Dobrý deň, chcem Vás poprosiť o kontrolu.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2017 01
Ran by Marián (administrator) on MARIANPC (23-02-2017 22:38:33)
Running from C:\Users\Marián\Desktop
Loaded Profiles: Marián (Available Profiles: Marián)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-07] (AVAST Software)
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\...\MountPoints2: H - H:\Launcher.exe
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\PROGRA~1\Techland\Xpand Rally\Data\VideoSettings.scr
AppInit_DLLs: APSHook.dll => C:\windows\system32\APSHook.dll [81680 2008-05-21] (Bioscrypt Inc.)
Lsa: [Notification Packages] scecli ASWLNPkg
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-02-07] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marián\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marián\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marián\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marián\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
BootExecute: autocheck autochk /r \??\C:autocheck autochk *
GroupPolicy: Restriction ? <======= ATTENTION
GroupPolicy\User: Restriction ? <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 80.242.44.85 8.8.8.8
Tcpip\..\Interfaces\{8DF6634D-087B-4509-86ED-60E587AB55D3}: [DhcpNameServer] 217.144.16.196 217.144.16.18
Tcpip\..\Interfaces\{DBF4E7EE-E7D9-4A8A-9B4B-749B9DBE9FD2}: [DhcpNameServer] 80.242.44.85 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3451414034-3831443019-3995466762-1004 -> {5AB01ACC-C0EF-4253-B9F0-151E925FCDB8} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-12] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-07] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-12] (Oracle Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-11-30] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-22] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-22] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3451414034-3831443019-3995466762-1004: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default [2017-02-23]
CHR Extension: (Prezentácie Google) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-19]
CHR Extension: (Dokumenty Google) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-19]
CHR Extension: (Disk Google) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-19]
CHR Extension: (YouTube) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-19]
CHR Extension: (Adblock Plus) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-27]
CHR Extension: (Tabuľky Google) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 accoca; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [182576 2007-05-16] (ActivIdentity)
S4 ASBroker; c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [111888 2008-05-21] (Bioscrypt Inc.)
S4 ASChannel; c:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [137488 2008-05-21] (Bioscrypt Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5541048 2017-02-13] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-07] (AVAST Software)
S4 EasyAntiCheat; C:\windows\system32\EasyAntiCheat.exe [237352 2015-04-04] (EasyAntiCheat Ltd) [File not signed]
S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-04-15] (Hewlett-Packard) [File not signed]
S4 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [34184 2008-05-14] (Hewlett-Packard Development Company, L.P)
S4 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256512 2008-05-14] (SafeBoot International)
S4 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [77824 2008-05-02] (Hewlett-Packard) [File not signed]
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
S4 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2008-02-28] (Hewlett-Packard) [File not signed]
S4 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [4590968 2012-09-05] (Native Instruments GmbH)
S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2008-02-28] (Hewlett-Packard) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 44BC0E26; C:\windows\System32\drivers\44BC0E26.sys [153784 2017-02-22] (Kaspersky Lab ZAO)
R1 aswbidsdriver; C:\windows\system32\drivers\aswbidsdriverx.sys [257288 2017-02-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\windows\system32\drivers\aswbidshx.sys [148720 2017-02-13] (AVAST Software s.r.o.)
R0 aswblog; C:\windows\system32\drivers\aswblogx.sys [267016 2017-02-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\windows\system32\drivers\aswbunivx.sys [41176 2017-02-13] (AVAST Software s.r.o.)
S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [34136 2017-02-07] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [31064 2017-02-07] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [106392 2017-02-07] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr.sys [60632 2017-02-07] (AVAST Software)
R0 aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [61128 2017-02-07] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [754664 2017-02-07] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [463936 2017-02-07] (AVAST Software)
R3 aswStmXP; C:\windows\system32\drivers\aswStmXP.sys [184208 2017-02-07] (AVAST Software)
S3 aswTap; C:\windows\System32\DRIVERS\aswTap.sys [35144 2014-08-15] (The OpenVPN Project)
R0 aswVmm; C:\windows\system32\drivers\aswVmm.sys [277176 2017-02-12] (AVAST Software)
R2 atksgt; C:\windows\System32\DRIVERS\atksgt.sys [281504 2015-08-22] ()
R2 lirsgt; C:\windows\System32\DRIVERS\lirsgt.sys [25888 2015-08-22] ()
R0x01000000 papycpu2; C:\windows\system32\drivers\papycpu2.sys [2016 2001-04-20] () [File not signed]
S3 PROCEXP152; C:\windows\system32\Drivers\PROCEXP152.SYS [29664 2017-02-22] (Sysinternals - www.sysinternals.com) [File not signed]
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [12496 2008-05-14] (SafeBoot International)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [108752 2008-05-14] () [File not signed]
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51376 2008-05-14] (SafeBoot N.V.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [12928 2008-05-14] (SafeBoot International)
R1 SCDEmu; C:\windows\system32\Drivers\SCDEmu.sys [113104 2012-08-24] (Power Software Ltd)
S4 secdrv; C:\windows\system32\Drivers\secdrv.sys [12400 2017-02-05] (Macrovision Europe Ltd) [File not signed]
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1810992 2009-03-27] ()
R0 sptd; C:\windows\System32\Drivers\sptd.sys [466008 2014-12-21] (Duplex Secure Ltd.)
S3 AmdLLD; system32\DRIVERS\AmdLLD.sys [X]
S4 cpuz134; no ImagePath
U3 DfSdkS; no ImagePath
U4 eabfiltr; no ImagePath
S0 gvwgxj; System32\drivers\dsgox.sys [X]
S4 IpInIp; system32\DRIVERS\ipinip.sys [X]
S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U5 papyjoy; C:\Windows\System32\Drivers\papyjoy.sys [1888 1998-09-04] () [File not signed]
S4 zlportio; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-23 22:38 - 2017-02-23 22:38 - 00015484 _____ C:\Users\Marián\Desktop\FRST.txt
2017-02-23 22:37 - 2017-02-23 22:38 - 00000000 ____D C:\FRST
2017-02-23 22:14 - 2017-02-23 22:14 - 01765376 _____ (Farbar) C:\Users\Marián\Desktop\FRST.exe
2017-02-23 21:30 - 2017-02-23 21:32 - 00000000 ____D C:\AdwCleaner
2017-02-22 21:25 - 2017-02-22 21:25 - 00029664 _____ (Sysinternals - www.sysinternals.com) C:\windows\system32\Drivers\PROCEXP152.SYS
2017-02-22 18:24 - 2017-02-22 18:24 - 00000000 ___HD C:\$AV_ASW
2017-02-22 16:09 - 2016-11-08 16:26 - 02073088 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-02-22 16:02 - 2016-11-02 17:06 - 00306408 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2017-02-22 16:02 - 2016-11-02 16:59 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2017-02-22 15:53 - 2016-09-09 16:15 - 01029120 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2017-02-22 15:53 - 2016-09-09 16:15 - 00219648 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2017-02-22 15:53 - 2016-09-09 16:15 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2017-02-22 15:53 - 2016-09-09 16:15 - 00160768 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2017-02-22 15:53 - 2016-09-09 15:34 - 01172480 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2017-02-22 15:53 - 2016-09-09 15:32 - 00486912 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2017-02-22 15:53 - 2016-09-09 15:23 - 00682496 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2017-02-22 15:53 - 2016-09-09 15:21 - 01073152 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-02-22 15:53 - 2016-09-09 15:21 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-02-22 15:36 - 2016-08-14 16:48 - 00627712 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2017-02-22 12:34 - 2017-02-22 12:34 - 00153784 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\44BC0E26.sys
2017-02-22 11:32 - 2017-02-22 11:32 - 09647696 _____ (Crawler Group ) C:\Users\Marián\Downloads\SpywareTerminatorSetup.exe
2017-02-22 08:08 - 2017-02-22 08:08 - 00000000 ____D C:\Users\Marián\AppData\Local\Hewlett-Packard
2017-02-21 21:41 - 2017-02-21 21:41 - 00000801 _____ C:\Users\Marián\Desktop\RailWorks.exe - odkaz.lnk
2017-02-21 21:36 - 2017-02-21 21:36 - 00000000 ____D C:\windows\system32\AGEIA
2017-02-21 21:36 - 2017-02-21 21:36 - 00000000 ____D C:\Program Files\AGEIA Technologies
2017-02-21 14:52 - 2017-02-21 14:55 - 109189008 _____ (Kaspersky Lab ZAO) C:\Users\Marián\Downloads\KVRT (1).exe
2017-02-19 16:52 - 2017-02-19 16:52 - 00000771 _____ C:\Users\Marián\Desktop\GT Legends.lnk
2017-02-19 16:44 - 2017-02-19 20:33 - 00000000 ____D C:\Program Files\GT Legends
2017-02-18 23:02 - 2017-02-18 23:02 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Strategy First
2017-02-18 17:00 - 2017-02-18 17:00 - 00000079 _____ C:\windows\wininit.ini
2017-02-18 14:22 - 2017-02-18 14:22 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-17 19:04 - 2017-02-17 19:04 - 00000920 _____ C:\Users\Marián\Desktop\fixedstart.bat - odkaz.lnk
