Dobrý den, rád bych vás poprosil o preventivní konrolu. Děkuji.
PS: Jelikož byl FRST.txt příliš dlouhý, je nahrán v logs.zip.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Preventivka
- Přílohy
-
- logs.zip
- (28.55 KiB) Staženo 41 x
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka
# AdwCleaner v6.020 - Log soubor vytvořen 24/09/2016 na 18:36:36
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-23.1 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : asd - ASD
# Beží od : C:\Users\asd\AppData\Local\Temp\scoped_dir5612_16701\adwcleaner_6.020.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Adresáře ] *****
[-] Adresář smazán:C:\Users\asd\AppData\Roaming\Solvusoft
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\Software\AppDataLow\Software\adawarebp
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\adawarebp
[#] Klíč smazán po restartování:[x64] HKCU\Software\AppDataLow\Software\adawarebp
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1140 Bajtů] - [24/09/2016 18:36:36]
C:\AdwCleaner\AdwCleaner[S0].txt - [1589 Bajtů] - [24/09/2016 18:35:23]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1288 Bajtů] ##########
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-23.1 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : asd - ASD
# Beží od : C:\Users\asd\AppData\Local\Temp\scoped_dir5612_16701\adwcleaner_6.020.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Adresáře ] *****
[-] Adresář smazán:C:\Users\asd\AppData\Roaming\Solvusoft
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\Software\AppDataLow\Software\adawarebp
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\adawarebp
[#] Klíč smazán po restartování:[x64] HKCU\Software\AppDataLow\Software\adawarebp
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1140 Bajtů] - [24/09/2016 18:36:36]
C:\AdwCleaner\AdwCleaner[S0].txt - [1589 Bajtů] - [24/09/2016 18:35:23]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1288 Bajtů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-09-2016 02
Ran by asd (administrator) on ASD (24-09-2016 21:06:41)
Running from C:\Users\asd\Desktop
Loaded Profiles: asd (Available Profiles: asd)
Platform: Windows 10 Pro Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\syswow64\IntelCpHeciSvc.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Users\asd\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(forum.viry.cz) C:\Users\asd\Desktop\FRSTLauncher.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [717688 2015-11-18] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [4391072 2012-06-11] (Dell Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1842744 2016-09-02] (NVIDIA Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7520768 2016-08-22] (Dell Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {19f90574-d2d4-11e5-b697-5cf9dd52fe90} - "G:\setup.exe"
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {33771c86-41a2-11e6-b6ca-5cf9dd52fe90} - "G:\AutoRun.exe"
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {431c573d-826e-11e6-b721-5cf9dd52fe90} - "F:\LG_PC_Programs.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [181488 2016-09-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [159536 2016-09-17] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{3782643d-da34-471b-a286-a65c9af0574b}: [DhcpNameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{e9fbfa58-c1aa-45bc-945e-afb0a9bfedea}: [DhcpNameServer] 93.153.117.1 93.153.117.33
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
SearchScopes: HKU\S-1-5-21-3306008469-2429422098-3430848668-1001 -> {35715D52-FDD1-40CC-9613-BF2ECC60BA9B} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\ssv.dll [2016-07-23] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-07-23] (Oracle Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-18] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-07-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-07-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/?gfe_rd=cr&ei=tzayV-SPGqnb8Aeg67TQCg
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default [2016-09-24]
CHR Extension: (Prezentace Google) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-14]
CHR Extension: (Dokumenty Google) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-14]
CHR Extension: (Disk Google) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-14]
CHR Extension: (YouTube) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-14]
CHR Extension: (Vyhledávání Google) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-14]
CHR Extension: (Tabulky Google) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-14]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2016-02-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (AdBlock) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-14]
CHR Extension: (Chrome Media Router) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-05]
Opera:
=======
OPR StartupUrls: "hxxp://www.google.cz/"
OPR Extension: (Adblock Plus) - C:\Users\asd\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-09-06]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2288384 2015-12-27] (Broadcom Corporation.)
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2011-10-11] (Conexant Systems, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319080 2015-12-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458808 2016-09-02] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458808 2016-09-02] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-09-02] (NVIDIA Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1072296 2016-08-16] (Enigma Software Group USA, LLC.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [77824 2015-10-25] (Synaptics Incorporated)
S3 valWbioSyncSvc; C:\Windows\system32\valWbioSyncSvc.exe [47616 2015-10-25] (Synaptics Incorporated)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-09-07] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6292992 2016-08-22] (Dell Inc.) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndNetDiag; C:\Windows\System32\drivers\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [186152 2016-07-10] (Broadcom Corporation.)
R3 BCMWL63A; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11767552 2016-03-18] (Broadcom Corp)
S3 CySmb; C:\Windows\System32\drivers\cysmb.sys [10752 2015-12-27] (Cypress Semiconductor, Inc.)
