:57 - 00000000 ____D () C:\ProgramData\PMB Files
2014-12-28 02:02 - 2014-07-04 19:24 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-28 02:02 - 2014-07-04 19:24 - 00000000 ____D () C:\ProgramData\Skype
2014-12-26 03:39 - 2014-07-08 19:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-25 11:36 - 2014-09-08 11:56 - 00000066 _____ () C:\Users\Austin\.atl.properties
2014-12-24 03:08 - 2014-07-08 19:41 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-24 01:55 - 2014-11-04 21:21 - 00000000 ____D () C:\Program Files (x86)\Utherverse Digital Inc
2014-12-21 23:01 - 2014-07-21 15:09 - 00000000 ____D () C:\Users\Austin\.gimp-2.8
2014-12-21 22:55 - 2014-07-21 15:50 - 00000000 ____D () C:\Users\Austin\AppData\Local\gtk-2.0
2014-12-21 21:41 - 2014-07-30 22:33 - 00000000 ____D () C:\Users\Austin\Desktop\Last-World
2014-12-21 16:02 - 2014-07-04 19:56 - 00000000 ____D () C:\Users\Austin\Desktop\Programy
2014-12-20 13:11 - 2014-07-05 08:44 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-18 15:09 - 2014-11-22 17:46 - 00000000 ____D () C:\Users\Austin\Desktop\DragonBorn
2014-12-17 16:17 - 2014-08-02 23:09 - 00003266 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-2199681317-980097130-1220238891-1000
2014-12-17 16:17 - 2014-08-02 23:09 - 00000425 _____ () C:\Users\Austin\AppData\Local\UserProducts.xml
2014-12-17 15:56 - 2014-09-17 00:59 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1410911989
2014-12-17 15:56 - 2014-07-04 18:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-16 19:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 21:42 - 2014-07-06 04:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-13 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-13 21:41 - 2014-07-08 20:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-13 21:37 - 2014-07-08 20:16 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-11 17:17
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:465.66 GB) (Free:35.68 GB) NTFS
Available physical RAM: 4622.92 MB
Total physical RAM: 6390.71 MB
Percentage of memory in use: 27%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 419E0F09)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\update-S-1-5-21-2199681317-980097130-1220238891-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Austin\Desktop" je 44601 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightShot
C:\Users\Austin\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Austin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Far Cry.LNK
C:\PROGRA~2\Ubisoft\Crytek\FARCRY~1\Register\REGIST~1.EXE -d 806027 -l english -r 7 -g Far Cry [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2015
Ran by Austin (administrator) on AUSTIN-PC on 11-01-2015 18:02:28
Running from C:\Users\Austin\Desktop
Loaded Profile: Austin (Available profiles: Austin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_223_ActiveX.exe
(forum.viry.cz) C:\Users\Austin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-01] (AVAST Software)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [LightShot] => C:\Users\Austin\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-11-12] ()
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511131190} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2199681317-980097130-1220238891-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-23]
Chrome:
=======
CHR Profile: C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-31]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-31] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
S4 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-09] (globalUpdate) [File not signed]
S4 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-09] (globalUpdate) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-31] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-08] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc2.cfg [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-11 18:02 - 2015-01-11 18:02 - 00015551 _____ () C:\Users\Austin\Desktop\FRST.txt
2015-01-11 17:59 - 2015-01-11 17:59 - 02124288 _____ (Farbar) C:\Users\Austin\Desktop\FRST64.exe
2015-01-11 17:59 - 2015-01-11 17:59 - 00112640 _____ (forum.viry.cz) C:\Users\Austin\Desktop\FRSTLauncher.exe
2015-01-11 17:39 - 2015-01-11 17:39 - 00000334 _____ () C:\Windows\PFRO.log
2015-01-11 16:53 - 2015-01-11 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-11 16:52 - 2014-10-31 12:07 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-11 16:43 - 2015-01-11 16:43 - 00000679 _____ () C:\Users\Austin\Desktop\VIRY.CZ • Zobrazit téma - Nenačítá se systém..website
2015-01-11 16:39 - 2015-01-11 18:02 - 00000000 ____D () C:\FRST
2015-01-11 16:37 - 2015-01-11 16:46 - 00000000 ____D () C:\Users\Austin\Desktop\Čištění PC
2015-01-11 15:33 - 2015-01-11 15:33 - 00024814 _____ () C:\ComboFix.txt
2015-01-11 15:13 - 2015-01-11 15:33 - 00000000 ____D () C:\Qoobox
2015-01-11 13:25 - 2015-01-11 14:03 - 00000000 ____D () C:\Users\Austin\Downloads\Tomb Raider
2015-01-10 23:06 - 2015-01-10 23:11 - 549547008 _____ () C:\Users\Austin\Downloads\Jursky-park-3.avi.8zigvwp.partial
2015-01-10 20:00 - 2015-01-10 20:18 - 911518208 _____ () C:\Users\Austin\Downloads\Jursky-park-2-ztraceny-svet.avi.yqlxj4m.partial
2015-01-08 16:31 - 2015-01-08 16:37 - 318781229 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_394_1080p_[C5F351B6].mkv
2015-01-08 16:27 - 2015-01-08 16:27 - 00012731 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_394_1080p_[C5F351B6].mkv.torrent
2015-01-06 01:21 - 2015-01-06 01:27 - 734011530 _____ () C:\Users\Austin\Downloads\X-Men-Origins---Wolverine-2009-cz.avi.55ywvfk.partial
2015-01-04 01:00 - 2015-01-11 17:40 - 00000336 _____ () C:\Windows\setupact.log
2015-01-04 01:00 - 2015-01-04 01:00 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-02 15:57 - 2015-01-02 16:06 - 726035086 _____ () C:\Users\Austin\Downloads\IP-MAN-2008-AKCNI-DONNIE-YEN-CZ-DABING.avi
2014-12-31 17:02 - 2014-12-31 17:26 - 1571845950 _____ () C:\Users\Austin\Downloads\Toy-Story-3---Pribeh-hracek-3---by-pablos32.avi.frcy1lg.partial
2014-12-30 23:14 - 2014-12-30 23:27 - 640977920 _____ () C:\Users\Austin\Downloads\Toy-Story-2---Pribeh-hracek.Toy-Story-2-1999-CZ-Dabing-Animovany.avi
2014-12-30 18:33 - 2014-12-30 18:33 - 00170117 _____ () C:\Users\Austin\Downloads\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz (1).rar
2014-12-30 18:22 - 2014-12-30 18:22 - 00170117 _____ () C:\Users\Austin\Downloads\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz.rar
2014-12-30 04:06 - 2014-12-30 04:36 - 3556048896 _____ () C:\Users\Austin\Downloads\Bully-Schoolarship-edition.iso
2014-12-29 20:20 - 2014-12-29 20:30 - 716419072 _____ () C:\Users\Austin\Downloads\Toy-Story---Pribeh-hracek.avi
2014-12-28 18:11 - 2014-12-28 18:11 - 00010820 _____ () C:\Users\Austin\Desktop\Poslední-samuraj-cz-(titulky-k-japonstine).srt
2014-12-28 03:11 - 2014-12-28 03:11 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-12-28 03:11 - 2014-12-28 03:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-12-28 02:02 - 2014-12-28 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-28 02:01 - 2014-12-28 02:01 - 26951680 _____ () C:\Users\Austin\Downloads\SkypeSetup_6.21.0.104.msi
2014-12-27 19:22 - 2014-12-27 20:24 - 00239354 _____ () C:\Users\Austin\Downloads\OptiFine-HD-U-D3-1.4.7.zip.8xvarnc.partial
2014-12-27 16:38 - 2014-12-27 17:58 - 1424154342 _____ () C:\Users\Austin\Downloads\Ip-Man-2.cz-dub.avi
2014-12-27 00:35 - 2014-12-27 00:35 - 00000000 ____D () C:\Users\Austin\Desktop\NEW
2014-12-26 23:46 - 2014-12-27 19:58 - 00000000 ____D () C:\Users\Austin\Desktop\MultiMC
2014-12-26 23:46 - 2014-12-26 23:46 - 23304531 _____ () C:\Users\Austin\Downloads\mmc-stable-win32.zip
2014-12-26 19:50 - 2014-12-26 20:05 - 1411080192 _____ () C:\Users\Austin\Downloads\Pelisky-CZ-GHOST04.avi
2014-12-26 18:44 - 2014-12-27 19:16 - 00000000 ____D () C:\Users\Austin\Desktop\Nargonovy mody
2014-12-26 03:51 - 2014-12-26 03:55 - 377332595 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_393_1080p_[CA589F5F].mkv
2014-12-26 03:39 - 2014-12-26 03:39 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-26 03:39 - 2014-12-26 03:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-25 13:01 - 2014-12-25 13:09 - 734771200 _____ () C:\Users\Austin\Downloads\Nejkrasnejsi-hadanka.avi
2014-12-25 02:30 - 2015-01-03 17:37 - 22764208 _____ () C:\Users\Austin\Desktop\TechnicLauncher.exe
2014-12-25 02:30 - 2015-01-03 17:24 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\.technic
2014-12-24 12:09 - 2014-12-24 12:09 - 00000000 ____D () C:\Users\Austin\Downloads\Nargbox.1.4.7.Beta7
