Adobe_Arkalis.exe a možná i další havěť
Napsal: 04 úno 2015 17:58
Ahoj,
dneska jsem si všiml, že jakýsi Adobe_Arkalis.exe využívá 50% procesoru a zpomaluje tak některé programy. Nevylučuji, že to není jediná havěť, co tu mohu mít. Prosím o pomoc.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015
Ran by Dejw (administrator) on DEJVEER on 04-02-2015 17:37:23
Running from C:\Users\Dejw\Desktop
Loaded Profiles: Dejw (Available profiles: Dejw)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
() C:\Program Files (x86)\Adobe Arkalis\Adobe_Arkalis.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(forum.viry.cz) C:\Users\Dejw\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573720 2014-05-06] (Realtek Semiconductor)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKU\S-1-5-21-119577027-268522321-3512365456-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-119577027-268522321-3512365456-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-119577027-268522321-3512365456-1001\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)
HKU\S-1-5-21-119577027-268522321-3512365456-1001\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3327872 2015-01-10] (Echobit LLC)
HKU\S-1-5-21-119577027-268522321-3512365456-1001\...\MountPoints2: {ff97f372-2cef-11e4-8262-e03f49a20440} - "E:\setup.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{457C2C51-7DB8-4FE9-A7D1-369EA58F0919}: [NameServer] 192.168.3.1
FireFox:
========
FF ProfilePath: C:\Users\Dejw\AppData\Roaming\Mozilla\Firefox\Profiles\g0kaqgcl.default
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-119577027-268522321-3512365456-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dejw\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\Dejw\AppData\Roaming\Mozilla\Firefox\Profiles\g0kaqgcl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-16]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.3.12\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.3.12\coFFPlgn [2015-02-04]
Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.cz/"
CHR Profile: C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-18]
CHR Extension: (Disk Google) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-18]
CHR Extension: (YouTube) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-18]
CHR Extension: (Adblock Plus) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-19]
CHR Extension: (Vyhledávání Google) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-18]
CHR Extension: (Norton Identity Safe) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-19]
CHR Extension: (Peněženka Google) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-18]
CHR Extension: (Gmail) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-18]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx [2014-08-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1580416 2015-01-10] (Echobit LLC)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [262968 2014-09-21] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [130104 2014-07-31] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-04] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-12-16] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-01-22] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [1622744 2015-01-06] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-08-26] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
R3 EvolveVirtualAdapter; C:\Windows\system32\DRIVERS\evolve.sys [21656 2014-10-25] (Echobit, LLC)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\IPSDefs\20150130.001\IDSvia64.sys [668888 2015-01-14] (Symantec Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [44992 2012-02-09] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-13] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20150203.034\ENG64.SYS [129752 2015-01-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20150203.034\EX64.SYS [2137304 2015-01-20] (Symantec Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [40256 2014-09-14] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-08-26] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1506000.020\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-08-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-04 17:37 - 2015-02-04 17:37 - 00014306 _____ () C:\Users\Dejw\Desktop\FRST.txt
2015-02-04 17:30 - 2015-02-04 17:30 - 00044544 ___SH () C:\Users\Dejw\Desktop\Thumbs.db