S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-09-11] (Dell Computer Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-12-27] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-02-13] (Disc Soft Ltd)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-08-16] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-08-16] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-02-14] (REALiX(tm))
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2016-08-23] (Highresolution Enterprises [www.highrez.co.uk])
R3 kiox_ff_driver; C:\Windows\system32\DRIVERS\kiox_ff_driver.sys [41456 2015-12-27] (Kionix, Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-09-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2016-08-16] (NVIDIA Corporation)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2016-03-18] (Realsil Semiconductor Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R1 SMIDriver; C:\Windows\system32\DRIVERS\smi.sys [28400 2015-10-25] (Windows (R) Win 7 DDK provider)
S3 TDKLIB; C:\Users\asd\AppData\Local\Temp\TdkLib64.sys [19336 2016-08-23] ()
R3 USBPcap; C:\Windows\system32\DRIVERS\USBPcap.sys [41720 2016-04-06] (USBPcap)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 Andbus; \SystemRoot\System32\drivers\lgandbus64.sys [X]
S3 AndDiag; \SystemRoot\System32\drivers\lganddiag64.sys [X]
S3 AndGps; \SystemRoot\System32\drivers\lgandgps64.sys [X]
S3 AndNetDiag2; \SystemRoot\System32\drivers\lgandnetdiag264.sys [X]
S3 AndNetGps; \SystemRoot\System32\drivers\lgandnetgps64.sys [X]
S3 usbbus; \SystemRoot\System32\drivers\lgx64bus.sys [X]
S3 UsbDiag; \SystemRoot\System32\drivers\lgx64diag.sys [X]
S3 UsbGps; \SystemRoot\System32\drivers\lgx64gps.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Ran by asd (administrator) on ASD (24-09-2016 21:06:41)
Running from C:\Users\asd\Desktop
Loaded Profiles: asd (Available Profiles: asd)
Platform: Windows 10 Pro Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\syswow64\IntelCpHeciSvc.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Users\asd\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(forum.viry.cz) C:\Users\asd\Desktop\FRSTLauncher.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [717688 2015-11-18] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [4391072 2012-06-11] (Dell Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1842744 2016-09-02] (NVIDIA Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7520768 2016-08-22] (Dell Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {19f90574-d2d4-11e5-b697-5cf9dd52fe90} - "G:\setup.exe"
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {33771c86-41a2-11e6-b6ca-5cf9dd52fe90} - "G:\AutoRun.exe"
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {431c573d-826e-11e6-b721-5cf9dd52fe90} - "F:\LG_PC_Programs.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [181488 2016-09-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [159536 2016-09-17] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{3782643d-da34-471b-a286-a65c9af0574b}: [DhcpNameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{e9fbfa58-c1aa-45bc-945e-afb0a9bfedea}: [DhcpNameServer] 93.153.117.1 93.153.117.33
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
SearchScopes: HKU\S-1-5-21-3306008469-2429422098-3430848668-1001 -> {35715D52-FDD1-40CC-9613-BF2ECC60BA9B} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\ssv.dll [2016-07-23] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-07-23] (Oracle Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-18] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-07-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-07-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/?gfe_rd=cr&ei=tzayV-SPGqnb8Aeg67TQCg
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default [2016-09-24]
CHR Extension: (Prezentace Google) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-14]
CHR Extension: (Dokumenty Google) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-14]
CHR Extension: (Disk Google) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-14]
CHR Extension: (YouTube) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-14]
CHR Extension: (Vyhledávání Google) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-14]
CHR Extension: (Tabulky Google) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-14]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2016-02-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (AdBlock) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-14]
CHR Extension: (Chrome Media Router) - C:\Users\asd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-05]
Opera:
=======
OPR StartupUrls: "hxxp://www.google.cz/"
OPR Extension: (Adblock Plus) - C:\Users\asd\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-09-06]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2288384 2015-12-27] (Broadcom Corporation.)
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2011-10-11] (Conexant Systems, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319080 2015-12-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458808 2016-09-02] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458808 2016-09-02] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-09-02] (NVIDIA Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1072296 2016-08-16] (Enigma Software Group USA, LLC.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [77824 2015-10-25] (Synaptics Incorporated)
S3 valWbioSyncSvc; C:\Windows\system32\valWbioSyncSvc.exe [47616 2015-10-25] (Synaptics Incorporated)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-09-07] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6292992 2016-08-22] (Dell Inc.) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndNetDiag; C:\Windows\System32\drivers\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [186152 2016-07-10] (Broadcom Corporation.)
R3 BCMWL63A; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11767552 2016-03-18] (Broadcom Corp)
S3 CySmb; C:\Windows\System32\drivers\cysmb.sys [10752 2015-12-27] (Cypress Semiconductor, Inc.)