2017-02-16 23:36 - 2017-02-16 23:36 - 00000000 ____D C:\Users\Marián\AppData\Local\Setup Integrity Check
2017-02-13 11:46 - 2017-02-22 16:40 - 00031274 _____ C:\windows\system32\perfh01B.dat
2017-02-13 11:46 - 2017-02-22 16:40 - 00012052 _____ C:\windows\system32\perfc01B.dat
2017-02-13 10:47 - 2017-02-13 10:51 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2017-02-13 06:53 - 2017-02-13 06:52 - 00267016 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswblogx.sys
2017-02-13 06:53 - 2017-02-13 06:52 - 00257288 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsdriverx.sys
2017-02-13 06:53 - 2017-02-13 06:52 - 00148720 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidshx.sys
2017-02-13 06:53 - 2017-02-13 06:52 - 00041176 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbunivx.sys
2017-02-12 22:48 - 2017-02-12 22:47 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge6344747.dll
2017-02-12 22:44 - 2017-02-12 22:23 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge6139107.dll
2017-02-12 22:44 - 2017-02-12 22:23 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge6100715.dll
2017-02-12 22:23 - 2017-02-12 22:23 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4868822.dll
2017-02-12 22:20 - 2017-02-12 22:17 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4662776.dll
2017-02-12 22:19 - 2017-02-12 22:17 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4617832.dll
2017-02-12 22:18 - 2017-02-12 22:17 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4544761.dll
2017-02-12 22:12 - 2017-01-22 16:06 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4230918.dll
2017-02-12 22:10 - 2017-01-22 16:06 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4068880.dll
2017-02-12 19:09 - 2017-01-05 17:57 - 01259008 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-02-12 19:09 - 2016-11-20 15:16 - 00276992 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2017-02-12 19:09 - 2016-11-20 15:07 - 00444136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2017-02-12 19:09 - 2016-10-08 16:51 - 00219136 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-02-12 19:09 - 2016-08-10 16:44 - 00284160 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-02-12 19:09 - 2016-08-10 16:43 - 00206336 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2017-02-12 19:09 - 2016-05-14 16:41 - 00175616 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2017-02-12 19:09 - 2016-03-18 18:10 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2017-02-12 19:09 - 2016-02-06 03:12 - 00783872 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2017-02-12 19:09 - 2016-02-06 03:11 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2017-02-12 18:08 - 2017-02-07 15:40 - 00328208 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2017-02-07 15:41 - 2017-02-12 18:09 - 00000342 ____H C:\windows\Tasks\Avast Emergency Update.job
2017-02-07 07:31 - 2017-02-07 07:31 - 00000000 ____D C:\Program Files\CCleaner
2017-02-07 07:24 - 2017-02-07 07:24 - 00000000 ____D C:\Program Files\Defraggler
2017-02-05 18:08 - 2017-02-21 21:43 - 00000000 ____D C:\Program Files\Rail Works 2
2017-02-05 15:33 - 2017-02-17 19:03 - 00000000 ____D C:\Program Files\Rainbow Six 3 Raven Shield
2017-02-04 21:15 - 2017-02-16 23:32 - 00000000 ____D C:\Users\Marián\FIFA.14.Multi13-RU.Repack.by.z10yded
2017-02-04 20:14 - 2017-02-04 20:36 - 00000000 _____ C:\Users\Marián\AppData\Roaming\FileOut.cns
2017-02-04 20:14 - 2017-02-04 20:36 - 00000000 _____ C:\Users\Marián\AppData\Roaming\FileIn.cns
2017-02-04 17:29 - 2017-02-04 17:29 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F1 1976 LE v1.1
2017-02-04 15:30 - 2017-02-04 15:30 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F1 IMT 2013 FINAL
2017-02-04 10:21 - 2004-02-13 11:57 - 30536118 _____ C:\windows\RVS_1.0_1.54_UK.RTP
2017-02-04 10:00 - 2004-03-16 10:56 - 32791587 _____ C:\windows\RVS_1.0_1.56_UK.RTP
2017-02-04 07:52 - 2017-02-22 16:12 - 02447880 _____ C:\windows\system32\FNTCACHE.DAT
2017-02-03 21:05 - 2017-02-03 21:11 - 00001490 _____ C:\Users\Marián\Desktop\rFactor.lnk
2017-02-03 20:31 - 2017-02-03 20:31 - 00001944 _____ C:\Users\Marián\Desktop\Rise of Nations Extended Edition.lnk
2017-02-03 20:26 - 2017-02-03 22:07 - 00000000 ____D C:\Program Files\Rise of Nations Extended Edition
2017-02-03 20:11 - 2017-02-12 23:30 - 00156968 _____ C:\Users\Marián\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-02 20:21 - 2017-02-02 20:21 - 00000734 _____ C:\Users\Marián\Desktop\fifa13.exe - odkaz.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-23 22:18 - 2015-09-19 23:29 - 00170200 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-23 22:18 - 2013-11-29 11:46 - 00000000 ____D C:\Games
2017-02-23 22:18 - 2013-11-29 11:19 - 00000000 ___RD C:\Users\Marián
2017-02-23 20:48 - 2016-01-14 11:05 - 00068072 _____ (Absolute Software Corp.) C:\windows\system32\agremove.exe
2017-02-23 20:46 - 2015-02-21 17:22 - 00000000 ____D C:\Users\Marián\utilitky
2017-02-23 20:40 - 2006-11-02 12:18 - 00000000 ___SD C:\windows\Downloaded Program Files
2017-02-23 20:40 - 2006-11-02 12:18 - 00000000 ___RD C:\windows\Offline Web Pages
2017-02-23 20:40 - 2006-11-02 12:18 - 00000000 ____D C:\windows\PolicyDefinitions
2017-02-23 12:01 - 2014-01-11 09:06 - 00000000 ____D C:\Users\Marián\AppData\Roaming\vlc
2017-02-22 21:16 - 2006-11-02 12:18 - 00000000 ____D C:\windows\inf
2017-02-22 20:35 - 2006-11-02 13:58 - 00032570 _____ C:\windows\Tasks\SCHEDLGU.TXT
2017-02-22 20:35 - 2006-11-02 13:58 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-02-22 20:35 - 2006-11-02 13:45 - 00003344 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-22 20:35 - 2006-11-02 13:45 - 00003344 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-22 19:35 - 2016-05-19 08:15 - 00000920 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-02-22 19:35 - 2014-12-25 10:58 - 00000326 _____ C:\windows\Tasks\HPCeeScheduleForMarián.job
2017-02-22 19:35 - 2014-06-02 08:23 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2017-02-22 19:35 - 2006-11-02 12:18 - 00000000 ____D C:\windows\registration
2017-02-22 17:39 - 2016-10-21 16:58 - 00000000 ____D C:\Program Files\Analog Devices
2017-02-22 16:40 - 2008-04-17 12:30 - 00753306 _____ C:\windows\system32\PerfStringBackup.INI
2017-02-22 14:55 - 2006-11-02 12:18 - 00000000 ____D C:\windows\rescache
2017-02-22 12:52 - 2014-02-21 20:47 - 00007944 _____ C:\Users\Marián\AppData\Local\d3d9caps.dat
2017-02-22 12:14 - 2013-11-29 11:39 - 00000000 ____D C:\Users\Marián\AppData\Roaming\uTorrent
2017-02-21 21:35 - 2016-05-18 00:40 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2017-02-20 23:30 - 2017-01-09 20:21 - 00000000 ____D C:\Program Files\IL-2 Sturmovik 1946
2017-02-20 13:28 - 2015-11-23 00:29 - 00000000 ___RD C:\Users\Marián\Downloads\2015 Songs
2017-02-19 23:20 - 2016-07-12 21:34 - 00000000 ____D C:\Program Files\GTR2
2017-02-19 08:57 - 2015-11-24 21:52 - 00000000 ____D C:\Program Files\Ubisoft
2017-02-19 00:26 - 2017-01-10 13:18 - 00000000 ____D C:\Program Files\Wings Over Europe
2017-02-16 22:59 - 2016-12-17 20:43 - 00000000 ____D C:\Users\Marián\AppData\Local\Forgotten_Hope
2017-02-16 07:55 - 2016-04-08 11:24 - 00000113 _____ C:\Users\Marián\moje citaty.txt
2017-02-13 12:52 - 2013-11-29 11:29 - 00000000 ____D C:\Users\Marián\AppData\Roaming\HPQLOG
2017-02-13 11:43 - 2013-12-24 11:21 - 00000012 _____ C:\windows\bthservsdp.dat
2017-02-13 10:50 - 2013-12-27 13:41 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2017-02-13 10:50 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-12 22:46 - 2008-08-06 04:26 - 00000000 ____D C:\Program Files\Java
2017-02-12 22:32 - 2014-06-01 13:28 - 00000000 ____D C:\Program Files\OpenOffice 4
2017-02-12 18:10 - 2016-08-28 18:57 - 00000500 _____ C:\windows\Tasks\SafeZone scheduled Autoupdate 1472407029.job
2017-02-12 18:10 - 2016-08-28 18:55 - 00001795 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-02-12 18:09 - 2016-08-28 18:54 - 00277176 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys
2017-02-12 18:04 - 2006-11-02 12:18 - 00000000 ____D C:\windows\system32\Msdtc
2017-02-12 17:58 - 2006-11-02 11:22 - 79953920 _____ C:\windows\system32\config\software_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 53293056 _____ C:\windows\system32\config\components_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 31195136 _____ C:\windows\system32\config\system_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 06291456 _____ C:\windows\system32\config\default_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 00061440 _____ C:\windows\system32\config\sam_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 00040960 _____ C:\windows\system32\config\security_previous
2017-02-12 17:57 - 2016-11-11 22:14 - 00000000 ____D C:\Users\Mari�n\Documents\FIFA 13
2017-02-12 17:57 - 2014-01-12 10:19 - 00000000 ____D C:\Users\Marián\AppData\Local\Nero
2017-02-12 17:57 - 2013-11-29 21:38 - 00000000 ____D C:\Users\Marián\AppData\Local\Microsoft Help
2017-02-12 16:52 - 2015-10-03 09:07 - 00000000 ____D C:\Users\Mari�n
2017-02-12 16:51 - 2016-05-04 20:51 - 00000000 ____D C:\Users\Marián
2017-02-12 16:50 - 2015-02-20 17:53 - 00000000 __SHD C:\Users\Marian
2017-02-10 09:27 - 2008-08-06 04:00 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-02-07 15:40 - 2016-08-28 18:54 - 00463936 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00184208 _____ (AVAST Software) C:\windows\system32\Drivers\aswStmXP.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00106392 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00061128 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00060632 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00034136 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2017-02-07 15:39 - 2016-08-28 18:56 - 00031064 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2017-02-07 15:39 - 2016-08-28 18:54 - 00754664 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2017-02-06 21:48 - 2014-01-07 00:12 - 00000000 ____D C:\Program Files\Steam