2014-12-24 12:05 - 2014-12-24 12:07 - 128800855 _____ () C:\Users\Austin\Downloads\Nargbox.1.4.7.Beta7.zip
2014-12-24 03:02 - 2014-12-24 03:02 - 00000000 ____D () C:\Program Files\Java
2014-12-23 20:48 - 2014-12-23 20:59 - 766353408 _____ () C:\Users\Austin\Downloads\Vanocni-prazdniny-cz-dabing.avi.4wxzeqj.partial
2014-12-22 19:48 - 2014-12-22 20:08 - 1048872076 _____ () C:\Users\Austin\Downloads\Sam-doma-a-bohaty.avi.vsgjkfp.partial
2014-12-22 18:12 - 2014-12-22 19:18 - 611838592 _____ () C:\Users\Austin\Downloads\Windows-XP-Professional-SP3-32bit-(CZ).zip
2014-12-21 22:53 - 2014-12-21 22:53 - 00001444 _____ () C:\Users\Austin\AppData\Local\recently-used.xbel
2014-12-20 14:01 - 2014-12-20 14:01 - 04740913 _____ ( ) C:\Users\Austin\Downloads\ExplorerSuite(1).exe
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\Users\Public\Documents\Explorer Suite Signatures
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\Program Files\NTCore
2014-12-20 14:00 - 2014-12-20 14:00 - 00231920 _____ () C:\Users\Austin\Downloads\ExplorerSuite.exe
2014-12-20 13:29 - 2014-12-21 21:39 - 00000000 ____D () C:\Users\Austin\Desktop\Attomey ---
2014-12-20 13:12 - 2014-12-20 13:23 - 966764556 _____ () C:\Users\Austin\Downloads\Attomey.rar
2014-12-20 05:21 - 2014-12-20 05:28 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
2014-12-20 05:21 - 2014-12-20 05:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
2014-12-20 05:20 - 2014-12-20 05:21 - 00000000 ____D () C:\Program Files (x86)\Return to Castle Wolfenstein
2014-12-20 05:19 - 2014-12-20 05:21 - 00000810 _____ () C:\Windows\Rtcw.INI
2014-12-20 05:19 - 2001-06-19 17:53 - 00266293 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.000
2014-12-20 05:17 - 2014-11-25 21:21 - 00000000 ____D () C:\Users\Austin\Desktop\Return to Castle Wolfenstein cz
2014-12-20 05:09 - 2015-01-11 16:46 - 00000000 ____D () C:\Users\Austin\Desktop\LaroxionMT2
2014-12-20 03:59 - 2014-12-26 18:43 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\.minecraft
2014-12-20 03:24 - 2014-12-20 04:45 - 1448469712 _____ () C:\Users\Austin\Downloads\Return-to-Castle-Wolfenstein-cz.rar
2014-12-20 01:58 - 2014-12-20 02:11 - 1216820711 _____ () C:\Users\Austin\Downloads\LaRoXion_full.exe
2014-12-18 23:58 - 2014-12-19 00:03 - 421119135 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_392_1080p_[5B314FBD].mkv
2014-12-17 16:17 - 2014-12-17 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-12-16 03:35 - 2014-12-16 04:43 - 873164800 _____ () C:\Users\Austin\Downloads\Sam-doma-2---Ztracen-v-New-Yorku.avi
2014-12-15 17:18 - 2014-12-15 18:03 - 525991292 _____ () C:\Users\Austin\Downloads\dabelsky-santa-komedie-filmy-cz-avi.avi.ygpbrx7.partial
2014-12-14 22:37 - 2014-12-14 23:40 - 734597120 _____ () C:\Users\Austin\Downloads\Sam-doma-1-cz.avi
2014-12-13 21:42 - 2014-12-13 21:42 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-13 21:36 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-13 21:36 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-11 17:49 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-11 17:49 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-11 17:47 - 2014-07-04 17:56 - 01642660 _____ () C:\Windows\WindowsUpdate.log
2015-01-11 17:44 - 2014-08-02 23:09 - 00000390 _____ () C:\Windows\Tasks\update-sys.job
2015-01-11 17:42 - 2014-07-04 19:24 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Skype
2015-01-11 17:41 - 2014-07-23 11:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-11 17:40 - 2014-07-09 16:21 - 00003794 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00002304 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00001538 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00001436 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00001416 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00001322 _____ () C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.job
2015-01-11 17:40 - 2014-07-09 16:21 - 00000942 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-01-11 17:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-11 17:28 - 2014-07-04 19:20 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-11 17:26 - 2014-07-09 16:21 - 00000946 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-01-11 16:46 - 2014-10-04 12:25 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Webshare
2015-01-11 16:46 - 2014-07-08 17:10 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-01-11 16:46 - 2014-07-04 20:01 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\vlc
2015-01-11 16:46 - 2014-07-04 19:55 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\uTorrent
2015-01-11 16:46 - 2014-07-04 18:01 - 00000000 ____D () C:\Users\Austin
2015-01-11 16:46 - 2010-11-21 10:38 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-11 16:45 - 2014-07-09 21:31 - 00000000 ____D () C:\Games
2015-01-11 15:23 - 2009-07-14 03:34 - 58195968 _____ () C:\Windows\system32\config\SOFTWARE.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 16252928 _____ () C:\Windows\system32\config\SYSTEM.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2015-01-07 19:44 - 2014-07-11 18:04 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\TeamViewer
2015-01-07 13:12 - 2014-07-05 07:27 - 00000000 ____D () C:\Austin - Filmy
2015-01-05 12:36 - 2014-08-02 23:09 - 00000390 _____ () C:\Windows\Tasks\update-S-1-5-21-2199681317-980097130-1220238891-1000.job
2015-01-05 10:54 - 2014-07-04 18:16 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E6826CC3-287E-4C04-9349-6664373E43B5}
2015-01-02 13:43 - 2014-07-09 10:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-02 13:43 - 2014-07-08 17:37 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\DAEMON Tools Lite
2015-01-02 00:42 - 2014-08-16 11:30 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\TS3Client
2014-12-29 14:01 - 2014-08-12 22:57 - 00000000 ____D () C:\Users\Austin\AppData\Local\PMB Files
2014-12-29 03:28 - 2014-11-03 19:14 - 00921636 _____ () C:\PA7302.DAT
2014-12-28 03:43 - 2014-08-12 22:57 - 00000000 ____D () C:\ProgramData\PMB Files
2014-12-28 02:02 - 2014-07-04 19:24 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-28 02:02 - 2014-07-04 19:24 - 00000000 ____D () C:\ProgramData\Skype
2014-12-26 03:39 - 2014-07-08 19:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-25 11:36 - 2014-09-08 11:56 - 00000066 _____ () C:\Users\Austin\.atl.properties
2014-12-24 03:08 - 2014-07-08 19:41 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-24 01:55 - 2014-11-04 21:21 - 00000000 ____D () C:\Program Files (x86)\Utherverse Digital Inc
2014-12-21 23:01 - 2014-07-21 15:09 - 00000000 ____D () C:\Users\Austin\.gimp-2.8
2014-12-21 22:55 - 2014-07-21 15:50 - 00000000 ____D () C:\Users\Austin\AppData\Local\gtk-2.0
2014-12-21 21:41 - 2014-07-30 22:33 - 00000000 ____D () C:\Users\Austin\Desktop\Last-World
2014-12-21 16:02 - 2014-07-04 19:56 - 00000000 ____D () C:\Users\Austin\Desktop\Programy
2014-12-20 13:11 - 2014-07-05 08:44 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-18 15:09 - 2014-11-22 17:46 - 00000000 ____D () C:\Users\Austin\Desktop\DragonBorn
2014-12-17 16:17 - 2014-08-02 23:09 - 00003266 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-2199681317-980097130-1220238891-1000
2014-12-17 16:17 - 2014-08-02 23:09 - 00000425 _____ () C:\Users\Austin\AppData\Local\UserProducts.xml
2014-12-17 15:56 - 2014-09-17 00:59 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1410911989
2014-12-17 15:56 - 2014-07-04 18:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-16 19:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 21:42 - 2014-07-06 04:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-13 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-13 21:41 - 2014-07-08 20:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-13 21:37 - 2014-07-08 20:16 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-11 17:17
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:465.66 GB) (Free:35.68 GB) NTFS
Available physical RAM: 4622.92 MB
Total physical RAM: 6390.71 MB
Percentage of memory in use: 27%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 419E0F09)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\update-S-1-5-21-2199681317-980097130-1220238891-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Austin\Desktop" je 44601 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightShot
C:\Users\Austin\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Austin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Far Cry.LNK
C:\PROGRA~2\Ubisoft\Crytek\FARCRY~1\Register\REGIST~1.EXE -d 806027 -l english -r 7 -g Far Cry [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- Tady je druhý TXT soubor.