S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-09-11] (Dell Computer Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-12-27] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-02-13] (Disc Soft Ltd)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-08-16] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-08-16] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-02-14] (REALiX(tm))
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2016-08-23] (Highresolution Enterprises [www.highrez.co.uk])
R3 kiox_ff_driver; C:\Windows\system32\DRIVERS\kiox_ff_driver.sys [41456 2015-12-27] (Kionix, Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-09-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2016-08-16] (NVIDIA Corporation)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2016-03-18] (Realsil Semiconductor Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R1 SMIDriver; C:\Windows\system32\DRIVERS\smi.sys [28400 2015-10-25] (Windows (R) Win 7 DDK provider)
S3 TDKLIB; C:\Users\asd\AppData\Local\Temp\TdkLib64.sys [19336 2016-08-23] ()
R3 USBPcap; C:\Windows\system32\DRIVERS\USBPcap.sys [41720 2016-04-06] (USBPcap)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 Andbus; \SystemRoot\System32\drivers\lgandbus64.sys [X]
S3 AndDiag; \SystemRoot\System32\drivers\lganddiag64.sys [X]
S3 AndGps; \SystemRoot\System32\drivers\lgandgps64.sys [X]
S3 AndNetDiag2; \SystemRoot\System32\drivers\lgandnetdiag264.sys [X]
S3 AndNetGps; \SystemRoot\System32\drivers\lgandnetgps64.sys [X]
S3 usbbus; \SystemRoot\System32\drivers\lgx64bus.sys [X]
S3 UsbDiag; \SystemRoot\System32\drivers\lgx64diag.sys [X]
S3 UsbGps; \SystemRoot\System32\drivers\lgx64gps.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Re: Preventivka
Dobrý večer,
omlouvám se, ale log je opět příliš dlouhý.
Je nahrán do přiloženého .zip.
Děkuji, heryjiri.
omlouvám se, ale log je opět příliš dlouhý.
Je nahrán do přiloženého .zip.
Děkuji, heryjiri.
- Přílohy
-
- FRST.zip
- (25.52 KiB) Staženo 52 x
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {19f90574-d2d4-11e5-b697-5cf9dd52fe90} - "G:\setup.exe"
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {33771c86-41a2-11e6-b6ca-5cf9dd52fe90} - "G:\AutoRun.exe"
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {431c573d-826e-11e6-b721-5cf9dd52fe90} - "F:\LG_PC_Programs.exe"
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
C:\WINDOWS\system32\ApnDatabase.xml
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\asd\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka
Fix result of Farbar Recovery Scan Tool (x64) Version: 24-09-2016 02
Ran by asd (24-09-2016 22:12:25) Run:1
Running from C:\Users\asd\Desktop
Loaded Profiles: asd (Available Profiles: asd)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {19f90574-d2d4-11e5-b697-5cf9dd52fe90} - "G:\setup.exe"
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {33771c86-41a2-11e6-b6ca-5cf9dd52fe90} - "G:\AutoRun.exe"
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {431c573d-826e-11e6-b721-5cf9dd52fe90} - "F:\LG_PC_Programs.exe"
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
C:\WINDOWS\system32\ApnDatabase.xml
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\asd\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19f90574-d2d4-11e5-b697-5cf9dd52fe90}" => key removed successfully
HKCR\CLSID\{19f90574-d2d4-11e5-b697-5cf9dd52fe90} => key not found.
"HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{33771c86-41a2-11e6-b6ca-5cf9dd52fe90}" => key removed successfully
HKCR\CLSID\{33771c86-41a2-11e6-b6ca-5cf9dd52fe90} => key not found.
"HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{431c573d-826e-11e6-b721-5cf9dd52fe90}" => key removed successfully
HKCR\CLSID\{431c573d-826e-11e6-b721-5cf9dd52fe90} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
HKCR\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
HKCR\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
C:\WINDOWS\system32\ApnDatabase.xml => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\asd\AppData\Local\Temp => moved successfully
==== End of Fixlog 22:12:26 ====
Ran by asd (24-09-2016 22:12:25) Run:1
Running from C:\Users\asd\Desktop
Loaded Profiles: asd (Available Profiles: asd)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {19f90574-d2d4-11e5-b697-5cf9dd52fe90} - "G:\setup.exe"
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {33771c86-41a2-11e6-b6ca-5cf9dd52fe90} - "G:\AutoRun.exe"
HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\...\MountPoints2: {431c573d-826e-11e6-b721-5cf9dd52fe90} - "F:\LG_PC_Programs.exe"
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
C:\WINDOWS\system32\ApnDatabase.xml
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\asd\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19f90574-d2d4-11e5-b697-5cf9dd52fe90}" => key removed successfully
HKCR\CLSID\{19f90574-d2d4-11e5-b697-5cf9dd52fe90} => key not found.
"HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{33771c86-41a2-11e6-b6ca-5cf9dd52fe90}" => key removed successfully
HKCR\CLSID\{33771c86-41a2-11e6-b6ca-5cf9dd52fe90} => key not found.
"HKU\S-1-5-21-3306008469-2429422098-3430848668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{431c573d-826e-11e6-b721-5cf9dd52fe90}" => key removed successfully
HKCR\CLSID\{431c573d-826e-11e6-b721-5cf9dd52fe90} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
HKCR\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
HKCR\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
C:\WINDOWS\system32\ApnDatabase.xml => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\asd\AppData\Local\Temp => moved successfully
==== End of Fixlog 22:12:26 ====
- Přílohy
-
- Fixlog.zip
- (1.19 KiB) Staženo 52 x
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka
Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?