2017-02-06 21:13 - 2015-12-28 23:48 - 00000000 ____D C:\Program Files\Common Files\Steam
2017-02-06 10:29 - 2013-11-29 11:46 - 00000000 ___HD C:\windows\msdownld.tmp
2017-02-06 10:29 - 2013-11-29 11:46 - 00000000 ____D C:\windows\system32\directx
2017-02-05 20:14 - 2015-02-24 21:11 - 00000000 ____D C:\Users\Marián\AppData\Local\SKIDROW
2017-02-05 01:22 - 2003-02-04 22:11 - 00012400 _____ (Macrovision Europe Ltd) C:\windows\system32\Drivers\secdrv.sys
2017-02-04 20:59 - 2006-11-02 13:35 - 00000000 ____D C:\Program Files\Microsoft Games
2017-02-04 00:13 - 2016-09-12 22:25 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F1 Seven 1975 IPE v1.2
2017-02-03 21:55 - 2015-01-14 01:40 - 00000000 ____D C:\Users\Marián\Documents\My Games
2017-02-03 20:31 - 2016-02-09 02:40 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft Games
2017-01-24 20:47 - 2016-02-01 20:13 - 00000000 ____D C:\Program Files\WSC Real 09
==================== Files in the root of some directories =======
2015-04-16 10:09 - 2015-04-14 22:09 - 0000040 ____H () C:\Program Files\214dccf5.tmp
2014-01-03 22:35 - 2016-07-28 00:34 - 0000936 _____ () C:\Users\Marián\AppData\Roaming\del.bat
2017-02-04 20:14 - 2017-02-04 20:36 - 0000000 _____ () C:\Users\Marián\AppData\Roaming\FileIn.cns
2017-02-04 20:14 - 2017-02-04 20:36 - 0000000 _____ () C:\Users\Marián\AppData\Roaming\FileOut.cns
2015-11-29 11:56 - 2015-11-29 11:56 - 0000213 _____ () C:\Users\Marián\AppData\Roaming\MARIANPC.MTBF.txt
2013-11-29 19:55 - 2015-02-17 19:30 - 0000016 _____ () C:\Users\Marián\AppData\Roaming\msregsvv.dll
2014-01-12 15:22 - 2016-12-05 12:59 - 0138904 _____ () C:\Users\Marián\AppData\Roaming\PnkBstrK.sys
2015-04-07 01:32 - 2015-04-07 01:32 - 0000032 _____ () C:\Users\Marián\AppData\Roaming\prio.ini
2015-06-10 09:12 - 2015-06-10 09:12 - 0000004 _____ () C:\Users\Marián\AppData\Roaming\steam_md4.dat
2015-08-18 00:49 - 2015-08-18 00:49 - 0000004 _____ () C:\Users\Marián\AppData\Roaming\steam_md5.dat
2015-05-09 10:23 - 2015-05-28 00:19 - 0000001 _____ () C:\Users\Marián\AppData\Roaming\update.dat
2014-06-02 21:47 - 2015-11-29 13:48 - 0000959 _____ () C:\Users\Marián\AppData\Roaming\__AvidCloudManager.log
2014-06-02 21:47 - 2014-06-03 01:23 - 0000787 _____ () C:\Users\Marián\AppData\Roaming\__AvidCloudManagerPrevious.log
2014-02-21 20:47 - 2017-02-22 12:52 - 0007944 _____ () C:\Users\Marián\AppData\Local\d3d9caps.dat
2013-12-07 12:37 - 2015-12-14 11:23 - 0024064 _____ () C:\Users\Marián\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-29 11:29 - 2013-11-29 11:29 - 0000000 _____ () C:\Users\Marián\AppData\Local\DSwitch.txt
2015-07-19 10:52 - 2015-07-19 10:52 - 0000094 _____ () C:\Users\Marián\AppData\Local\fusioncache.dat
2015-01-19 15:04 - 2015-01-19 15:04 - 0000000 ___SH () C:\Users\Marián\AppData\Local\LumaEmu
2013-11-29 11:29 - 2013-11-29 11:29 - 0000000 _____ () C:\Users\Marián\AppData\Local\QSwitch.txt
2015-06-22 20:09 - 2015-06-22 20:09 - 0000000 ___SH () C:\ProgramData\.rdata
2013-11-29 19:55 - 2015-02-17 19:30 - 0000016 _____ () C:\ProgramData\autobk.inc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-23 20:48
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím skontrolovať
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím skontrolovať
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Mariangello
- Návštěvník
- Příspěvky: 51
- Registrován: 23 úno 2017 20:58
Re: Prosím skontrolovať
Ukončený sken:
# AdwCleaner v6.043 - *Logfile created 24/02/2017 *at 10:31:44
# *Updated on 27/01/2017 by Malwarebytes
# *Database : 2017-02-23.4 [*Local]
# *Operating System : Windows Vista (TM) Home Basic Service Pack 2 (X86)
# *Username : Marián - MARIANPC
# *Running from : C:\Users\Marián\Desktop\adwcleaner_6.043.exe
# *Mode: Scan
# *Support : https://www.malwarebytes.com/support
***** [ *Services ] *****
*No malicious services found.
***** [ *Folders ] *****
*No malicious folders found.
***** [ *Files ] *****
*No malicious files found.
***** [ DLL ] *****
*No malicious DLLs found.
***** [ WMI ] *****
*No malicious keys found.
***** [ *Shortcuts ] *****
*No infected shortcut found.
***** [ *Scheduled tasks ] *****
*No malicious task found.
***** [ *Registry ] *****
*No malicious registry entries found.
***** [ *Web browsers ] *****
*No malicious Firefox based browser items found.
*No malicious Chromium based browser items found.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [1204 *Bytes] - [23/02/2017 21:32:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [1277 *Bytes] - [23/02/2017 22:56:39]
C:\AdwCleaner\AdwCleaner[S2].txt - [1196 *Bytes] - [24/02/2017 10:31:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1270 *Bytes] ##########
# AdwCleaner v6.043 - *Logfile created 24/02/2017 *at 10:31:44
# *Updated on 27/01/2017 by Malwarebytes
# *Database : 2017-02-23.4 [*Local]
# *Operating System : Windows Vista (TM) Home Basic Service Pack 2 (X86)
# *Username : Marián - MARIANPC
# *Running from : C:\Users\Marián\Desktop\adwcleaner_6.043.exe
# *Mode: Scan
# *Support : https://www.malwarebytes.com/support
***** [ *Services ] *****
*No malicious services found.
***** [ *Folders ] *****
*No malicious folders found.
***** [ *Files ] *****
*No malicious files found.
***** [ DLL ] *****
*No malicious DLLs found.
***** [ WMI ] *****
*No malicious keys found.
***** [ *Shortcuts ] *****
*No infected shortcut found.
***** [ *Scheduled tasks ] *****
*No malicious task found.
***** [ *Registry ] *****
*No malicious registry entries found.
***** [ *Web browsers ] *****
*No malicious Firefox based browser items found.
*No malicious Chromium based browser items found.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [1204 *Bytes] - [23/02/2017 21:32:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [1277 *Bytes] - [23/02/2017 22:56:39]
C:\AdwCleaner\AdwCleaner[S2].txt - [1196 *Bytes] - [24/02/2017 10:31:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1270 *Bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím skontrolovať
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\...\MountPoints2: H - H:\Launcher.exe
GroupPolicy: Restriction ? <======= ATTENTION
GroupPolicy\User: Restriction ? <======= ATTENTION
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S4 cpuz134; no ImagePath
U3 DfSdkS; no ImagePath
U4 eabfiltr; no ImagePath
S4 zlportio; no ImagePath
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Program Files\214dccf5.tmp
C:\Users\Marián\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
EmptyTemp:
End.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Mariangello
- Návštěvník
- Příspěvky: 51
- Registrován: 23 úno 2017 20:58
Re: Prosím skontrolovať
Dobre, tak tu to je:
Fix result of Farbar Recovery Scan Tool (x86) Version: 23-02-2017 01
Ran by Marián (24-02-2017 12:44:57) Run:1
Running from C:\Users\Marián\Desktop
Loaded Profiles: Marián (Available Profiles: Marián)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\...\MountPoints2: H - H:\Launcher.exe
GroupPolicy: Restriction ? <======= ATTENTION
GroupPolicy\User: Restriction ? <======= ATTENTION
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S4 cpuz134; no ImagePath
U3 DfSdkS; no ImagePath
U4 eabfiltr; no ImagePath
S4 zlportio; no ImagePath
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Program Files\214dccf5.tmp
C:\Users\Marián\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
EmptyTemp:
End.
*****************
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => key removed successfully.
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => key removed successfully.
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\windows\system32\GroupPolicy\User => moved successfully
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKLM\System\CurrentControlSet\Services\cpuz134 => key removed successfully.
cpuz134 => service removed successfully.
HKLM\System\CurrentControlSet\Services\DfSdkS => key removed successfully.
DfSdkS => service removed successfully.
HKLM\System\CurrentControlSet\Services\eabfiltr => key removed successfully.
eabfiltr => service removed successfully.
HKLM\System\CurrentControlSet\Services\zlportio => key removed successfully.
zlportio => service removed successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Program Files\214dccf5.tmp => moved successfully
C:\Users\Marián\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
End. => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12435424 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 65997694 B
Edge => 0 B
Chrome => 379818510 B
Firefox => 0 B
Opera => 678912 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 28912566 B
LocalService => 0 B
NetworkService => 0 B
Marián => 2427139 B
RecycleBin => 0 B
EmptyTemp: => 467.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:45:07 ====
Fix result of Farbar Recovery Scan Tool (x86) Version: 23-02-2017 01
Ran by Marián (24-02-2017 12:44:57) Run:1
Running from C:\Users\Marián\Desktop
Loaded Profiles: Marián (Available Profiles: Marián)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\...\MountPoints2: H - H:\Launcher.exe
GroupPolicy: Restriction ? <======= ATTENTION
GroupPolicy\User: Restriction ? <======= ATTENTION
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S4 cpuz134; no ImagePath
U3 DfSdkS; no ImagePath
U4 eabfiltr; no ImagePath
S4 zlportio; no ImagePath
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Program Files\214dccf5.tmp
C:\Users\Marián\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
EmptyTemp:
End.