2015-02-04 16:40 - 2015-02-04 16:40 - 00112640 _____ (forum.viry.cz) C:\Users\Dejw\Desktop\FRSTLauncher.exe
2015-02-04 16:19 - 2015-02-04 17:37 - 00000000 ____D () C:\FRST
2015-02-04 16:11 - 2015-02-04 17:27 - 02131968 _____ (Farbar) C:\Users\Dejw\Desktop\FRST64.exe
2015-02-04 13:25 - 2015-02-04 13:27 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-04 13:25 - 2015-02-04 13:25 - 00000991 _____ () C:\Users\Public\Desktop\Origin.lnk
2015-02-02 14:31 - 2015-02-02 19:09 - 00876032 ___SH () C:\Users\Dejw\Downloads\Thumbs.db
2015-02-02 13:34 - 2015-02-02 13:34 - 00000000 ____D () C:\Users\Dejw\Shared
2015-01-30 13:06 - 2015-02-04 16:33 - 00000000 ____D () C:\Program Files (x86)\World_of_Warcraft
2015-01-26 21:02 - 2015-01-26 21:02 - 00000222 _____ () C:\Users\Dejw\Desktop\Saints Row IV.url
2015-01-26 19:41 - 2015-01-26 19:41 - 00000222 _____ () C:\Users\Dejw\Desktop\PAYDAY 2.url
2015-01-24 17:42 - 2015-02-04 10:07 - 00000000 ____D () C:\Program Files\Recuva
2015-01-24 17:42 - 2015-01-24 17:42 - 00001670 _____ () C:\Users\Public\Desktop\Recuva.lnk
2015-01-24 17:42 - 2015-01-24 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2015-01-23 14:57 - 2015-01-24 16:04 - 00000000 ____D () C:\Program Files (x86)\Fraps
2015-01-23 14:57 - 2015-01-23 14:57 - 00000975 _____ () C:\Users\Public\Desktop\Fraps.lnk
2015-01-23 14:57 - 2015-01-23 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-01-23 14:34 - 2015-01-23 14:34 - 00000000 ____D () C:\Users\Public\Documents\Baidu
2015-01-23 14:34 - 2015-01-23 14:34 - 00000000 ____D () C:\ProgramData\Baidu
2015-01-23 14:34 - 2015-01-23 14:34 - 00000000 ____D () C:\FFOutput
2015-01-23 14:33 - 2015-01-23 14:33 - 00001214 _____ () C:\Users\Dejw\Desktop\Format Factory.lnk
2015-01-23 14:33 - 2015-01-23 14:33 - 00000000 ____D () C:\Users\Dejw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-01-23 14:33 - 2015-01-23 14:33 - 00000000 ____D () C:\Program Files (x86)\FreeTime
2015-01-22 20:47 - 2015-01-22 20:47 - 00000000 ____D () C:\Users\Dejw\Documents\Assassin's Creed III
2015-01-22 20:05 - 2015-01-22 20:05 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-01-22 20:05 - 2015-01-22 20:05 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-15 20:53 - 2015-01-15 20:53 - 00000000 ____D () C:\Users\Dejw\Documents\My Cheat Tables
2015-01-15 18:41 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-15 18:41 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-15 18:41 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-15 18:41 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-15 18:41 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-15 18:41 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-15 18:41 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-15 18:41 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-15 18:41 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-15 18:41 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-15 18:41 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-15 18:41 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-15 18:41 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-15 18:41 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-15 18:41 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-15 18:27 - 2015-01-15 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-01-13 16:49 - 2015-01-13 16:49 - 00000219 _____ () C:\Users\Dejw\Desktop\Team Fortress 2.url
2015-01-11 19:18 - 2015-01-11 19:18 - 00000000 __SHD () C:\Users\Dejw\AppData\Local\EmieBrowserModeList
2015-01-11 14:06 - 2015-01-11 14:06 - 00003050 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_IType_exe
2015-01-11 14:06 - 2015-01-11 14:06 - 00000000 ____D () C:\Windows\PCHEALTH
2015-01-11 14:06 - 2015-01-11 14:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard
2015-01-11 14:06 - 2015-01-11 14:06 - 00000000 ____D () C:\Program Files\Microsoft IntelliType Pro
2015-01-07 14:43 - 2015-01-07 14:43 - 00000000 ____D () C:\Users\Dejw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-04 17:35 - 2014-08-18 15:31 - 00000000 ____D () C:\Users\Dejw\Documents\Zalohy_registru
2015-02-04 17:30 - 2014-12-21 19:05 - 00000000 ____D () C:\Users\Dejw\Desktop\DFlashisk
2015-02-04 17:26 - 2014-08-18 15:10 - 00000000 ____D () C:\Users\Dejw\AppData\Roaming\Skype