- (7.91 KiB) Staženo 41 x
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nenačítá se systém.
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nenačítá se systém.
Po restartu naskočil tento log
# AdwCleaner v4.107 - Report created 11/01/2015 at 18:36:42
# Updated 07/01/2015 by Xplode
# Database : 2015-01-11.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Austin - AUSTIN-PC
# Running from : C:\Users\Austin\Desktop\adwcleaner_4.107.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Users\Austin\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Austin\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Austin\AppData\Roaming\FlvPlayer
Folder Deleted : C:\Users\Austin\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Austin\AppData\Roaming\Opera Software\Opera Stable\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn
***** [ Scheduled Tasks ] *****
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : update-sys
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user
Task Deleted : update-S-1-5-21-2199681317-980097130-1220238891-1000
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Lightshot]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\FlvPlayer
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\SystemK
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FlvPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Google Chrome v
-\\ Opera v26.0.1656.60
*************************
AdwCleaner[R0].txt - [12194 octets] - [11/01/2015 18:33:10]
AdwCleaner[S0].txt - [11256 octets] - [11/01/2015 18:36:42]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11317 octets] ##########
# AdwCleaner v4.107 - Report created 11/01/2015 at 18:36:42
# Updated 07/01/2015 by Xplode
# Database : 2015-01-11.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Austin - AUSTIN-PC
# Running from : C:\Users\Austin\Desktop\adwcleaner_4.107.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Users\Austin\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Austin\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Austin\AppData\Roaming\FlvPlayer
Folder Deleted : C:\Users\Austin\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Austin\AppData\Roaming\Opera Software\Opera Stable\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn
***** [ Scheduled Tasks ] *****
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : update-sys
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5
Task Deleted : 3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user
Task Deleted : update-S-1-5-21-2199681317-980097130-1220238891-1000
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Lightshot]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051390.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555135590}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566136690}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\FlvPlayer
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\SystemK
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FlvPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Google Chrome v
-\\ Opera v26.0.1656.60
*************************
AdwCleaner[R0].txt - [12194 octets] - [11/01/2015 18:33:10]
AdwCleaner[S0].txt - [11256 octets] - [11/01/2015 18:36:42]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11317 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nenačítá se systém.
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nenačítá se systém.
Tady ho máte.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2015
Ran by Austin (administrator) on AUSTIN-PC on 11-01-2015 20:45:22
Running from C:\Users\Austin\Desktop
Loaded Profile: Austin (Available profiles: Austin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_223_ActiveX.exe
(forum.viry.cz) C:\Users\Austin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-01] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [LightShot] => C:\Users\Austin\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-11-12] ()
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\MountPoints2: {db1f61f6-063d-11e4-b02e-dc0ea108a991} - E:\Setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tomb Raider[2013 3DM Crack Only ].lnk
ShortcutTarget: Tomb Raider[2013 3DM Crack Only ].lnk -> C:\ProgramData\{12deba25-fe2c-d1eb-12de-eba25fe2e897}\Tomb Raider[2013 3DM Crack Only ].exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511131190} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2199681317-980097130-1220238891-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-23]
Chrome:
=======
CHR Profile: C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-31]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-31] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-31] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-08] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-11 20:45 - 2015-01-11 20:45 - 00015327 _____ () C:\Users\Austin\Desktop\LM.bat
2015-01-11 20:45 - 2015-01-11 20:45 - 00013700 _____ () C:\Users\Austin\Desktop\FRST.txt
2015-01-11 20:43 - 2015-01-11 20:45 - 00029696 _____ () C:\Users\Austin\AppData\Local\MSGBOX.EXE
2015-01-11 20:42 - 2015-01-11 20:42 - 00112640 _____ (forum.viry.cz) C:\Users\Austin\Desktop\FRSTLauncher.exe
2015-01-11 18:52 - 2015-01-11 18:53 - 04942867 _____ () C:\Users\Austin\Downloads\Tomb-Raider-2013-Crack-CZ.rar
2015-01-11 18:51 - 2015-01-11 18:51 - 00000000 ____D () C:\ProgramData\{12deba25-fe2c-d1eb-12de-eba25fe2e897}
2015-01-11 18:33 - 2015-01-11 18:36 - 00000000 ____D () C:\AdwCleaner
2015-01-11 18:32 - 2015-01-11 18:32 - 02191360 _____ () C:\Users\Austin\Desktop\adwcleaner_4.107.exe
2015-01-11 18:28 - 2015-01-11 20:39 - 00008938 _____ () C:\Users\Austin\Documents\TombRaider.log
2015-01-11 18:28 - 2015-01-11 18:28 - 00000000 ____D () C:\Users\Austin\AppData\Local\SKIDROW
2015-01-11 18:24 - 2015-01-11 18:24 - 00002093 _____ () C:\Users\Public\Desktop\Tombraider.lnk
2015-01-11 18:24 - 2015-01-11 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
2015-01-11 18:15 - 2015-01-11 18:15 - 00000000 ____D () C:\Program Files (x86)\SQUARE ENIX
2015-01-11 17:59 - 2015-01-11 17:59 - 02124288 _____ (Farbar) C:\Users\Austin\Desktop\FRST64.exe
2015-01-11 17:39 - 2015-01-11 18:37 - 00000648 _____ () C:\Windows\PFRO.log
2015-01-11 16:53 - 2015-01-11 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-11 16:52 - 2014-10-31 12:07 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-11 16:43 - 2015-01-11 18:43 - 00000679 _____ () C:\Users\Austin\Desktop\VIRY.CZ • Zobrazit téma - Nenačítá se systém..website
2015-01-11 16:39 - 2015-01-11 20:45 - 00000000 ____D () C:\FRST
2015-01-11 16:37 - 2015-01-11 16:46 - 00000000 ____D () C:\Users\Austin\Desktop\Čištění PC
2015-01-11 15:33 - 2015-01-11 15:33 - 00024814 _____ () C:\ComboFix.txt
2015-01-11 15:13 - 2015-01-11 15:33 - 00000000 ____D () C:\Qoobox
2015-01-11 13:25 - 2015-01-11 14:03 - 00000000 ____D () C:\Users\Austin\Downloads\Tomb Raider
2015-01-10 23:06 - 2015-01-10 23:11 - 549547008 _____ () C:\Users\Austin\Downloads\Jursky-park-3.avi.8zigvwp.partial