*****************
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => key removed successfully.
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => key removed successfully.
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\windows\system32\GroupPolicy\User => moved successfully
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKLM\System\CurrentControlSet\Services\cpuz134 => key removed successfully.
cpuz134 => service removed successfully.
HKLM\System\CurrentControlSet\Services\DfSdkS => key removed successfully.
DfSdkS => service removed successfully.
HKLM\System\CurrentControlSet\Services\eabfiltr => key removed successfully.
eabfiltr => service removed successfully.
HKLM\System\CurrentControlSet\Services\zlportio => key removed successfully.
zlportio => service removed successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Program Files\214dccf5.tmp => moved successfully
C:\Users\Marián\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
End. => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12435424 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 65997694 B
Edge => 0 B
Chrome => 379818510 B
Firefox => 0 B
Opera => 678912 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 28912566 B
LocalService => 0 B
NetworkService => 0 B
Marián => 2427139 B
RecycleBin => 0 B
EmptyTemp: => 467.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:45:07 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím skontrolovať
Smazáno. Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Mariangello
- Návštěvník
- Příspěvky: 51
- Registrován: 23 úno 2017 20:58
Re: Prosím skontrolovať
Tak to dúfam. Tie dva java pluginy ssv tam sú v poriadku?
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2017 01
Ran by Marián (administrator) on MARIANPC (24-02-2017 14:09:22)
Running from C:\Users\Marián\Desktop
Loaded Profiles: Marián (Available Profiles: Marián)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-07] (AVAST Software)
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\PROGRA~1\Techland\Xpand Rally\Data\VideoSettings.scr
AppInit_DLLs: APSHook.dll => C:\windows\system32\APSHook.dll [81680 2008-05-21] (Bioscrypt Inc.)
Lsa: [Notification Packages] scecli ASWLNPkg
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-02-07] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marián\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marián\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marián\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marián\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
BootExecute: autocheck autochk /r \??\C:autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 80.242.44.85 8.8.8.8
Tcpip\..\Interfaces\{8DF6634D-087B-4509-86ED-60E587AB55D3}: [DhcpNameServer] 217.144.16.196 217.144.16.18
Tcpip\..\Interfaces\{DBF4E7EE-E7D9-4A8A-9B4B-749B9DBE9FD2}: [DhcpNameServer] 80.242.44.85 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKU\S-1-5-21-3451414034-3831443019-3995466762-1004 -> {5AB01ACC-C0EF-4253-B9F0-151E925FCDB8} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-12] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-07] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-12] (Oracle Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-11-30] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-22] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-22] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3451414034-3831443019-3995466762-1004: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default [2017-02-24]
CHR Extension: (Prezentácie Google) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-19]
CHR Extension: (Dokumenty Google) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-19]
CHR Extension: (Disk Google) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-19]
CHR Extension: (YouTube) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-19]
CHR Extension: (Adblock Plus) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-27]
CHR Extension: (Tabuľky Google) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 accoca; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [182576 2007-05-16] (ActivIdentity)
S4 ASBroker; c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [111888 2008-05-21] (Bioscrypt Inc.)
S4 ASChannel; c:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [137488 2008-05-21] (Bioscrypt Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5541048 2017-02-13] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-07] (AVAST Software)
S4 EasyAntiCheat; C:\windows\system32\EasyAntiCheat.exe [237352 2015-04-04] (EasyAntiCheat Ltd) [File not signed]
S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-04-15] (Hewlett-Packard) [File not signed]
S4 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [34184 2008-05-14] (Hewlett-Packard Development Company, L.P)
S4 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256512 2008-05-14] (SafeBoot International)
S4 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [77824 2008-05-02] (Hewlett-Packard) [File not signed]
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
S4 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2008-02-28] (Hewlett-Packard) [File not signed]
S4 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [4590968 2012-09-05] (Native Instruments GmbH)
S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2008-02-28] (Hewlett-Packard) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 44BC0E26; C:\windows\System32\drivers\44BC0E26.sys [153784 2017-02-22] (Kaspersky Lab ZAO)
R1 aswbidsdriver; C:\windows\system32\drivers\aswbidsdriverx.sys [257288 2017-02-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\windows\system32\drivers\aswbidshx.sys [148720 2017-02-13] (AVAST Software s.r.o.)
R0 aswblog; C:\windows\system32\drivers\aswblogx.sys [267016 2017-02-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\windows\system32\drivers\aswbunivx.sys [41176 2017-02-13] (AVAST Software s.r.o.)
S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [34136 2017-02-07] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [31064 2017-02-07] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [106392 2017-02-07] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr.sys [60632 2017-02-07] (AVAST Software)
R0 aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [61128 2017-02-07] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [754664 2017-02-07] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [463936 2017-02-07] (AVAST Software)
R3 aswStmXP; C:\windows\system32\drivers\aswStmXP.sys [184208 2017-02-07] (AVAST Software)
S3 aswTap; C:\windows\System32\DRIVERS\aswTap.sys [35144 2014-08-15] (The OpenVPN Project)
R0 aswVmm; C:\windows\system32\drivers\aswVmm.sys [277176 2017-02-12] (AVAST Software)
R2 atksgt; C:\windows\System32\DRIVERS\atksgt.sys [281504 2015-08-22] ()
R2 lirsgt; C:\windows\System32\DRIVERS\lirsgt.sys [25888 2015-08-22] ()
R0x01000000 papycpu2; C:\windows\system32\drivers\papycpu2.sys [2016 2001-04-20] () [File not signed]
S3 PROCEXP152; C:\windows\system32\Drivers\PROCEXP152.SYS [29664 2017-02-22] (Sysinternals - www.sysinternals.com) [File not signed]
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [12496 2008-05-14] (SafeBoot International)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [108752 2008-05-14] () [File not signed]
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51376 2008-05-14] (SafeBoot N.V.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [12928 2008-05-14] (SafeBoot International)
R1 SCDEmu; C:\windows\system32\Drivers\SCDEmu.sys [113104 2012-08-24] (Power Software Ltd)
S4 secdrv; C:\windows\system32\Drivers\secdrv.sys [12400 2017-02-05] (Macrovision Europe Ltd) [File not signed]
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1810992 2009-03-27] ()
R0 sptd; C:\windows\System32\Drivers\sptd.sys [466008 2014-12-21] (Duplex Secure Ltd.)
S3 AmdLLD; system32\DRIVERS\AmdLLD.sys [X]
S0 gvwgxj; System32\drivers\dsgox.sys [X]
S4 IpInIp; system32\DRIVERS\ipinip.sys [X]
S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U5 papyjoy; C:\Windows\System32\Drivers\papyjoy.sys [1888 1998-09-04] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-24 14:04 - 2017-02-24 14:09 - 00014848 _____ C:\Users\Marián\Desktop\FRST.txt
2017-02-23 22:37 - 2017-02-24 14:09 - 00000000 ____D C:\FRST
2017-02-23 22:14 - 2017-02-23 22:14 - 01765376 _____ (Farbar) C:\Users\Marián\Desktop\FRST.exe
2017-02-23 21:30 - 2017-02-24 13:35 - 00000000 ____D C:\AdwCleaner
2017-02-22 21:25 - 2017-02-22 21:25 - 00029664 _____ (Sysinternals - www.sysinternals.com) C:\windows\system32\Drivers\PROCEXP152.SYS
2017-02-22 18:24 - 2017-02-22 18:24 - 00000000 ___HD C:\$AV_ASW
2017-02-22 16:09 - 2016-11-08 16:26 - 02073088 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-02-22 16:02 - 2016-11-02 17:06 - 00306408 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2017-02-22 16:02 - 2016-11-02 16:59 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2017-02-22 15:53 - 2016-09-09 16:15 - 01029120 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2017-02-22 15:53 - 2016-09-09 16:15 - 00219648 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2017-02-22 15:53 - 2016-09-09 16:15 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2017-02-22 15:53 - 2016-09-09 16:15 - 00160768 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2017-02-22 15:53 - 2016-09-09 15:34 - 01172480 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2017-02-22 15:53 - 2016-09-09 15:32 - 00486912 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2017-02-22 15:53 - 2016-09-09 15:23 - 00682496 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2017-02-22 15:53 - 2016-09-09 15:21 - 01073152 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-02-22 15:53 - 2016-09-09 15:21 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-02-22 15:36 - 2016-08-14 16:48 - 00627712 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2017-02-22 12:34 - 2017-02-22 12:34 - 00153784 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\44BC0E26.sys