2015-02-04 16:57 - 2014-08-18 15:03 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-02-04 16:52 - 2014-10-27 11:25 - 00000000 ____D () C:\Users\Dejw\Desktop\Terraria
2015-02-04 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-04 15:42 - 2014-08-18 14:34 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-04 15:42 - 2014-08-18 14:24 - 00000000 ____D () C:\Users\Dejw
2015-02-04 15:41 - 2014-10-10 06:28 - 00023630 _____ () C:\Windows\PFRO.log
2015-02-04 15:41 - 2014-09-23 19:26 - 00015575 _____ () C:\Windows\setupact.log
2015-02-04 15:41 - 2014-06-19 08:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-04 15:41 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-04 14:23 - 2014-09-23 19:07 - 01176376 _____ () C:\Windows\WindowsUpdate.log
2015-02-04 13:31 - 2014-08-18 14:36 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-119577027-268522321-3512365456-1001
2015-02-04 13:30 - 2014-08-18 15:02 - 00000000 ____D () C:\ProgramData\Origin
2015-02-04 13:25 - 2014-08-18 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-02-03 17:59 - 2014-08-18 15:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-03 17:55 - 2014-08-25 19:08 - 00000000 ____D () C:\Users\Dejw\AppData\Local\JDownloader v2.0
2015-02-03 17:55 - 2014-06-19 08:41 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-02 13:26 - 2014-03-18 16:33 - 01745984 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-02 13:26 - 2014-03-18 15:54 - 00738682 _____ () C:\Windows\system32\perfh005.dat
2015-02-02 13:26 - 2014-03-18 15:54 - 00151404 _____ () C:\Windows\system32\perfc005.dat
2015-01-31 15:46 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-31 14:41 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-30 18:41 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-30 18:38 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-26 21:01 - 2014-08-18 18:25 - 00000000 ____D () C:\Users\Dejw\AppData\Local\CrashDumps
2015-01-26 20:30 - 2014-08-18 14:34 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-24 21:20 - 2013-08-22 16:38 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 20:05 - 2014-06-19 08:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-22 20:04 - 2014-09-24 09:27 - 00608222 _____ () C:\Windows\DirectX.log
2015-01-22 19:54 - 2014-08-23 21:38 - 00000000 ____D () C:\Users\Dejw\Documents\My Games
2015-01-22 19:53 - 2014-09-13 08:21 - 00000000 ____D () C:\Users\Dejw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-19 16:18 - 2014-12-01 18:07 - 00000000 ____D () C:\Users\Dejw\Documents\Prezentace
2015-01-17 09:41 - 2014-08-18 21:04 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-01-16 20:09 - 2014-08-23 21:10 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 20:05 - 2014-08-23 21:10 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-16 14:04 - 2014-09-16 19:06 - 00000000 ____D () C:\Users\Dejw\Documents\EA Games
2015-01-15 20:45 - 2014-09-24 12:48 - 00000000 ____D () C:\ProgramData\Orbit
2015-01-15 19:26 - 2014-08-18 18:25 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-01-15 18:07 - 2014-06-19 08:57 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-01-15 17:28 - 2015-01-02 23:58 - 00000000 ____D () C:\Hry
2015-01-13 20:52 - 2014-12-20 10:54 - 00000000 ____D () C:\Program Files\Assassin's Creed Unity
2015-01-11 20:10 - 2014-08-18 14:33 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{546E8530-1509-45CC-9EA4-16424BAB0AA5}
2015-01-11 14:10 - 2013-08-22 15:44 - 00402104 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-11 14:06 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-11 13:33 - 2014-12-05 20:47 - 00000000 ____D () C:\Users\Dejw\Documents\Minecraft
2015-01-11 12:51 - 2014-12-05 20:20 - 00000000 ____D () C:\Users\Dejw\AppData\Roaming\.minecraft
2015-01-11 12:06 - 2015-01-02 19:08 - 00000000 ____D () C:\Program Files (x86)\Adobe Arkalis
==================== Files in the root of some directories =======
2014-11-12 21:53 - 2014-11-12 21:53 - 6000640 _____ () C:\Program Files (x86)\GUT4E28.tmp
2014-11-22 10:21 - 2014-05-26 19:16 - 0626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\Dejw\AppData\Roaming\libcurl.dll
2014-11-22 10:21 - 2014-05-26 19:16 - 1704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\Dejw\AppData\Roaming\libeay32.dll
2014-11-22 10:21 - 2014-05-26 19:16 - 0112142 ___SH () C:\Users\Dejw\AppData\Roaming\libgcc_s_dw2-1.dll
2014-11-22 10:21 - 2014-05-26 19:16 - 0279955 ___SH () C:\Users\Dejw\AppData\Roaming\libidn-11.dll