2015-01-10 20:00 - 2015-01-10 20:18 - 911518208 _____ () C:\Users\Austin\Downloads\Jursky-park-2-ztraceny-svet.avi.yqlxj4m.partial
2015-01-08 16:31 - 2015-01-08 16:37 - 318781229 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_394_1080p_[C5F351B6].mkv
2015-01-08 16:27 - 2015-01-08 16:27 - 00012731 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_394_1080p_[C5F351B6].mkv.torrent
2015-01-06 01:21 - 2015-01-06 01:27 - 734011530 _____ () C:\Users\Austin\Downloads\X-Men-Origins---Wolverine-2009-cz.avi.55ywvfk.partial
2015-01-04 01:00 - 2015-01-11 18:38 - 00000504 _____ () C:\Windows\setupact.log
2015-01-04 01:00 - 2015-01-04 01:00 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-02 15:57 - 2015-01-02 16:06 - 726035086 _____ () C:\Users\Austin\Downloads\IP-MAN-2008-AKCNI-DONNIE-YEN-CZ-DABING.avi
2014-12-31 17:02 - 2014-12-31 17:26 - 1571845950 _____ () C:\Users\Austin\Downloads\Toy-Story-3---Pribeh-hracek-3---by-pablos32.avi.frcy1lg.partial
2014-12-30 23:14 - 2014-12-30 23:27 - 640977920 _____ () C:\Users\Austin\Downloads\Toy-Story-2---Pribeh-hracek.Toy-Story-2-1999-CZ-Dabing-Animovany.avi
2014-12-30 18:33 - 2014-12-30 18:33 - 00170117 _____ () C:\Users\Austin\Downloads\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz (1).rar
2014-12-30 18:22 - 2014-12-30 18:22 - 00170117 _____ () C:\Users\Austin\Downloads\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz.rar
2014-12-30 04:06 - 2014-12-30 04:36 - 3556048896 _____ () C:\Users\Austin\Downloads\Bully-Schoolarship-edition.iso
2014-12-29 20:20 - 2014-12-29 20:30 - 716419072 _____ () C:\Users\Austin\Downloads\Toy-Story---Pribeh-hracek.avi
2014-12-28 18:11 - 2014-12-28 18:11 - 00010820 _____ () C:\Users\Austin\Desktop\Poslední-samuraj-cz-(titulky-k-japonstine).srt
2014-12-28 03:11 - 2014-12-28 03:11 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-12-28 03:11 - 2014-12-28 03:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-12-28 02:02 - 2014-12-28 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-28 02:01 - 2014-12-28 02:01 - 26951680 _____ () C:\Users\Austin\Downloads\SkypeSetup_6.21.0.104.msi
2014-12-27 19:22 - 2014-12-27 20:24 - 00239354 _____ () C:\Users\Austin\Downloads\OptiFine-HD-U-D3-1.4.7.zip.8xvarnc.partial
2014-12-27 16:38 - 2014-12-27 17:58 - 1424154342 _____ () C:\Users\Austin\Downloads\Ip-Man-2.cz-dub.avi
2014-12-27 00:35 - 2015-01-11 18:30 - 00000000 ____D () C:\Users\Austin\Desktop\NEW
2014-12-26 23:46 - 2014-12-27 19:58 - 00000000 ____D () C:\Users\Austin\Desktop\MultiMC
2014-12-26 23:46 - 2014-12-26 23:46 - 23304531 _____ () C:\Users\Austin\Downloads\mmc-stable-win32.zip
2014-12-26 19:50 - 2014-12-26 20:05 - 1411080192 _____ () C:\Users\Austin\Downloads\Pelisky-CZ-GHOST04.avi
2014-12-26 18:44 - 2014-12-27 19:16 - 00000000 ____D () C:\Users\Austin\Desktop\Nargonovy mody
2014-12-26 03:51 - 2014-12-26 03:55 - 377332595 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_393_1080p_[CA589F5F].mkv
2014-12-26 03:39 - 2014-12-26 03:39 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-26 03:39 - 2014-12-26 03:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-25 13:01 - 2014-12-25 13:09 - 734771200 _____ () C:\Users\Austin\Downloads\Nejkrasnejsi-hadanka.avi
2014-12-25 02:30 - 2015-01-03 17:37 - 22764208 _____ () C:\Users\Austin\Desktop\TechnicLauncher.exe
2014-12-25 02:30 - 2015-01-03 17:24 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\.technic
2014-12-24 12:09 - 2014-12-24 12:09 - 00000000 ____D () C:\Users\Austin\Downloads\Nargbox.1.4.7.Beta7
2014-12-24 12:05 - 2014-12-24 12:07 - 128800855 _____ () C:\Users\Austin\Downloads\Nargbox.1.4.7.Beta7.zip
2014-12-24 03:02 - 2014-12-24 03:02 - 00000000 ____D () C:\Program Files\Java
2014-12-23 20:48 - 2014-12-23 20:59 - 766353408 _____ () C:\Users\Austin\Downloads\Vanocni-prazdniny-cz-dabing.avi.4wxzeqj.partial
2014-12-22 19:48 - 2014-12-22 20:08 - 1048872076 _____ () C:\Users\Austin\Downloads\Sam-doma-a-bohaty.avi.vsgjkfp.partial
2014-12-22 18:12 - 2014-12-22 19:18 - 611838592 _____ () C:\Users\Austin\Downloads\Windows-XP-Professional-SP3-32bit-(CZ).zip
2014-12-21 22:53 - 2014-12-21 22:53 - 00001444 _____ () C:\Users\Austin\AppData\Local\recently-used.xbel
2014-12-20 14:01 - 2014-12-20 14:01 - 04740913 _____ ( ) C:\Users\Austin\Downloads\ExplorerSuite(1).exe
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\Users\Public\Documents\Explorer Suite Signatures
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\Program Files\NTCore
2014-12-20 14:00 - 2014-12-20 14:00 - 00231920 _____ () C:\Users\Austin\Downloads\ExplorerSuite.exe
2014-12-20 13:29 - 2014-12-21 21:39 - 00000000 ____D () C:\Users\Austin\Desktop\Attomey ---
2014-12-20 13:12 - 2014-12-20 13:23 - 966764556 _____ () C:\Users\Austin\Downloads\Attomey.rar
2014-12-20 05:21 - 2014-12-20 05:28 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
2014-12-20 05:21 - 2014-12-20 05:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
2014-12-20 05:20 - 2014-12-20 05:21 - 00000000 ____D () C:\Program Files (x86)\Return to Castle Wolfenstein
2014-12-20 05:19 - 2014-12-20 05:21 - 00000810 _____ () C:\Windows\Rtcw.INI
2014-12-20 05:19 - 2001-06-19 17:53 - 00266293 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.000
2014-12-20 05:17 - 2014-11-25 21:21 - 00000000 ____D () C:\Users\Austin\Desktop\Return to Castle Wolfenstein cz
2014-12-20 05:09 - 2015-01-11 16:46 - 00000000 ____D () C:\Users\Austin\Desktop\LaroxionMT2
2014-12-20 03:59 - 2014-12-26 18:43 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\.minecraft
2014-12-20 03:24 - 2014-12-20 04:45 - 1448469712 _____ () C:\Users\Austin\Downloads\Return-to-Castle-Wolfenstein-cz.rar
2014-12-20 01:58 - 2014-12-20 02:11 - 1216820711 _____ () C:\Users\Austin\Downloads\LaRoXion_full.exe
2014-12-18 23:58 - 2014-12-19 00:03 - 421119135 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_392_1080p_[5B314FBD].mkv
2014-12-17 16:17 - 2014-12-17 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-12-16 03:35 - 2014-12-16 04:43 - 873164800 _____ () C:\Users\Austin\Downloads\Sam-doma-2---Ztracen-v-New-Yorku.avi
2014-12-15 17:18 - 2014-12-15 18:03 - 525991292 _____ () C:\Users\Austin\Downloads\dabelsky-santa-komedie-filmy-cz-avi.avi.ygpbrx7.partial
2014-12-14 22:37 - 2014-12-14 23:40 - 734597120 _____ () C:\Users\Austin\Downloads\Sam-doma-1-cz.avi
2014-12-13 21:42 - 2014-12-13 21:42 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-13 21:36 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-13 21:36 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-11 20:40 - 2014-07-04 19:24 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Skype
2015-01-11 20:28 - 2014-07-04 19:20 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-11 18:46 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-11 18:46 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-11 18:43 - 2014-07-04 17:56 - 01654750 _____ () C:\Windows\WindowsUpdate.log
2015-01-11 18:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-11 18:27 - 2014-07-09 10:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-11 17:41 - 2014-07-23 11:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-11 16:46 - 2014-10-04 12:25 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Webshare