2017-02-22 11:32 - 2017-02-22 11:32 - 09647696 _____ (Crawler Group ) C:\Users\Marián\Downloads\SpywareTerminatorSetup.exe
2017-02-22 08:08 - 2017-02-22 08:08 - 00000000 ____D C:\Users\Marián\AppData\Local\Hewlett-Packard
2017-02-21 21:41 - 2017-02-21 21:41 - 00000801 _____ C:\Users\Marián\Desktop\RailWorks.exe - odkaz.lnk
2017-02-21 21:36 - 2017-02-21 21:36 - 00000000 ____D C:\windows\system32\AGEIA
2017-02-21 21:36 - 2017-02-21 21:36 - 00000000 ____D C:\Program Files\AGEIA Technologies
2017-02-21 14:52 - 2017-02-21 14:55 - 109189008 _____ (Kaspersky Lab ZAO) C:\Users\Marián\Downloads\KVRT (1).exe
2017-02-19 16:52 - 2017-02-19 16:52 - 00000771 _____ C:\Users\Marián\Desktop\GT Legends.lnk
2017-02-19 16:44 - 2017-02-19 20:33 - 00000000 ____D C:\Program Files\GT Legends
2017-02-18 23:02 - 2017-02-18 23:02 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Strategy First
2017-02-18 17:00 - 2017-02-18 17:00 - 00000079 _____ C:\windows\wininit.ini
2017-02-18 14:22 - 2017-02-18 14:22 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-17 19:04 - 2017-02-17 19:04 - 00000920 _____ C:\Users\Marián\Desktop\fixedstart.bat - odkaz.lnk
2017-02-16 23:36 - 2017-02-16 23:36 - 00000000 ____D C:\Users\Marián\AppData\Local\Setup Integrity Check
2017-02-13 11:46 - 2017-02-22 16:40 - 00031274 _____ C:\windows\system32\perfh01B.dat
2017-02-13 11:46 - 2017-02-22 16:40 - 00012052 _____ C:\windows\system32\perfc01B.dat
2017-02-13 10:47 - 2017-02-13 10:51 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2017-02-13 06:53 - 2017-02-13 06:52 - 00267016 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswblogx.sys
2017-02-13 06:53 - 2017-02-13 06:52 - 00257288 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsdriverx.sys
2017-02-13 06:53 - 2017-02-13 06:52 - 00148720 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidshx.sys
2017-02-13 06:53 - 2017-02-13 06:52 - 00041176 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbunivx.sys
2017-02-12 22:48 - 2017-02-12 22:47 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge6344747.dll
2017-02-12 22:44 - 2017-02-12 22:23 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge6139107.dll
2017-02-12 22:44 - 2017-02-12 22:23 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge6100715.dll
2017-02-12 22:23 - 2017-02-12 22:23 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4868822.dll
2017-02-12 22:20 - 2017-02-12 22:17 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4662776.dll
2017-02-12 22:19 - 2017-02-12 22:17 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4617832.dll
2017-02-12 22:18 - 2017-02-12 22:17 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4544761.dll
2017-02-12 22:12 - 2017-01-22 16:06 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4230918.dll
2017-02-12 22:10 - 2017-01-22 16:06 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4068880.dll
2017-02-12 19:09 - 2017-01-05 17:57 - 01259008 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-02-12 19:09 - 2016-11-20 15:16 - 00276992 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2017-02-12 19:09 - 2016-11-20 15:07 - 00444136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2017-02-12 19:09 - 2016-10-08 16:51 - 00219136 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-02-12 19:09 - 2016-08-10 16:44 - 00284160 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-02-12 19:09 - 2016-08-10 16:43 - 00206336 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2017-02-12 19:09 - 2016-05-14 16:41 - 00175616 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2017-02-12 19:09 - 2016-03-18 18:10 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2017-02-12 19:09 - 2016-02-06 03:12 - 00783872 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2017-02-12 19:09 - 2016-02-06 03:11 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2017-02-12 18:08 - 2017-02-07 15:40 - 00328208 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2017-02-07 15:41 - 2017-02-12 18:09 - 00000342 ____H C:\windows\Tasks\Avast Emergency Update.job
2017-02-07 07:31 - 2017-02-07 07:31 - 00000000 ____D C:\Program Files\CCleaner
2017-02-07 07:24 - 2017-02-07 07:24 - 00000000 ____D C:\Program Files\Defraggler
2017-02-05 18:08 - 2017-02-21 21:43 - 00000000 ____D C:\Program Files\Rail Works 2
2017-02-05 15:33 - 2017-02-17 19:03 - 00000000 ____D C:\Program Files\Rainbow Six 3 Raven Shield
2017-02-04 21:15 - 2017-02-16 23:32 - 00000000 ____D C:\Users\Marián\FIFA.14.Multi13-RU.Repack.by.z10yded
2017-02-04 20:14 - 2017-02-04 20:36 - 00000000 _____ C:\Users\Marián\AppData\Roaming\FileOut.cns
2017-02-04 20:14 - 2017-02-04 20:36 - 00000000 _____ C:\Users\Marián\AppData\Roaming\FileIn.cns
2017-02-04 17:29 - 2017-02-04 17:29 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F1 1976 LE v1.1
2017-02-04 15:30 - 2017-02-04 15:30 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F1 IMT 2013 FINAL
2017-02-04 10:21 - 2004-02-13 11:57 - 30536118 _____ C:\windows\RVS_1.0_1.54_UK.RTP
2017-02-04 10:00 - 2004-03-16 10:56 - 32791587 _____ C:\windows\RVS_1.0_1.56_UK.RTP
2017-02-04 07:52 - 2017-02-22 16:12 - 02447880 _____ C:\windows\system32\FNTCACHE.DAT
2017-02-03 21:05 - 2017-02-03 21:11 - 00001490 _____ C:\Users\Marián\Desktop\rFactor.lnk
2017-02-03 20:31 - 2017-02-03 20:31 - 00001944 _____ C:\Users\Marián\Desktop\Rise of Nations Extended Edition.lnk
2017-02-03 20:26 - 2017-02-03 22:07 - 00000000 ____D C:\Program Files\Rise of Nations Extended Edition
2017-02-03 20:11 - 2017-02-12 23:30 - 00156968 _____ C:\Users\Marián\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-02 20:21 - 2017-02-02 20:21 - 00000734 _____ C:\Users\Marián\Desktop\fifa13.exe - odkaz.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-24 14:03 - 2006-11-02 12:18 - 00000000 ____D C:\windows\inf
2017-02-24 13:24 - 2016-01-14 11:05 - 00068072 _____ (Absolute Software Corp.) C:\windows\system32\agremove.exe
2017-02-24 12:49 - 2006-11-02 13:58 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-02-24 12:45 - 2006-11-02 13:58 - 00032570 _____ C:\windows\Tasks\SCHEDLGU.TXT
2017-02-24 12:44 - 2006-11-02 12:18 - 00000000 ___HD C:\windows\system32\GroupPolicy
2017-02-24 11:28 - 2014-01-11 09:06 - 00000000 ____D C:\Users\Marián\AppData\Roaming\vlc
2017-02-24 05:56 - 2006-11-02 12:18 - 00000000 ____D C:\windows\rescache
2017-02-23 22:18 - 2015-09-19 23:29 - 00170200 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-23 22:18 - 2013-11-29 11:46 - 00000000 ____D C:\Games
2017-02-23 22:18 - 2013-11-29 11:19 - 00000000 ___RD C:\Users\Marián
2017-02-23 20:46 - 2015-02-21 17:22 - 00000000 ____D C:\Users\Marián\utilitky
2017-02-23 20:40 - 2006-11-02 12:18 - 00000000 ___SD C:\windows\Downloaded Program Files
2017-02-23 20:40 - 2006-11-02 12:18 - 00000000 ___RD C:\windows\Offline Web Pages
2017-02-23 20:40 - 2006-11-02 12:18 - 00000000 ____D C:\windows\PolicyDefinitions
2017-02-22 20:35 - 2006-11-02 13:45 - 00003344 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-22 20:35 - 2006-11-02 13:45 - 00003344 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-22 19:35 - 2014-12-25 10:58 - 00000326 _____ C:\windows\Tasks\HPCeeScheduleForMarián.job
2017-02-22 19:35 - 2014-06-02 08:23 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2017-02-22 19:35 - 2006-11-02 12:18 - 00000000 ____D C:\windows\registration
2017-02-22 17:39 - 2016-10-21 16:58 - 00000000 ____D C:\Program Files\Analog Devices
2017-02-22 16:40 - 2008-04-17 12:30 - 00753306 _____ C:\windows\system32\PerfStringBackup.INI
2017-02-22 12:52 - 2014-02-21 20:47 - 00007944 _____ C:\Users\Marián\AppData\Local\d3d9caps.dat
2017-02-22 12:14 - 2013-11-29 11:39 - 00000000 ____D C:\Users\Marián\AppData\Roaming\uTorrent
2017-02-21 21:35 - 2016-05-18 00:40 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2017-02-20 23:30 - 2017-01-09 20:21 - 00000000 ____D C:\Program Files\IL-2 Sturmovik 1946
2017-02-20 13:28 - 2015-11-23 00:29 - 00000000 ___RD C:\Users\Marián\Downloads\2015 Songs
2017-02-19 23:20 - 2016-07-12 21:34 - 00000000 ____D C:\Program Files\GTR2
2017-02-19 08:57 - 2015-11-24 21:52 - 00000000 ____D C:\Program Files\Ubisoft
2017-02-19 00:26 - 2017-01-10 13:18 - 00000000 ____D C:\Program Files\Wings Over Europe
2017-02-16 22:59 - 2016-12-17 20:43 - 00000000 ____D C:\Users\Marián\AppData\Local\Forgotten_Hope
2017-02-16 07:55 - 2016-04-08 11:24 - 00000113 _____ C:\Users\Marián\moje citaty.txt
2017-02-13 12:52 - 2013-11-29 11:29 - 00000000 ____D C:\Users\Marián\AppData\Roaming\HPQLOG
2017-02-13 11:43 - 2013-12-24 11:21 - 00000012 _____ C:\windows\bthservsdp.dat
2017-02-13 10:50 - 2013-12-27 13:41 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2017-02-13 10:50 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-12 22:46 - 2008-08-06 04:26 - 00000000 ____D C:\Program Files\Java
2017-02-12 22:32 - 2014-06-01 13:28 - 00000000 ____D C:\Program Files\OpenOffice 4
2017-02-12 18:10 - 2016-08-28 18:57 - 00000500 _____ C:\windows\Tasks\SafeZone scheduled Autoupdate 1472407029.job
2017-02-12 18:10 - 2016-08-28 18:55 - 00001795 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-02-12 18:09 - 2016-08-28 18:54 - 00277176 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys
2017-02-12 18:04 - 2006-11-02 12:18 - 00000000 ____D C:\windows\system32\Msdtc
2017-02-12 17:58 - 2006-11-02 11:22 - 79953920 _____ C:\windows\system32\config\software_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 53293056 _____ C:\windows\system32\config\components_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 31195136 _____ C:\windows\system32\config\system_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 06291456 _____ C:\windows\system32\config\default_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 00061440 _____ C:\windows\system32\config\sam_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 00040960 _____ C:\windows\system32\config\security_previous
2017-02-12 17:57 - 2016-11-11 22:14 - 00000000 ____D C:\Users\Mari�n\Documents\FIFA 13
2017-02-12 17:57 - 2014-01-12 10:19 - 00000000 ____D C:\Users\Marián\AppData\Local\Nero
2017-02-12 17:57 - 2013-11-29 21:38 - 00000000 ____D C:\Users\Marián\AppData\Local\Microsoft Help
2017-02-12 16:52 - 2015-10-03 09:07 - 00000000 ____D C:\Users\Mari�n