2014-11-22 10:21 - 2014-05-26 19:16 - 0148760 ___SH () C:\Users\Dejw\AppData\Roaming\libpdcurses.dll
2014-11-22 10:21 - 2014-06-29 12:35 - 0294912 ___SH () C:\Users\Dejw\AppData\Roaming\nssm.exe
2014-11-22 10:21 - 2014-05-26 19:16 - 0119704 ___SH (Open Source Software community LGPL) C:\Users\Dejw\AppData\Roaming\pthreadGC2.dll
2014-11-22 10:21 - 2014-11-11 13:58 - 0012288 ___SH (Microsoft) C:\Users\Dejw\AppData\Roaming\Redist.exe
2014-11-22 10:21 - 2014-05-26 19:16 - 0364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\Dejw\AppData\Roaming\ssleay32.dll
2014-06-19 08:58 - 2014-06-19 08:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Dejw\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\Dejw\AppData\Local\Temp\dqdjnsrp.dll
C:\Users\Dejw\AppData\Local\Temp\gjha2bzr.dll
C:\Users\Dejw\AppData\Local\Temp\installerdll1193125.dll
C:\Users\Dejw\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dejw\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Dejw\AppData\Local\Temp\nvStInst.exe
C:\Users\Dejw\AppData\Local\Temp\ochelper.dll
C:\Users\Dejw\AppData\Local\Temp\ochelper.exe
C:\Users\Dejw\AppData\Local\Temp\proxy_vole1267932791003198357.dll
C:\Users\Dejw\AppData\Local\Temp\sonarinst.exe
C:\Users\Dejw\AppData\Local\Temp\ubi5D04.tmp.exe
C:\Users\Dejw\AppData\Local\Temp\ubi5E7A.tmp.exe
C:\Users\Dejw\AppData\Local\Temp\ubi689E.tmp.exe
C:\Users\Dejw\AppData\Local\Temp\ubiA08A.tmp.exe
C:\Users\Dejw\AppData\Local\Temp\ubiD322.tmp.exe
C:\Users\Dejw\AppData\Local\Temp\ubiE34D.tmp.exe
C:\Users\Dejw\AppData\Local\Temp\ubiFD6B.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-11 18:09
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:930.48 GB) (Free:647.3 GB) NTFS
Available physical RAM: 2445 MB
Total physical RAM: 4032.66 MB
Percentage of memory in use: 39%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EEB20E19)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for Dejw.job => C:\PROGRA~2\NORTON~4\Engine\410~1.28\Nss.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton AntiVirus (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Dejw\Desktop" je 5802 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
dneska jsem si všiml, že jakýsi Adobe_Arkalis.exe využívá 50% procesoru a zpomaluje tak některé programy. Nevylučuji, že to není jediná havěť, co tu mohu mít. Prosím o pomoc.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015
Ran by Dejw (administrator) on DEJVEER on 04-02-2015 17:37:23
Running from C:\Users\Dejw\Desktop
Loaded Profiles: Dejw (Available profiles: Dejw)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
() C:\Program Files (x86)\Adobe Arkalis\Adobe_Arkalis.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(forum.viry.cz) C:\Users\Dejw\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573720 2014-05-06] (Realtek Semiconductor)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [1419 2014-08-10] ()
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [1501 2014-08-10] ()
HKU\S-1-5-21-119577027-268522321-3512365456-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-119577027-268522321-3512365456-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-119577027-268522321-3512365456-1001\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)
HKU\S-1-5-21-119577027-268522321-3512365456-1001\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3327872 2015-01-10] (Echobit LLC)
HKU\S-1-5-21-119577027-268522321-3512365456-1001\...\MountPoints2: {ff97f372-2cef-11e4-8262-e03f49a20440} - "E:\setup.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{457C2C51-7DB8-4FE9-A7D1-369EA58F0919}: [NameServer] 192.168.3.1
FireFox:
========
FF ProfilePath: C:\Users\Dejw\AppData\Roaming\Mozilla\Firefox\Profiles\g0kaqgcl.default
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-119577027-268522321-3512365456-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dejw\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\Dejw\AppData\Roaming\Mozilla\Firefox\Profiles\g0kaqgcl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-16]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.3.12\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.3.12\coFFPlgn [2015-02-04]
Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.cz/"
CHR Profile: C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-18]
CHR Extension: (Disk Google) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-18]