2015-01-11 16:46 - 2014-07-08 17:10 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-01-11 16:46 - 2014-07-04 20:01 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\vlc
2015-01-11 16:46 - 2014-07-04 19:55 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\uTorrent
2015-01-11 16:46 - 2014-07-04 18:01 - 00000000 ____D () C:\Users\Austin
2015-01-11 16:46 - 2010-11-21 10:38 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-11 16:45 - 2014-07-09 21:31 - 00000000 ____D () C:\Games
2015-01-11 15:23 - 2009-07-14 03:34 - 58195968 _____ () C:\Windows\system32\config\SOFTWARE.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 16252928 _____ () C:\Windows\system32\config\SYSTEM.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2015-01-07 19:44 - 2014-07-11 18:04 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\TeamViewer
2015-01-07 13:12 - 2014-07-05 07:27 - 00000000 ____D () C:\Austin - Filmy
2015-01-05 10:54 - 2014-07-04 18:16 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E6826CC3-287E-4C04-9349-6664373E43B5}
2015-01-02 13:43 - 2014-07-08 17:37 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\DAEMON Tools Lite
2015-01-02 00:42 - 2014-08-16 11:30 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\TS3Client
2014-12-29 14:01 - 2014-08-12 22:57 - 00000000 ____D () C:\Users\Austin\AppData\Local\PMB Files
2014-12-29 03:28 - 2014-11-03 19:14 - 00921636 _____ () C:\PA7302.DAT
2014-12-28 03:43 - 2014-08-12 22:57 - 00000000 ____D () C:\ProgramData\PMB Files
2014-12-28 02:02 - 2014-07-04 19:24 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-28 02:02 - 2014-07-04 19:24 - 00000000 ____D () C:\ProgramData\Skype
2014-12-26 03:39 - 2014-07-08 19:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-25 11:36 - 2014-09-08 11:56 - 00000066 _____ () C:\Users\Austin\.atl.properties
2014-12-24 03:08 - 2014-07-08 19:41 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-24 01:55 - 2014-11-04 21:21 - 00000000 ____D () C:\Program Files (x86)\Utherverse Digital Inc
2014-12-21 23:01 - 2014-07-21 15:09 - 00000000 ____D () C:\Users\Austin\.gimp-2.8
2014-12-21 22:55 - 2014-07-21 15:50 - 00000000 ____D () C:\Users\Austin\AppData\Local\gtk-2.0
2014-12-21 21:41 - 2014-07-30 22:33 - 00000000 ____D () C:\Users\Austin\Desktop\Last-World
2014-12-21 16:02 - 2014-07-04 19:56 - 00000000 ____D () C:\Users\Austin\Desktop\Programy
2014-12-20 13:11 - 2014-07-05 08:44 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-18 15:09 - 2014-11-22 17:46 - 00000000 ____D () C:\Users\Austin\Desktop\DragonBorn
2014-12-17 16:17 - 2014-08-02 23:09 - 00000425 _____ () C:\Users\Austin\AppData\Local\UserProducts.xml
2014-12-17 15:56 - 2014-09-17 00:59 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1410911989
2014-12-17 15:56 - 2014-07-04 18:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-16 19:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 21:42 - 2014-07-06 04:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-13 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-13 21:41 - 2014-07-08 20:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-13 21:37 - 2014-07-08 20:16 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Austin\AppData\Local\Temp\Quarantine.exe
C:\Users\Austin\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-11 17:17
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2015
Ran by Austin (administrator) on AUSTIN-PC on 11-01-2015 20:45:22
Running from C:\Users\Austin\Desktop
Loaded Profile: Austin (Available profiles: Austin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_223_ActiveX.exe
(forum.viry.cz) C:\Users\Austin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-01] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [LightShot] => C:\Users\Austin\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-11-12] ()
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\MountPoints2: {db1f61f6-063d-11e4-b02e-dc0ea108a991} - E:\Setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tomb Raider[2013 3DM Crack Only ].lnk
ShortcutTarget: Tomb Raider[2013 3DM Crack Only ].lnk -> C:\ProgramData\{12deba25-fe2c-d1eb-12de-eba25fe2e897}\Tomb Raider[2013 3DM Crack Only ].exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-2199681317-980097130-1220238891-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511131190} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2199681317-980097130-1220238891-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-23]
Chrome:
=======
CHR Profile: C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Austin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-31]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-31] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros) [File not signed]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-31] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-31] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-08] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-11 20:45 - 2015-01-11 20:45 - 00015327 _____ () C:\Users\Austin\Desktop\LM.bat
2015-01-11 20:45 - 2015-01-11 20:45 - 00013700 _____ () C:\Users\Austin\Desktop\FRST.txt
2015-01-11 20:43 - 2015-01-11 20:45 - 00029696 _____ () C:\Users\Austin\AppData\Local\MSGBOX.EXE
2015-01-11 20:42 - 2015-01-11 20:42 - 00112640 _____ (forum.viry.cz) C:\Users\Austin\Desktop\FRSTLauncher.exe
2015-01-11 18:52 - 2015-01-11 18:53 - 04942867 _____ () C:\Users\Austin\Downloads\Tomb-Raider-2013-Crack-CZ.rar
2015-01-11 18:51 - 2015-01-11 18:51 - 00000000 ____D () C:\ProgramData\{12deba25-fe2c-d1eb-12de-eba25fe2e897}
2015-01-11 18:33 - 2015-01-11 18:36 - 00000000 ____D () C:\AdwCleaner
2015-01-11 18:32 - 2015-01-11 18:32 - 02191360 _____ () C:\Users\Austin\Desktop\adwcleaner_4.107.exe
2015-01-11 18:28 - 2015-01-11 20:39 - 00008938 _____ () C:\Users\Austin\Documents\TombRaider.log
2015-01-11 18:28 - 2015-01-11 18:28 - 00000000 ____D () C:\Users\Austin\AppData\Local\SKIDROW
2015-01-11 18:24 - 2015-01-11 18:24 - 00002093 _____ () C:\Users\Public\Desktop\Tombraider.lnk
2015-01-11 18:24 - 2015-01-11 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
2015-01-11 18:15 - 2015-01-11 18:15 - 00000000 ____D () C:\Program Files (x86)\SQUARE ENIX
2015-01-11 17:59 - 2015-01-11 17:59 - 02124288 _____ (Farbar) C:\Users\Austin\Desktop\FRST64.exe
2015-01-11 17:39 - 2015-01-11 18:37 - 00000648 _____ () C:\Windows\PFRO.log
2015-01-11 16:53 - 2015-01-11 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-11 16:52 - 2014-10-31 12:07 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-11 16:43 - 2015-01-11 18:43 - 00000679 _____ () C:\Users\Austin\Desktop\VIRY.CZ • Zobrazit téma - Nenačítá se systém..website
2015-01-11 16:39 - 2015-01-11 20:45 - 00000000 ____D () C:\FRST
2015-01-11 16:37 - 2015-01-11 16:46 - 00000000 ____D () C:\Users\Austin\Desktop\Čištění PC
2015-01-11 15:33 - 2015-01-11 15:33 - 00024814 _____ () C:\ComboFix.txt
2015-01-11 15:13 - 2015-01-11 15:33 - 00000000 ____D () C:\Qoobox