2017-02-12 16:51 - 2016-05-04 20:51 - 00000000 ____D C:\Users\Marián
2017-02-12 16:50 - 2015-02-20 17:53 - 00000000 __SHD C:\Users\Marian
2017-02-10 09:27 - 2008-08-06 04:00 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-02-07 15:40 - 2016-08-28 18:54 - 00463936 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00184208 _____ (AVAST Software) C:\windows\system32\Drivers\aswStmXP.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00106392 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00061128 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00060632 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00034136 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2017-02-07 15:39 - 2016-08-28 18:56 - 00031064 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2017-02-07 15:39 - 2016-08-28 18:54 - 00754664 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2017-02-06 21:48 - 2014-01-07 00:12 - 00000000 ____D C:\Program Files\Steam
2017-02-06 21:13 - 2015-12-28 23:48 - 00000000 ____D C:\Program Files\Common Files\Steam
2017-02-06 10:29 - 2013-11-29 11:46 - 00000000 ___HD C:\windows\msdownld.tmp
2017-02-06 10:29 - 2013-11-29 11:46 - 00000000 ____D C:\windows\system32\directx
2017-02-05 20:14 - 2015-02-24 21:11 - 00000000 ____D C:\Users\Marián\AppData\Local\SKIDROW
2017-02-05 01:22 - 2003-02-04 22:11 - 00012400 _____ (Macrovision Europe Ltd) C:\windows\system32\Drivers\secdrv.sys
2017-02-04 20:59 - 2006-11-02 13:35 - 00000000 ____D C:\Program Files\Microsoft Games
2017-02-04 00:13 - 2016-09-12 22:25 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F1 Seven 1975 IPE v1.2
2017-02-03 21:55 - 2015-01-14 01:40 - 00000000 ____D C:\Users\Marián\Documents\My Games
2017-02-03 20:31 - 2016-02-09 02:40 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft Games
==================== Files in the root of some directories =======
2014-01-03 22:35 - 2016-07-28 00:34 - 0000936 _____ () C:\Users\Marián\AppData\Roaming\del.bat
2017-02-04 20:14 - 2017-02-04 20:36 - 0000000 _____ () C:\Users\Marián\AppData\Roaming\FileIn.cns
2017-02-04 20:14 - 2017-02-04 20:36 - 0000000 _____ () C:\Users\Marián\AppData\Roaming\FileOut.cns
2015-11-29 11:56 - 2015-11-29 11:56 - 0000213 _____ () C:\Users\Marián\AppData\Roaming\MARIANPC.MTBF.txt
2013-11-29 19:55 - 2015-02-17 19:30 - 0000016 _____ () C:\Users\Marián\AppData\Roaming\msregsvv.dll
2014-01-12 15:22 - 2016-12-05 12:59 - 0138904 _____ () C:\Users\Marián\AppData\Roaming\PnkBstrK.sys
2015-04-07 01:32 - 2015-04-07 01:32 - 0000032 _____ () C:\Users\Marián\AppData\Roaming\prio.ini
2015-06-10 09:12 - 2015-06-10 09:12 - 0000004 _____ () C:\Users\Marián\AppData\Roaming\steam_md4.dat
2015-08-18 00:49 - 2015-08-18 00:49 - 0000004 _____ () C:\Users\Marián\AppData\Roaming\steam_md5.dat
2015-05-09 10:23 - 2015-05-28 00:19 - 0000001 _____ () C:\Users\Marián\AppData\Roaming\update.dat
2014-06-02 21:47 - 2015-11-29 13:48 - 0000959 _____ () C:\Users\Marián\AppData\Roaming\__AvidCloudManager.log
2014-06-02 21:47 - 2014-06-03 01:23 - 0000787 _____ () C:\Users\Marián\AppData\Roaming\__AvidCloudManagerPrevious.log
2014-02-21 20:47 - 2017-02-22 12:52 - 0007944 _____ () C:\Users\Marián\AppData\Local\d3d9caps.dat
2013-11-29 11:29 - 2013-11-29 11:29 - 0000000 _____ () C:\Users\Marián\AppData\Local\DSwitch.txt
2015-07-19 10:52 - 2015-07-19 10:52 - 0000094 _____ () C:\Users\Marián\AppData\Local\fusioncache.dat
2015-01-19 15:04 - 2015-01-19 15:04 - 0000000 ___SH () C:\Users\Marián\AppData\Local\LumaEmu
2013-11-29 11:29 - 2013-11-29 11:29 - 0000000 _____ () C:\Users\Marián\AppData\Local\QSwitch.txt
2015-06-22 20:09 - 2015-06-22 20:09 - 0000000 ___SH () C:\ProgramData\.rdata
2013-11-29 19:55 - 2015-02-17 19:30 - 0000016 _____ () C:\ProgramData\autobk.inc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-24 12:56
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2017 01
Ran by Marián (administrator) on MARIANPC (24-02-2017 14:09:22)
Running from C:\Users\Marián\Desktop
Loaded Profiles: Marián (Available Profiles: Marián)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-07] (AVAST Software)
HKU\S-1-5-21-3451414034-3831443019-3995466762-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\PROGRA~1\Techland\Xpand Rally\Data\VideoSettings.scr
AppInit_DLLs: APSHook.dll => C:\windows\system32\APSHook.dll [81680 2008-05-21] (Bioscrypt Inc.)
Lsa: [Notification Packages] scecli ASWLNPkg
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-02-07] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marián\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marián\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marián\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Marián\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
BootExecute: autocheck autochk /r \??\C:autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 80.242.44.85 8.8.8.8
Tcpip\..\Interfaces\{8DF6634D-087B-4509-86ED-60E587AB55D3}: [DhcpNameServer] 217.144.16.196 217.144.16.18
Tcpip\..\Interfaces\{DBF4E7EE-E7D9-4A8A-9B4B-749B9DBE9FD2}: [DhcpNameServer] 80.242.44.85 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKU\S-1-5-21-3451414034-3831443019-3995466762-1004 -> {5AB01ACC-C0EF-4253-B9F0-151E925FCDB8} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-12] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-07] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-12] (Oracle Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-11-30] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-22] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-22] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3451414034-3831443019-3995466762-1004: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default [2017-02-24]
CHR Extension: (Prezentácie Google) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-19]
CHR Extension: (Dokumenty Google) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-19]
CHR Extension: (Disk Google) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-19]
CHR Extension: (YouTube) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-19]
CHR Extension: (Adblock Plus) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-27]
CHR Extension: (Tabuľky Google) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Marián\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 accoca; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [182576 2007-05-16] (ActivIdentity)
S4 ASBroker; c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [111888 2008-05-21] (Bioscrypt Inc.)
S4 ASChannel; c:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [137488 2008-05-21] (Bioscrypt Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5541048 2017-02-13] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-07] (AVAST Software)
S4 EasyAntiCheat; C:\windows\system32\EasyAntiCheat.exe [237352 2015-04-04] (EasyAntiCheat Ltd) [File not signed]
S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-04-15] (Hewlett-Packard) [File not signed]
S4 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [34184 2008-05-14] (Hewlett-Packard Development Company, L.P)
S4 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256512 2008-05-14] (SafeBoot International)
S4 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [77824 2008-05-02] (Hewlett-Packard) [File not signed]
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
S4 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2008-02-28] (Hewlett-Packard) [File not signed]
S4 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [4590968 2012-09-05] (Native Instruments GmbH)
S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2008-02-28] (Hewlett-Packard) [File not signed]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 44BC0E26; C:\windows\System32\drivers\44BC0E26.sys [153784 2017-02-22] (Kaspersky Lab ZAO)
R1 aswbidsdriver; C:\windows\system32\drivers\aswbidsdriverx.sys [257288 2017-02-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\windows\system32\drivers\aswbidshx.sys [148720 2017-02-13] (AVAST Software s.r.o.)
R0 aswblog; C:\windows\system32\drivers\aswblogx.sys [267016 2017-02-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\windows\system32\drivers\aswbunivx.sys [41176 2017-02-13] (AVAST Software s.r.o.)
S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [34136 2017-02-07] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [31064 2017-02-07] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [106392 2017-02-07] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr.sys [60632 2017-02-07] (AVAST Software)
R0 aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [61128 2017-02-07] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [754664 2017-02-07] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [463936 2017-02-07] (AVAST Software)
R3 aswStmXP; C:\windows\system32\drivers\aswStmXP.sys [184208 2017-02-07] (AVAST Software)
S3 aswTap; C:\windows\System32\DRIVERS\aswTap.sys [35144 2014-08-15] (The OpenVPN Project)
R0 aswVmm; C:\windows\system32\drivers\aswVmm.sys [277176 2017-02-12] (AVAST Software)
R2 atksgt; C:\windows\System32\DRIVERS\atksgt.sys [281504 2015-08-22] ()
R2 lirsgt; C:\windows\System32\DRIVERS\lirsgt.sys [25888 2015-08-22] ()
R0x01000000 papycpu2; C:\windows\system32\drivers\papycpu2.sys [2016 2001-04-20] () [File not signed]
S3 PROCEXP152; C:\windows\system32\Drivers\PROCEXP152.SYS [29664 2017-02-22] (Sysinternals - www.sysinternals.com) [File not signed]
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [12496 2008-05-14] (SafeBoot International)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [108752 2008-05-14] () [File not signed]
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51376 2008-05-14] (SafeBoot N.V.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [12928 2008-05-14] (SafeBoot International)
R1 SCDEmu; C:\windows\system32\Drivers\SCDEmu.sys [113104 2012-08-24] (Power Software Ltd)
S4 secdrv; C:\windows\system32\Drivers\secdrv.sys [12400 2017-02-05] (Macrovision Europe Ltd) [File not signed]
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1810992 2009-03-27] ()
R0 sptd; C:\windows\System32\Drivers\sptd.sys [466008 2014-12-21] (Duplex Secure Ltd.)