CHR Extension: (YouTube) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-18]
CHR Extension: (Adblock Plus) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-19]
CHR Extension: (Vyhledávání Google) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-18]
CHR Extension: (Norton Identity Safe) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-19]
CHR Extension: (Peněženka Google) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-18]
CHR Extension: (Gmail) - C:\Users\Dejw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-18]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx [2014-08-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1580416 2015-01-10] (Echobit LLC)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [262968 2014-09-21] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [130104 2014-07-31] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-04] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-12-16] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-01-22] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [1622744 2015-01-06] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-08-26] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
R3 EvolveVirtualAdapter; C:\Windows\system32\DRIVERS\evolve.sys [21656 2014-10-25] (Echobit, LLC)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\IPSDefs\20150130.001\IDSvia64.sys [668888 2015-01-14] (Symantec Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [44992 2012-02-09] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-13] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20150203.034\ENG64.SYS [129752 2015-01-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20150203.034\EX64.SYS [2137304 2015-01-20] (Symantec Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [40256 2014-09-14] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-08-26] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1506000.020\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-08-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-04 17:37 - 2015-02-04 17:37 - 00014306 _____ () C:\Users\Dejw\Desktop\FRST.txt
2015-02-04 17:30 - 2015-02-04 17:30 - 00044544 ___SH () C:\Users\Dejw\Desktop\Thumbs.db
2015-02-04 16:40 - 2015-02-04 16:40 - 00112640 _____ (forum.viry.cz) C:\Users\Dejw\Desktop\FRSTLauncher.exe
2015-02-04 16:19 - 2015-02-04 17:37 - 00000000 ____D () C:\FRST
2015-02-04 16:11 - 2015-02-04 17:27 - 02131968 _____ (Farbar) C:\Users\Dejw\Desktop\FRST64.exe
2015-02-04 13:25 - 2015-02-04 13:27 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-04 13:25 - 2015-02-04 13:25 - 00000991 _____ () C:\Users\Public\Desktop\Origin.lnk
2015-02-02 14:31 - 2015-02-02 19:09 - 00876032 ___SH () C:\Users\Dejw\Downloads\Thumbs.db
2015-02-02 13:34 - 2015-02-02 13:34 - 00000000 ____D () C:\Users\Dejw\Shared
2015-01-30 13:06 - 2015-02-04 16:33 - 00000000 ____D () C:\Program Files (x86)\World_of_Warcraft
2015-01-26 21:02 - 2015-01-26 21:02 - 00000222 _____ () C:\Users\Dejw\Desktop\Saints Row IV.url
2015-01-26 19:41 - 2015-01-26 19:41 - 00000222 _____ () C:\Users\Dejw\Desktop\PAYDAY 2.url
2015-01-24 17:42 - 2015-02-04 10:07 - 00000000 ____D () C:\Program Files\Recuva
2015-01-24 17:42 - 2015-01-24 17:42 - 00001670 _____ () C:\Users\Public\Desktop\Recuva.lnk
2015-01-24 17:42 - 2015-01-24 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2015-01-23 14:57 - 2015-01-24 16:04 - 00000000 ____D () C:\Program Files (x86)\Fraps
2015-01-23 14:57 - 2015-01-23 14:57 - 00000975 _____ () C:\Users\Public\Desktop\Fraps.lnk
2015-01-23 14:57 - 2015-01-23 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-01-23 14:34 - 2015-01-23 14:34 - 00000000 ____D () C:\Users\Public\Documents\Baidu
2015-01-23 14:34 - 2015-01-23 14:34 - 00000000 ____D () C:\ProgramData\Baidu
2015-01-23 14:34 - 2015-01-23 14:34 - 00000000 ____D () C:\FFOutput
2015-01-23 14:33 - 2015-01-23 14:33 - 00001214 _____ () C:\Users\Dejw\Desktop\Format Factory.lnk
2015-01-23 14:33 - 2015-01-23 14:33 - 00000000 ____D () C:\Users\Dejw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-01-23 14:33 - 2015-01-23 14:33 - 00000000 ____D () C:\Program Files (x86)\FreeTime
2015-01-22 20:47 - 2015-01-22 20:47 - 00000000 ____D () C:\Users\Dejw\Documents\Assassin's Creed III
2015-01-22 20:05 - 2015-01-22 20:05 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-01-22 20:05 - 2015-01-22 20:05 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-15 20:53 - 2015-01-15 20:53 - 00000000 ____D () C:\Users\Dejw\Documents\My Cheat Tables