2015-01-11 13:25 - 2015-01-11 14:03 - 00000000 ____D () C:\Users\Austin\Downloads\Tomb Raider
2015-01-10 23:06 - 2015-01-10 23:11 - 549547008 _____ () C:\Users\Austin\Downloads\Jursky-park-3.avi.8zigvwp.partial
2015-01-10 20:00 - 2015-01-10 20:18 - 911518208 _____ () C:\Users\Austin\Downloads\Jursky-park-2-ztraceny-svet.avi.yqlxj4m.partial
2015-01-08 16:31 - 2015-01-08 16:37 - 318781229 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_394_1080p_[C5F351B6].mkv
2015-01-08 16:27 - 2015-01-08 16:27 - 00012731 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_394_1080p_[C5F351B6].mkv.torrent
2015-01-06 01:21 - 2015-01-06 01:27 - 734011530 _____ () C:\Users\Austin\Downloads\X-Men-Origins---Wolverine-2009-cz.avi.55ywvfk.partial
2015-01-04 01:00 - 2015-01-11 18:38 - 00000504 _____ () C:\Windows\setupact.log
2015-01-04 01:00 - 2015-01-04 01:00 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-02 15:57 - 2015-01-02 16:06 - 726035086 _____ () C:\Users\Austin\Downloads\IP-MAN-2008-AKCNI-DONNIE-YEN-CZ-DABING.avi
2014-12-31 17:02 - 2014-12-31 17:26 - 1571845950 _____ () C:\Users\Austin\Downloads\Toy-Story-3---Pribeh-hracek-3---by-pablos32.avi.frcy1lg.partial
2014-12-30 23:14 - 2014-12-30 23:27 - 640977920 _____ () C:\Users\Austin\Downloads\Toy-Story-2---Pribeh-hracek.Toy-Story-2-1999-CZ-Dabing-Animovany.avi
2014-12-30 18:33 - 2014-12-30 18:33 - 00170117 _____ () C:\Users\Austin\Downloads\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz (1).rar
2014-12-30 18:22 - 2014-12-30 18:22 - 00170117 _____ () C:\Users\Austin\Downloads\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz.rar
2014-12-30 04:06 - 2014-12-30 04:36 - 3556048896 _____ () C:\Users\Austin\Downloads\Bully-Schoolarship-edition.iso
2014-12-29 20:20 - 2014-12-29 20:30 - 716419072 _____ () C:\Users\Austin\Downloads\Toy-Story---Pribeh-hracek.avi
2014-12-28 18:11 - 2014-12-28 18:11 - 00010820 _____ () C:\Users\Austin\Desktop\Poslední-samuraj-cz-(titulky-k-japonstine).srt
2014-12-28 03:11 - 2014-12-28 03:11 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-12-28 03:11 - 2014-12-28 03:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-12-28 02:02 - 2014-12-28 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-28 02:01 - 2014-12-28 02:01 - 26951680 _____ () C:\Users\Austin\Downloads\SkypeSetup_6.21.0.104.msi
2014-12-27 19:22 - 2014-12-27 20:24 - 00239354 _____ () C:\Users\Austin\Downloads\OptiFine-HD-U-D3-1.4.7.zip.8xvarnc.partial
2014-12-27 16:38 - 2014-12-27 17:58 - 1424154342 _____ () C:\Users\Austin\Downloads\Ip-Man-2.cz-dub.avi
2014-12-27 00:35 - 2015-01-11 18:30 - 00000000 ____D () C:\Users\Austin\Desktop\NEW
2014-12-26 23:46 - 2014-12-27 19:58 - 00000000 ____D () C:\Users\Austin\Desktop\MultiMC
2014-12-26 23:46 - 2014-12-26 23:46 - 23304531 _____ () C:\Users\Austin\Downloads\mmc-stable-win32.zip
2014-12-26 19:50 - 2014-12-26 20:05 - 1411080192 _____ () C:\Users\Austin\Downloads\Pelisky-CZ-GHOST04.avi
2014-12-26 18:44 - 2014-12-27 19:16 - 00000000 ____D () C:\Users\Austin\Desktop\Nargonovy mody
2014-12-26 03:51 - 2014-12-26 03:55 - 377332595 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_393_1080p_[CA589F5F].mkv
2014-12-26 03:39 - 2014-12-26 03:39 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-26 03:39 - 2014-12-26 03:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-25 13:01 - 2014-12-25 13:09 - 734771200 _____ () C:\Users\Austin\Downloads\Nejkrasnejsi-hadanka.avi
2014-12-25 02:30 - 2015-01-03 17:37 - 22764208 _____ () C:\Users\Austin\Desktop\TechnicLauncher.exe
2014-12-25 02:30 - 2015-01-03 17:24 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\.technic
2014-12-24 12:09 - 2014-12-24 12:09 - 00000000 ____D () C:\Users\Austin\Downloads\Nargbox.1.4.7.Beta7
2014-12-24 12:05 - 2014-12-24 12:07 - 128800855 _____ () C:\Users\Austin\Downloads\Nargbox.1.4.7.Beta7.zip
2014-12-24 03:02 - 2014-12-24 03:02 - 00000000 ____D () C:\Program Files\Java
2014-12-23 20:48 - 2014-12-23 20:59 - 766353408 _____ () C:\Users\Austin\Downloads\Vanocni-prazdniny-cz-dabing.avi.4wxzeqj.partial
2014-12-22 19:48 - 2014-12-22 20:08 - 1048872076 _____ () C:\Users\Austin\Downloads\Sam-doma-a-bohaty.avi.vsgjkfp.partial
2014-12-22 18:12 - 2014-12-22 19:18 - 611838592 _____ () C:\Users\Austin\Downloads\Windows-XP-Professional-SP3-32bit-(CZ).zip
2014-12-21 22:53 - 2014-12-21 22:53 - 00001444 _____ () C:\Users\Austin\AppData\Local\recently-used.xbel
2014-12-20 14:01 - 2014-12-20 14:01 - 04740913 _____ ( ) C:\Users\Austin\Downloads\ExplorerSuite(1).exe
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\Users\Public\Documents\Explorer Suite Signatures
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite
2014-12-20 14:01 - 2014-12-20 14:01 - 00000000 ____D () C:\Program Files\NTCore
2014-12-20 14:00 - 2014-12-20 14:00 - 00231920 _____ () C:\Users\Austin\Downloads\ExplorerSuite.exe
2014-12-20 13:29 - 2014-12-21 21:39 - 00000000 ____D () C:\Users\Austin\Desktop\Attomey ---
2014-12-20 13:12 - 2014-12-20 13:23 - 966764556 _____ () C:\Users\Austin\Downloads\Attomey.rar
2014-12-20 05:21 - 2014-12-20 05:28 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
2014-12-20 05:21 - 2014-12-20 05:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
2014-12-20 05:20 - 2014-12-20 05:21 - 00000000 ____D () C:\Program Files (x86)\Return to Castle Wolfenstein
2014-12-20 05:19 - 2014-12-20 05:21 - 00000810 _____ () C:\Windows\Rtcw.INI
2014-12-20 05:19 - 2001-06-19 17:53 - 00266293 _____ (Microsoft Corporation) C:\Windows\SysWOW64\temp.000
2014-12-20 05:17 - 2014-11-25 21:21 - 00000000 ____D () C:\Users\Austin\Desktop\Return to Castle Wolfenstein cz
2014-12-20 05:09 - 2015-01-11 16:46 - 00000000 ____D () C:\Users\Austin\Desktop\LaroxionMT2
2014-12-20 03:59 - 2014-12-26 18:43 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\.minecraft
2014-12-20 03:24 - 2014-12-20 04:45 - 1448469712 _____ () C:\Users\Austin\Downloads\Return-to-Castle-Wolfenstein-cz.rar
2014-12-20 01:58 - 2014-12-20 02:11 - 1216820711 _____ () C:\Users\Austin\Downloads\LaRoXion_full.exe
2014-12-18 23:58 - 2014-12-19 00:03 - 421119135 _____ () C:\Users\Austin\Downloads\[CNT]_Naruto_Shippuuden_392_1080p_[5B314FBD].mkv
2014-12-17 16:17 - 2014-12-17 16:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-12-16 03:35 - 2014-12-16 04:43 - 873164800 _____ () C:\Users\Austin\Downloads\Sam-doma-2---Ztracen-v-New-Yorku.avi
2014-12-15 17:18 - 2014-12-15 18:03 - 525991292 _____ () C:\Users\Austin\Downloads\dabelsky-santa-komedie-filmy-cz-avi.avi.ygpbrx7.partial
2014-12-14 22:37 - 2014-12-14 23:40 - 734597120 _____ () C:\Users\Austin\Downloads\Sam-doma-1-cz.avi
2014-12-13 21:42 - 2014-12-13 21:42 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-13 21:36 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-13 21:36 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-11 20:40 - 2014-07-04 19:24 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Skype
2015-01-11 20:28 - 2014-07-04 19:20 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-11 18:46 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-11 18:46 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-11 18:43 - 2014-07-04 17:56 - 01654750 _____ () C:\Windows\WindowsUpdate.log