S3 AmdLLD; system32\DRIVERS\AmdLLD.sys [X]
S0 gvwgxj; System32\drivers\dsgox.sys [X]
S4 IpInIp; system32\DRIVERS\ipinip.sys [X]
S4 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S4 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U5 papyjoy; C:\Windows\System32\Drivers\papyjoy.sys [1888 1998-09-04] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-24 14:04 - 2017-02-24 14:09 - 00014848 _____ C:\Users\Marián\Desktop\FRST.txt
2017-02-23 22:37 - 2017-02-24 14:09 - 00000000 ____D C:\FRST
2017-02-23 22:14 - 2017-02-23 22:14 - 01765376 _____ (Farbar) C:\Users\Marián\Desktop\FRST.exe
2017-02-23 21:30 - 2017-02-24 13:35 - 00000000 ____D C:\AdwCleaner
2017-02-22 21:25 - 2017-02-22 21:25 - 00029664 _____ (Sysinternals - www.sysinternals.com) C:\windows\system32\Drivers\PROCEXP152.SYS
2017-02-22 18:24 - 2017-02-22 18:24 - 00000000 ___HD C:\$AV_ASW
2017-02-22 16:09 - 2016-11-08 16:26 - 02073088 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-02-22 16:02 - 2016-11-02 17:06 - 00306408 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2017-02-22 16:02 - 2016-11-02 16:59 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2017-02-22 15:53 - 2016-09-09 16:15 - 01029120 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2017-02-22 15:53 - 2016-09-09 16:15 - 00219648 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2017-02-22 15:53 - 2016-09-09 16:15 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2017-02-22 15:53 - 2016-09-09 16:15 - 00160768 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2017-02-22 15:53 - 2016-09-09 15:34 - 01172480 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2017-02-22 15:53 - 2016-09-09 15:32 - 00486912 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2017-02-22 15:53 - 2016-09-09 15:23 - 00682496 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2017-02-22 15:53 - 2016-09-09 15:21 - 01073152 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-02-22 15:53 - 2016-09-09 15:21 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-02-22 15:36 - 2016-08-14 16:48 - 00627712 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2017-02-22 12:34 - 2017-02-22 12:34 - 00153784 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\44BC0E26.sys
2017-02-22 11:32 - 2017-02-22 11:32 - 09647696 _____ (Crawler Group ) C:\Users\Marián\Downloads\SpywareTerminatorSetup.exe
2017-02-22 08:08 - 2017-02-22 08:08 - 00000000 ____D C:\Users\Marián\AppData\Local\Hewlett-Packard
2017-02-21 21:41 - 2017-02-21 21:41 - 00000801 _____ C:\Users\Marián\Desktop\RailWorks.exe - odkaz.lnk
2017-02-21 21:36 - 2017-02-21 21:36 - 00000000 ____D C:\windows\system32\AGEIA
2017-02-21 21:36 - 2017-02-21 21:36 - 00000000 ____D C:\Program Files\AGEIA Technologies
2017-02-21 14:52 - 2017-02-21 14:55 - 109189008 _____ (Kaspersky Lab ZAO) C:\Users\Marián\Downloads\KVRT (1).exe
2017-02-19 16:52 - 2017-02-19 16:52 - 00000771 _____ C:\Users\Marián\Desktop\GT Legends.lnk
2017-02-19 16:44 - 2017-02-19 20:33 - 00000000 ____D C:\Program Files\GT Legends
2017-02-18 23:02 - 2017-02-18 23:02 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Strategy First
2017-02-18 17:00 - 2017-02-18 17:00 - 00000079 _____ C:\windows\wininit.ini
2017-02-18 14:22 - 2017-02-18 14:22 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-17 19:04 - 2017-02-17 19:04 - 00000920 _____ C:\Users\Marián\Desktop\fixedstart.bat - odkaz.lnk
2017-02-16 23:36 - 2017-02-16 23:36 - 00000000 ____D C:\Users\Marián\AppData\Local\Setup Integrity Check
2017-02-13 11:46 - 2017-02-22 16:40 - 00031274 _____ C:\windows\system32\perfh01B.dat
2017-02-13 11:46 - 2017-02-22 16:40 - 00012052 _____ C:\windows\system32\perfc01B.dat
2017-02-13 10:47 - 2017-02-13 10:51 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2017-02-13 06:53 - 2017-02-13 06:52 - 00267016 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswblogx.sys
2017-02-13 06:53 - 2017-02-13 06:52 - 00257288 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsdriverx.sys
2017-02-13 06:53 - 2017-02-13 06:52 - 00148720 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidshx.sys
2017-02-13 06:53 - 2017-02-13 06:52 - 00041176 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbunivx.sys
2017-02-12 22:48 - 2017-02-12 22:47 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge6344747.dll
2017-02-12 22:44 - 2017-02-12 22:23 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge6139107.dll
2017-02-12 22:44 - 2017-02-12 22:23 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge6100715.dll
2017-02-12 22:23 - 2017-02-12 22:23 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4868822.dll
2017-02-12 22:20 - 2017-02-12 22:17 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4662776.dll
2017-02-12 22:19 - 2017-02-12 22:17 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4617832.dll
2017-02-12 22:18 - 2017-02-12 22:17 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4544761.dll
2017-02-12 22:12 - 2017-01-22 16:06 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4230918.dll
2017-02-12 22:10 - 2017-01-22 16:06 - 00095808 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge4068880.dll
2017-02-12 19:09 - 2017-01-05 17:57 - 01259008 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-02-12 19:09 - 2016-11-20 15:16 - 00276992 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2017-02-12 19:09 - 2016-11-20 15:07 - 00444136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2017-02-12 19:09 - 2016-10-08 16:51 - 00219136 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-02-12 19:09 - 2016-08-10 16:44 - 00284160 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-02-12 19:09 - 2016-08-10 16:43 - 00206336 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2017-02-12 19:09 - 2016-05-14 16:41 - 00175616 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2017-02-12 19:09 - 2016-03-18 18:10 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2017-02-12 19:09 - 2016-02-06 03:12 - 00783872 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2017-02-12 19:09 - 2016-02-06 03:11 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2017-02-12 18:08 - 2017-02-07 15:40 - 00328208 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2017-02-07 15:41 - 2017-02-12 18:09 - 00000342 ____H C:\windows\Tasks\Avast Emergency Update.job
2017-02-07 07:31 - 2017-02-07 07:31 - 00000000 ____D C:\Program Files\CCleaner
2017-02-07 07:24 - 2017-02-07 07:24 - 00000000 ____D C:\Program Files\Defraggler
2017-02-05 18:08 - 2017-02-21 21:43 - 00000000 ____D C:\Program Files\Rail Works 2
2017-02-05 15:33 - 2017-02-17 19:03 - 00000000 ____D C:\Program Files\Rainbow Six 3 Raven Shield
2017-02-04 21:15 - 2017-02-16 23:32 - 00000000 ____D C:\Users\Marián\FIFA.14.Multi13-RU.Repack.by.z10yded
2017-02-04 20:14 - 2017-02-04 20:36 - 00000000 _____ C:\Users\Marián\AppData\Roaming\FileOut.cns
2017-02-04 20:14 - 2017-02-04 20:36 - 00000000 _____ C:\Users\Marián\AppData\Roaming\FileIn.cns
2017-02-04 17:29 - 2017-02-04 17:29 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F1 1976 LE v1.1
2017-02-04 15:30 - 2017-02-04 15:30 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F1 IMT 2013 FINAL
2017-02-04 10:21 - 2004-02-13 11:57 - 30536118 _____ C:\windows\RVS_1.0_1.54_UK.RTP
2017-02-04 10:00 - 2004-03-16 10:56 - 32791587 _____ C:\windows\RVS_1.0_1.56_UK.RTP
2017-02-04 07:52 - 2017-02-22 16:12 - 02447880 _____ C:\windows\system32\FNTCACHE.DAT
2017-02-03 21:05 - 2017-02-03 21:11 - 00001490 _____ C:\Users\Marián\Desktop\rFactor.lnk
2017-02-03 20:31 - 2017-02-03 20:31 - 00001944 _____ C:\Users\Marián\Desktop\Rise of Nations Extended Edition.lnk
2017-02-03 20:26 - 2017-02-03 22:07 - 00000000 ____D C:\Program Files\Rise of Nations Extended Edition
2017-02-03 20:11 - 2017-02-12 23:30 - 00156968 _____ C:\Users\Marián\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-02 20:21 - 2017-02-02 20:21 - 00000734 _____ C:\Users\Marián\Desktop\fifa13.exe - odkaz.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-24 14:03 - 2006-11-02 12:18 - 00000000 ____D C:\windows\inf
2017-02-24 13:24 - 2016-01-14 11:05 - 00068072 _____ (Absolute Software Corp.) C:\windows\system32\agremove.exe
2017-02-24 12:49 - 2006-11-02 13:58 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-02-24 12:45 - 2006-11-02 13:58 - 00032570 _____ C:\windows\Tasks\SCHEDLGU.TXT
2017-02-24 12:44 - 2006-11-02 12:18 - 00000000 ___HD C:\windows\system32\GroupPolicy