2015-01-15 18:41 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-15 18:41 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-15 18:41 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-15 18:41 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-15 18:41 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-15 18:41 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-15 18:41 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-15 18:41 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-15 18:41 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-15 18:41 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-15 18:41 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-15 18:41 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-15 18:41 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-15 18:41 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-15 18:41 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-15 18:27 - 2015-01-15 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-01-13 16:49 - 2015-01-13 16:49 - 00000219 _____ () C:\Users\Dejw\Desktop\Team Fortress 2.url
2015-01-11 19:18 - 2015-01-11 19:18 - 00000000 __SHD () C:\Users\Dejw\AppData\Local\EmieBrowserModeList
2015-01-11 14:06 - 2015-01-11 14:06 - 00003050 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_IType_exe
2015-01-11 14:06 - 2015-01-11 14:06 - 00000000 ____D () C:\Windows\PCHEALTH
2015-01-11 14:06 - 2015-01-11 14:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard
2015-01-11 14:06 - 2015-01-11 14:06 - 00000000 ____D () C:\Program Files\Microsoft IntelliType Pro
2015-01-07 14:43 - 2015-01-07 14:43 - 00000000 ____D () C:\Users\Dejw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-04 17:35 - 2014-08-18 15:31 - 00000000 ____D () C:\Users\Dejw\Documents\Zalohy_registru
2015-02-04 17:30 - 2014-12-21 19:05 - 00000000 ____D () C:\Users\Dejw\Desktop\DFlashisk
2015-02-04 17:26 - 2014-08-18 15:10 - 00000000 ____D () C:\Users\Dejw\AppData\Roaming\Skype
2015-02-04 16:57 - 2014-08-18 15:03 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-02-04 16:52 - 2014-10-27 11:25 - 00000000 ____D () C:\Users\Dejw\Desktop\Terraria
2015-02-04 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-04 15:42 - 2014-08-18 14:34 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-04 15:42 - 2014-08-18 14:24 - 00000000 ____D () C:\Users\Dejw
2015-02-04 15:41 - 2014-10-10 06:28 - 00023630 _____ () C:\Windows\PFRO.log
2015-02-04 15:41 - 2014-09-23 19:26 - 00015575 _____ () C:\Windows\setupact.log
2015-02-04 15:41 - 2014-06-19 08:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-04 15:41 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-04 14:23 - 2014-09-23 19:07 - 01176376 _____ () C:\Windows\WindowsUpdate.log
2015-02-04 13:31 - 2014-08-18 14:36 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-119577027-268522321-3512365456-1001
2015-02-04 13:30 - 2014-08-18 15:02 - 00000000 ____D () C:\ProgramData\Origin
2015-02-04 13:25 - 2014-08-18 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-02-03 17:59 - 2014-08-18 15:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-03 17:55 - 2014-08-25 19:08 - 00000000 ____D () C:\Users\Dejw\AppData\Local\JDownloader v2.0
2015-02-03 17:55 - 2014-06-19 08:41 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-02 13:26 - 2014-03-18 16:33 - 01745984 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-02 13:26 - 2014-03-18 15:54 - 00738682 _____ () C:\Windows\system32\perfh005.dat
2015-02-02 13:26 - 2014-03-18 15:54 - 00151404 _____ () C:\Windows\system32\perfc005.dat
2015-01-31 15:46 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-31 14:41 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-30 18:41 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-30 18:38 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-26 21:01 - 2014-08-18 18:25 - 00000000 ____D () C:\Users\Dejw\AppData\Local\CrashDumps
2015-01-26 20:30 - 2014-08-18 14:34 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-24 21:20 - 2013-08-22 16:38 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 20:05 - 2014-06-19 08:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-22 20:04 - 2014-09-24 09:27 - 00608222 _____ () C:\Windows\DirectX.log