2015-01-11 18:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-11 18:27 - 2014-07-09 10:18 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-11 17:41 - 2014-07-23 11:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-11 16:46 - 2014-10-04 12:25 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Webshare
2015-01-11 16:46 - 2014-07-08 17:10 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-01-11 16:46 - 2014-07-04 20:01 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\vlc
2015-01-11 16:46 - 2014-07-04 19:55 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\uTorrent
2015-01-11 16:46 - 2014-07-04 18:01 - 00000000 ____D () C:\Users\Austin
2015-01-11 16:46 - 2010-11-21 10:38 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-11 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-11 16:45 - 2014-07-09 21:31 - 00000000 ____D () C:\Games
2015-01-11 15:23 - 2009-07-14 03:34 - 58195968 _____ () C:\Windows\system32\config\SOFTWARE.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 16252928 _____ () C:\Windows\system32\config\SYSTEM.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2015-01-11 15:23 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2015-01-07 19:44 - 2014-07-11 18:04 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\TeamViewer
2015-01-07 13:12 - 2014-07-05 07:27 - 00000000 ____D () C:\Austin - Filmy
2015-01-05 10:54 - 2014-07-04 18:16 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E6826CC3-287E-4C04-9349-6664373E43B5}
2015-01-02 13:43 - 2014-07-08 17:37 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\DAEMON Tools Lite
2015-01-02 00:42 - 2014-08-16 11:30 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\TS3Client
2014-12-29 14:01 - 2014-08-12 22:57 - 00000000 ____D () C:\Users\Austin\AppData\Local\PMB Files
2014-12-29 03:28 - 2014-11-03 19:14 - 00921636 _____ () C:\PA7302.DAT
2014-12-28 03:43 - 2014-08-12 22:57 - 00000000 ____D () C:\ProgramData\PMB Files
2014-12-28 02:02 - 2014-07-04 19:24 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-28 02:02 - 2014-07-04 19:24 - 00000000 ____D () C:\ProgramData\Skype
2014-12-26 03:39 - 2014-07-08 19:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-25 11:36 - 2014-09-08 11:56 - 00000066 _____ () C:\Users\Austin\.atl.properties
2014-12-24 03:08 - 2014-07-08 19:41 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-24 01:55 - 2014-11-04 21:21 - 00000000 ____D () C:\Program Files (x86)\Utherverse Digital Inc
2014-12-21 23:01 - 2014-07-21 15:09 - 00000000 ____D () C:\Users\Austin\.gimp-2.8
2014-12-21 22:55 - 2014-07-21 15:50 - 00000000 ____D () C:\Users\Austin\AppData\Local\gtk-2.0
2014-12-21 21:41 - 2014-07-30 22:33 - 00000000 ____D () C:\Users\Austin\Desktop\Last-World
2014-12-21 16:02 - 2014-07-04 19:56 - 00000000 ____D () C:\Users\Austin\Desktop\Programy
2014-12-20 13:11 - 2014-07-05 08:44 - 00000000 ____D () C:\Users\Austin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-18 15:09 - 2014-11-22 17:46 - 00000000 ____D () C:\Users\Austin\Desktop\DragonBorn
2014-12-17 16:17 - 2014-08-02 23:09 - 00000425 _____ () C:\Users\Austin\AppData\Local\UserProducts.xml
2014-12-17 15:56 - 2014-09-17 00:59 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1410911989
2014-12-17 15:56 - 2014-07-04 18:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-16 19:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 21:42 - 2014-07-06 04:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-13 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 21:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-13 21:41 - 2014-07-08 20:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-13 21:37 - 2014-07-08 20:16 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Austin\AppData\Local\Temp\Quarantine.exe
C:\Users\Austin\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-11 17:17
==================== End Of Log ============================
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nenačítá se systém.
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\MountPoints2: {db1f61f6-063d-11e4-b02e-dc0ea108a991} - E:\Setup.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {11111111-1111-1111-1111-110511131190} -> No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Users\Austin\AppData\Local\Temp
Task: {567D70DD-C8F5-467C-AC40-E479ACBCC25F} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-09] (globalUpdate) <==== ATTENTION
Task: {6D4C593E-CC3E-4DB5-A96C-9537DA07E32C} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.exe <==== ATTENTION
Task: {A26FC883-88C5-4A57-9533-2DBA2D272882} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.exe <==== ATTENTION
Task: {A9AF9D23-04DD-43FA-ADA2-A91A5E811CA3} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: {BB125494-74CD-4ADD-92C1-19598F293C3F} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: {BF548EB3-CDE0-4523-9D23-53AAE584092E} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.exe <==== ATTENTION
Task: {CB14A7F3-28FB-4777-8231-EA91A54C6E87} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1 => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: {CD49ED5E-0D1A-4BD2-A8E3-616DE38BD262} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-09] (globalUpdate) <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nenačítá se systém.
Tohle je ten FixLog.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-01-2015
Ran by Austin at 2015-01-11 22:01:37 Run:1
Running from C:\Users\Austin\Desktop
Loaded Profile: Austin (Available profiles: Austin)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\MountPoints2: {db1f61f6-063d-11e4-b02e-dc0ea108a991} - E:\Setup.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {11111111-1111-1111-1111-110511131190} -> No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Users\Austin\AppData\Local\Temp
Task: {567D70DD-C8F5-467C-AC40-E479ACBCC25F} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-09] (globalUpdate) <==== ATTENTION
Task: {6D4C593E-CC3E-4DB5-A96C-9537DA07E32C} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.exe <==== ATTENTION
Task: {A26FC883-88C5-4A57-9533-2DBA2D272882} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.exe <==== ATTENTION
Task: {A9AF9D23-04DD-43FA-ADA2-A91A5E811CA3} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: {BB125494-74CD-4ADD-92C1-19598F293C3F} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: {BF548EB3-CDE0-4523-9D23-53AAE584092E} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.exe <==== ATTENTION
Task: {CB14A7F3-28FB-4777-8231-EA91A54C6E87} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1 => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: {CD49ED5E-0D1A-4BD2-A8E3-616DE38BD262} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-09] (globalUpdate) <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
"HKU\S-1-5-21-2199681317-980097130-1220238891-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db1f61f6-063d-11e4-b02e-dc0ea108a991}" => Key deleted successfully.