2017-02-24 11:28 - 2014-01-11 09:06 - 00000000 ____D C:\Users\Marián\AppData\Roaming\vlc
2017-02-24 05:56 - 2006-11-02 12:18 - 00000000 ____D C:\windows\rescache
2017-02-23 22:18 - 2015-09-19 23:29 - 00170200 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-23 22:18 - 2013-11-29 11:46 - 00000000 ____D C:\Games
2017-02-23 22:18 - 2013-11-29 11:19 - 00000000 ___RD C:\Users\Marián
2017-02-23 20:46 - 2015-02-21 17:22 - 00000000 ____D C:\Users\Marián\utilitky
2017-02-23 20:40 - 2006-11-02 12:18 - 00000000 ___SD C:\windows\Downloaded Program Files
2017-02-23 20:40 - 2006-11-02 12:18 - 00000000 ___RD C:\windows\Offline Web Pages
2017-02-23 20:40 - 2006-11-02 12:18 - 00000000 ____D C:\windows\PolicyDefinitions
2017-02-22 20:35 - 2006-11-02 13:45 - 00003344 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-22 20:35 - 2006-11-02 13:45 - 00003344 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-22 19:35 - 2014-12-25 10:58 - 00000326 _____ C:\windows\Tasks\HPCeeScheduleForMarián.job
2017-02-22 19:35 - 2014-06-02 08:23 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2017-02-22 19:35 - 2006-11-02 12:18 - 00000000 ____D C:\windows\registration
2017-02-22 17:39 - 2016-10-21 16:58 - 00000000 ____D C:\Program Files\Analog Devices
2017-02-22 16:40 - 2008-04-17 12:30 - 00753306 _____ C:\windows\system32\PerfStringBackup.INI
2017-02-22 12:52 - 2014-02-21 20:47 - 00007944 _____ C:\Users\Marián\AppData\Local\d3d9caps.dat
2017-02-22 12:14 - 2013-11-29 11:39 - 00000000 ____D C:\Users\Marián\AppData\Roaming\uTorrent
2017-02-21 21:35 - 2016-05-18 00:40 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2017-02-20 23:30 - 2017-01-09 20:21 - 00000000 ____D C:\Program Files\IL-2 Sturmovik 1946
2017-02-20 13:28 - 2015-11-23 00:29 - 00000000 ___RD C:\Users\Marián\Downloads\2015 Songs
2017-02-19 23:20 - 2016-07-12 21:34 - 00000000 ____D C:\Program Files\GTR2
2017-02-19 08:57 - 2015-11-24 21:52 - 00000000 ____D C:\Program Files\Ubisoft
2017-02-19 00:26 - 2017-01-10 13:18 - 00000000 ____D C:\Program Files\Wings Over Europe
2017-02-16 22:59 - 2016-12-17 20:43 - 00000000 ____D C:\Users\Marián\AppData\Local\Forgotten_Hope
2017-02-16 07:55 - 2016-04-08 11:24 - 00000113 _____ C:\Users\Marián\moje citaty.txt
2017-02-13 12:52 - 2013-11-29 11:29 - 00000000 ____D C:\Users\Marián\AppData\Roaming\HPQLOG
2017-02-13 11:43 - 2013-12-24 11:21 - 00000012 _____ C:\windows\bthservsdp.dat
2017-02-13 10:50 - 2013-12-27 13:41 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2017-02-13 10:50 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-12 22:46 - 2008-08-06 04:26 - 00000000 ____D C:\Program Files\Java
2017-02-12 22:32 - 2014-06-01 13:28 - 00000000 ____D C:\Program Files\OpenOffice 4
2017-02-12 18:10 - 2016-08-28 18:57 - 00000500 _____ C:\windows\Tasks\SafeZone scheduled Autoupdate 1472407029.job
2017-02-12 18:10 - 2016-08-28 18:55 - 00001795 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-02-12 18:09 - 2016-08-28 18:54 - 00277176 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys
2017-02-12 18:04 - 2006-11-02 12:18 - 00000000 ____D C:\windows\system32\Msdtc
2017-02-12 17:58 - 2006-11-02 11:22 - 79953920 _____ C:\windows\system32\config\software_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 53293056 _____ C:\windows\system32\config\components_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 31195136 _____ C:\windows\system32\config\system_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 06291456 _____ C:\windows\system32\config\default_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 00061440 _____ C:\windows\system32\config\sam_previous
2017-02-12 17:58 - 2006-11-02 11:22 - 00040960 _____ C:\windows\system32\config\security_previous
2017-02-12 17:57 - 2016-11-11 22:14 - 00000000 ____D C:\Users\Mari�n\Documents\FIFA 13
2017-02-12 17:57 - 2014-01-12 10:19 - 00000000 ____D C:\Users\Marián\AppData\Local\Nero
2017-02-12 17:57 - 2013-11-29 21:38 - 00000000 ____D C:\Users\Marián\AppData\Local\Microsoft Help
2017-02-12 16:52 - 2015-10-03 09:07 - 00000000 ____D C:\Users\Mari�n
2017-02-12 16:51 - 2016-05-04 20:51 - 00000000 ____D C:\Users\Marián
2017-02-12 16:50 - 2015-02-20 17:53 - 00000000 __SHD C:\Users\Marian
2017-02-10 09:27 - 2008-08-06 04:00 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-02-07 15:40 - 2016-08-28 18:54 - 00463936 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00184208 _____ (AVAST Software) C:\windows\system32\Drivers\aswStmXP.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00106392 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00061128 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00060632 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr.sys
2017-02-07 15:40 - 2016-08-28 18:54 - 00034136 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2017-02-07 15:39 - 2016-08-28 18:56 - 00031064 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2017-02-07 15:39 - 2016-08-28 18:54 - 00754664 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2017-02-06 21:48 - 2014-01-07 00:12 - 00000000 ____D C:\Program Files\Steam
2017-02-06 21:13 - 2015-12-28 23:48 - 00000000 ____D C:\Program Files\Common Files\Steam
2017-02-06 10:29 - 2013-11-29 11:46 - 00000000 ___HD C:\windows\msdownld.tmp
2017-02-06 10:29 - 2013-11-29 11:46 - 00000000 ____D C:\windows\system32\directx
2017-02-05 20:14 - 2015-02-24 21:11 - 00000000 ____D C:\Users\Marián\AppData\Local\SKIDROW
2017-02-05 01:22 - 2003-02-04 22:11 - 00012400 _____ (Macrovision Europe Ltd) C:\windows\system32\Drivers\secdrv.sys
2017-02-04 20:59 - 2006-11-02 13:35 - 00000000 ____D C:\Program Files\Microsoft Games
2017-02-04 00:13 - 2016-09-12 22:25 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F1 Seven 1975 IPE v1.2
2017-02-03 21:55 - 2015-01-14 01:40 - 00000000 ____D C:\Users\Marián\Documents\My Games
2017-02-03 20:31 - 2016-02-09 02:40 - 00000000 ____D C:\Users\Marián\AppData\Roaming\Microsoft Games
==================== Files in the root of some directories =======
2014-01-03 22:35 - 2016-07-28 00:34 - 0000936 _____ () C:\Users\Marián\AppData\Roaming\del.bat
2017-02-04 20:14 - 2017-02-04 20:36 - 0000000 _____ () C:\Users\Marián\AppData\Roaming\FileIn.cns
2017-02-04 20:14 - 2017-02-04 20:36 - 0000000 _____ () C:\Users\Marián\AppData\Roaming\FileOut.cns
2015-11-29 11:56 - 2015-11-29 11:56 - 0000213 _____ () C:\Users\Marián\AppData\Roaming\MARIANPC.MTBF.txt
2013-11-29 19:55 - 2015-02-17 19:30 - 0000016 _____ () C:\Users\Marián\AppData\Roaming\msregsvv.dll
2014-01-12 15:22 - 2016-12-05 12:59 - 0138904 _____ () C:\Users\Marián\AppData\Roaming\PnkBstrK.sys
2015-04-07 01:32 - 2015-04-07 01:32 - 0000032 _____ () C:\Users\Marián\AppData\Roaming\prio.ini
2015-06-10 09:12 - 2015-06-10 09:12 - 0000004 _____ () C:\Users\Marián\AppData\Roaming\steam_md4.dat
2015-08-18 00:49 - 2015-08-18 00:49 - 0000004 _____ () C:\Users\Marián\AppData\Roaming\steam_md5.dat
2015-05-09 10:23 - 2015-05-28 00:19 - 0000001 _____ () C:\Users\Marián\AppData\Roaming\update.dat
2014-06-02 21:47 - 2015-11-29 13:48 - 0000959 _____ () C:\Users\Marián\AppData\Roaming\__AvidCloudManager.log
2014-06-02 21:47 - 2014-06-03 01:23 - 0000787 _____ () C:\Users\Marián\AppData\Roaming\__AvidCloudManagerPrevious.log
2014-02-21 20:47 - 2017-02-22 12:52 - 0007944 _____ () C:\Users\Marián\AppData\Local\d3d9caps.dat
2013-11-29 11:29 - 2013-11-29 11:29 - 0000000 _____ () C:\Users\Marián\AppData\Local\DSwitch.txt
2015-07-19 10:52 - 2015-07-19 10:52 - 0000094 _____ () C:\Users\Marián\AppData\Local\fusioncache.dat
2015-01-19 15:04 - 2015-01-19 15:04 - 0000000 ___SH () C:\Users\Marián\AppData\Local\LumaEmu
2013-11-29 11:29 - 2013-11-29 11:29 - 0000000 _____ () C:\Users\Marián\AppData\Local\QSwitch.txt
2015-06-22 20:09 - 2015-06-22 20:09 - 0000000 ___SH () C:\ProgramData\.rdata
2013-11-29 19:55 - 2015-02-17 19:30 - 0000016 _____ () C:\ProgramData\autobk.inc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-24 12:56
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím skontrolovať
Měly by být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Mariangello
- Návštěvník
- Příspěvky: 51
- Registrován: 23 úno 2017 20:58
Re: Prosím skontrolovať
Oki, ďakujem Vám že ste si našli čas a pomohli. 
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím skontrolovať
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?