2015-01-22 19:54 - 2014-08-23 21:38 - 00000000 ____D () C:\Users\Dejw\Documents\My Games
2015-01-22 19:53 - 2014-09-13 08:21 - 00000000 ____D () C:\Users\Dejw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-19 16:18 - 2014-12-01 18:07 - 00000000 ____D () C:\Users\Dejw\Documents\Prezentace
2015-01-17 09:41 - 2014-08-18 21:04 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-01-16 20:09 - 2014-08-23 21:10 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 20:05 - 2014-08-23 21:10 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-16 14:04 - 2014-09-16 19:06 - 00000000 ____D () C:\Users\Dejw\Documents\EA Games
2015-01-15 20:45 - 2014-09-24 12:48 - 00000000 ____D () C:\ProgramData\Orbit
2015-01-15 19:26 - 2014-08-18 18:25 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-01-15 18:07 - 2014-06-19 08:57 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-01-15 17:28 - 2015-01-02 23:58 - 00000000 ____D () C:\Hry
2015-01-13 20:52 - 2014-12-20 10:54 - 00000000 ____D () C:\Program Files\Assassin's Creed Unity
2015-01-11 20:10 - 2014-08-18 14:33 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{546E8530-1509-45CC-9EA4-16424BAB0AA5}
2015-01-11 14:10 - 2013-08-22 15:44 - 00402104 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-11 14:06 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-11 13:33 - 2014-12-05 20:47 - 00000000 ____D () C:\Users\Dejw\Documents\Minecraft
2015-01-11 12:51 - 2014-12-05 20:20 - 00000000 ____D () C:\Users\Dejw\AppData\Roaming\.minecraft
2015-01-11 12:06 - 2015-01-02 19:08 - 00000000 ____D () C:\Program Files (x86)\Adobe Arkalis
==================== Files in the root of some directories =======
2014-11-12 21:53 - 2014-11-12 21:53 - 6000640 _____ () C:\Program Files (x86)\GUT4E28.tmp
2014-11-22 10:21 - 2014-05-26 19:16 - 0626176 ___SH (The cURL library, http://curl.haxx.se/) C:\Users\Dejw\AppData\Roaming\libcurl.dll
2014-11-22 10:21 - 2014-05-26 19:16 - 1704448 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\Dejw\AppData\Roaming\libeay32.dll
2014-11-22 10:21 - 2014-05-26 19:16 - 0112142 ___SH () C:\Users\Dejw\AppData\Roaming\libgcc_s_dw2-1.dll
2014-11-22 10:21 - 2014-05-26 19:16 - 0279955 ___SH () C:\Users\Dejw\AppData\Roaming\libidn-11.dll
2014-11-22 10:21 - 2014-05-26 19:16 - 0148760 ___SH () C:\Users\Dejw\AppData\Roaming\libpdcurses.dll
2014-11-22 10:21 - 2014-06-29 12:35 - 0294912 ___SH () C:\Users\Dejw\AppData\Roaming\nssm.exe
2014-11-22 10:21 - 2014-05-26 19:16 - 0119704 ___SH (Open Source Software community LGPL) C:\Users\Dejw\AppData\Roaming\pthreadGC2.dll
2014-11-22 10:21 - 2014-11-11 13:58 - 0012288 ___SH (Microsoft) C:\Users\Dejw\AppData\Roaming\Redist.exe
2014-11-22 10:21 - 2014-05-26 19:16 - 0364544 ___SH (The OpenSSL Project, http://www.openssl.org/) C:\Users\Dejw\AppData\Roaming\ssleay32.dll
2014-06-19 08:58 - 2014-06-19 08:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Dejw\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\Dejw\AppData\Local\Temp\dqdjnsrp.dll
C:\Users\Dejw\AppData\Local\Temp\gjha2bzr.dll
C:\Users\Dejw\AppData\Local\Temp\installerdll1193125.dll
C:\Users\Dejw\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Dejw\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Dejw\AppData\Local\Temp\nvStInst.exe
C:\Users\Dejw\AppData\Local\Temp\ochelper.dll
C:\Users\Dejw\AppData\Local\Temp\ochelper.exe
C:\Users\Dejw\AppData\Local\Temp\proxy_vole1267932791003198357.dll
C:\Users\Dejw\AppData\Local\Temp\sonarinst.exe
C:\Users\Dejw\AppData\Local\Temp\ubi5D04.tmp.exe
C:\Users\Dejw\AppData\Local\Temp\ubi5E7A.tmp.exe
C:\Users\Dejw\AppData\Local\Temp\ubi689E.tmp.exe
C:\Users\Dejw\AppData\Local\Temp\ubiA08A.tmp.exe
C:\Users\Dejw\AppData\Local\Temp\ubiD322.tmp.exe
C:\Users\Dejw\AppData\Local\Temp\ubiE34D.tmp.exe
C:\Users\Dejw\AppData\Local\Temp\ubiFD6B.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-11 18:09
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:930.48 GB) (Free:647.3 GB) NTFS
Available physical RAM: 2445 MB
Total physical RAM: 4032.66 MB
Percentage of memory in use: 39%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EEB20E19)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for Dejw.job => C:\PROGRA~2\NORTON~4\Engine\410~1.28\Nss.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton AntiVirus (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Dejw\Desktop" je 5802 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
.