HKCR\CLSID\{db1f61f6-063d-11e4-b02e-dc0ea108a991} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}" => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110511131190} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => Moved successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
"C:\Users\Austin\AppData\Local\Temp" directory move:
C:\Users\Austin\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Austin\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Austin\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~6FE2.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~8304.bat => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~8304.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~97CF.bat => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~97CF.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~D25D.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~DD93.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~E7C1.bat => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~E7C1.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\c2A7Fb4a\temp\bg.ca => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\c2A7Fb4a\temp\Tomb Raider[2013 3DM Crack Only ].exe => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\c2A7Fb4a\images\loader.gif => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\c2A7Fb4a\images\progressbar.gif => Moved successfully.
Could not move "C:\Users\Austin\AppData\Local\Temp" directory. => Scheduled to move on reboot.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{567D70DD-C8F5-467C-AC40-E479ACBCC25F} => Key not found.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D4C593E-CC3E-4DB5-A96C-9537DA07E32C} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A26FC883-88C5-4A57-9533-2DBA2D272882} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9AF9D23-04DD-43FA-ADA2-A91A5E811CA3} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB125494-74CD-4ADD-92C1-19598F293C3F} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF548EB3-CDE0-4523-9D23-53AAE584092E} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB14A7F3-28FB-4777-8231-EA91A54C6E87} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD49ED5E-0D1A-4BD2-A8E3-616DE38BD262} => Key not found.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA => Key not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job not found.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-11 22:03:59)<=
C:\Users\Austin\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Austin\AppData\Local\Temp => Moved successfully.
==== End of Fixlog 22:04:00 ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-01-2015
Ran by Austin at 2015-01-11 22:01:37 Run:1
Running from C:\Users\Austin\Desktop
Loaded Profile: Austin (Available profiles: Austin)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-2199681317-980097130-1220238891-1000\...\MountPoints2: {db1f61f6-063d-11e4-b02e-dc0ea108a991} - E:\Setup.exe
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {11111111-1111-1111-1111-110511131190} -> No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Users\Austin\AppData\Local\Temp
Task: {567D70DD-C8F5-467C-AC40-E479ACBCC25F} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-09] (globalUpdate) <==== ATTENTION
Task: {6D4C593E-CC3E-4DB5-A96C-9537DA07E32C} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.exe <==== ATTENTION
Task: {A26FC883-88C5-4A57-9533-2DBA2D272882} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.exe <==== ATTENTION
Task: {A9AF9D23-04DD-43FA-ADA2-A91A5E811CA3} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: {BB125494-74CD-4ADD-92C1-19598F293C3F} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: {BF548EB3-CDE0-4523-9D23-53AAE584092E} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11 => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.exe <==== ATTENTION
Task: {CB14A7F3-28FB-4777-8231-EA91A54C6E87} - System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1 => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: {CD49ED5E-0D1A-4BD2-A8E3-616DE38BD262} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-09] (globalUpdate) <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user.job => C:\Program Files (x86)\Torntv V9.0\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
"HKU\S-1-5-21-2199681317-980097130-1220238891-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db1f61f6-063d-11e4-b02e-dc0ea108a991}" => Key deleted successfully.
HKCR\CLSID\{db1f61f6-063d-11e4-b02e-dc0ea108a991} => Key not found.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}" => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110511131190} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => Moved successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
"C:\Users\Austin\AppData\Local\Temp" directory move:
C:\Users\Austin\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Austin\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Austin\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~6FE2.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~8304.bat => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~8304.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~97CF.bat => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~97CF.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~D25D.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~DD93.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~E7C1.bat => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\~E7C1.tmp => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\c2A7Fb4a\temp\bg.ca => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\c2A7Fb4a\temp\Tomb Raider[2013 3DM Crack Only ].exe => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\c2A7Fb4a\images\loader.gif => Moved successfully.
C:\Users\Austin\AppData\Local\Temp\c2A7Fb4a\images\progressbar.gif => Moved successfully.
Could not move "C:\Users\Austin\AppData\Local\Temp" directory. => Scheduled to move on reboot.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{567D70DD-C8F5-467C-AC40-E479ACBCC25F} => Key not found.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D4C593E-CC3E-4DB5-A96C-9537DA07E32C} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A26FC883-88C5-4A57-9533-2DBA2D272882} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9AF9D23-04DD-43FA-ADA2-A91A5E811CA3} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB125494-74CD-4ADD-92C1-19598F293C3F} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF548EB3-CDE0-4523-9D23-53AAE584092E} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB14A7F3-28FB-4777-8231-EA91A54C6E87} => Key not found.
C:\Windows\System32\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD49ED5E-0D1A-4BD2-A8E3-616DE38BD262} => Key not found.
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA => Key not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-1.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-11.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-2.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-4.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5.job not found.
C:\Windows\Tasks\3f2f2832-9260-4e98-acaf-0ea966cc2ce9-5_user.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job not found.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-11 22:03:59)<=
C:\Users\Austin\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Austin\AppData\Local\Temp => Moved successfully.
==== End of Fixlog 22:04:00 ====
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nenačítá se systém.
Smazáno. Je vše v pořádku?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nenačítá se systém.
Ano PC startuje rychleji o cca 40% 
Každopádně jsem se chtěl poptat nedávno jsem také chytil vir a ten mi přepsal klávesnici takže místo toho co jsem chtěl to psalo nesmyslné znaky písmena nebo čísla je i to pryč? Vím že mi tenkrát pomohl avast v nouzovém režimu ale nevěřil jsem že je to zkutečně pryč. Jinak PC se chová zcela normálně. Děkuji moc a přeji pěkný zbytek večera
Každopádně jsem se chtěl poptat nedávno jsem také chytil vir a ten mi přepsal klávesnici takže místo toho co jsem chtěl to psalo nesmyslné znaky písmena nebo čísla je i to pryč? Vím že mi tenkrát pomohl avast v nouzovém režimu ale nevěřil jsem že je to zkutečně pryč. Jinak PC se chová zcela normálně. Děkuji moc a přeji pěkný zbytek večera -
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nenačítá se systém.
Pryč je všechno, co jsem v logu viděl. Chcete-li, udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nenačítá se systém.
Ták tady je ten log z MBAM a chtěl bych se zeptat na nějaký schopný antivir ve kterým se dají vypínat štíty avast mi nepřijde nejspolehlivější
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 11.1.2015
Scan Time: 23:06:07
Logfile: Log MBAM.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.11.11
Rootkit Database: v2015.01.07.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Austin
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 323951
Time Elapsed: 1 min, 43 sec
Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 5
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [cc5b827472170a2c13d4d1130200e917],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [cc5b827472170a2c13d4d1130200e917],
PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\Torntv V9.0, , [eb3ca155652490a64f5b248c33d0fa06],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, , [e5426591b0d992a427508524da29b749],
PUP.Optional.TornTV.A, HKU\S-1-5-21-2199681317-980097130-1220238891-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, , [e24544b29aef8babf2859d0c38cb56aa],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 11.1.2015
Scan Time: 23:06:07
Logfile: Log MBAM.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.11.11
Rootkit Database: v2015.01.07.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Austin
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 323951
Time Elapsed: 1 min, 43 sec
Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 5
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [cc5b827472170a2c13d4d1130200e917],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [cc5b827472170a2c13d4d1130200e917],
PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\Torntv V9.0, , [eb3ca155652490a64f5b248c33d0fa06],
PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, , [e5426591b0d992a427508524da29b749],
PUP.Optional.TornTV.A, HKU\S-1-5-21-2199681317-980097130-1220238891-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, , [e24544b29aef8babf2859d0c38cb56aa],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nenačítá se systém.
Vše, co MBAM nalezl, smažte. Co se AV táká, Avast mohu doporučit, na to, že je zdarma, toho umí celkem dost. Můžete ještě vyzkoušet Aviru: http://www.avira.com/en/avira-free-antivirus . Není ale v češtině.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nenačítá se systém.
No avira mi přijde luxusní co se obrany týče ale nenalezl jsem v ní vypínání štítů právě že avira toho považuje za virus až moc
Přispějete na provoz fóra?