Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015
Ran by jozo (administrator) on JOZO-PC (19-12-2015 09:37:32)
Running from C:\Users\jozo\Desktop
Loaded Profiles: jozo (Available Profiles: UpdatusUser & jozo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Comodo Security Solutions Inc.) C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
(UASSOFT.COM) C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(UASSOFT.COM) C:\Program Files (x86)\Mouse Driver\StartAutorun.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(UASSOFT.COM) C:\Program Files (x86)\Mouse Driver\KMCONFIG.exe
(UASSOFT.COM) C:\Program Files (x86)\Mouse Driver\KMProcess.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ASUS) C:\Windows\AsScrPro.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMGrHlp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-12] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [KMCONFIG] => C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3825232 2014-02-05] (Tonec Inc.)
HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\MountPoints2: {b8568b15-8ac9-11e1-b3b9-14dae9d427f5} - F:\Autorun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [266448 2013-06-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2012-11-16] (Tonec Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C13E6B8D-D1B9-4160-94C4-646B7F508980}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-05-18] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-05-18] (Oracle Corporation)
BHO-x32: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-02] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-02] (Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/SK/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab
FireFox:
========
FF ProfilePath: C:\Users\jozo\AppData\Roaming\Mozilla\Firefox\Profiles\hi8xqg3c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\system32\npDeployJava1.dll [2012-05-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.4.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-05-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-07-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-2166713913-840719987-1516321088-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jozo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-12] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\jozo\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\jozo\AppData\Roaming\IDM\idmmzcc5 [2014-03-30] [not signed]
FF HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\jozo\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR Profile: C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-10]
CHR Extension: (Disk Google) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-12]
CHR Extension: (Google Search) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-23]
CHR Extension: (IE Tab) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2015-11-28]
CHR Extension: (IDM Integration Module) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-04-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-04-14]
CHR Extension: (Gmail) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-02-05]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [70352 2012-12-19] (Comodo Security Solutions Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2505472 2015-10-09] (ESET)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [1851088 2012-11-26] (Comodo Security Solutions, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 KMWDSERVICE; C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe [1821184 2009-08-31] (UASSOFT.COM) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-24] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S1 CFRMD; C:\Windows\SysWOW64\DRIVERS\CFRMD.sys [37976 2012-12-04] (Windows (R) Win 7 DDK provider) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264040 2015-09-23] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2015-09-23] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [142976 2015-10-07] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [206312 2015-09-23] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [52872 2015-09-23] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69840 2015-09-23] (ESET)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203104 2012-09-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 nmwcd; system32\drivers\ccdcmbx64.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbox64.sys [X]
S3 nmwcdnsucx64; system32\drivers\nmwcdnsucx64.sys [X]
S3 nmwcdnsux64; system32\drivers\nmwcdnsux64.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-19 09:37 - 2015-12-19 09:38 - 00018020 _____ C:\Users\jozo\Desktop\FRST.txt
2015-12-19 09:37 - 2015-12-19 09:37 - 00000000 ____D C:\FRST
2015-12-19 09:34 - 2015-12-19 09:34 - 02370048 _____ (Farbar) C:\Users\jozo\Desktop\FRST64.exe
2015-12-17 13:24 - 2015-12-18 12:29 - 00001192 _____ C:\Users\jozo\Desktop\Prevzaté súbory - odkaz.lnk
2015-12-12 11:53 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-12 11:53 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-12 11:52 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-12 11:52 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-12 11:48 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-12 11:48 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-12 11:48 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-12 11:48 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-12 11:48 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-12 11:48 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-12 11:48 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-12 11:48 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-12 11:48 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-12 11:48 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-12 11:48 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-12 11:48 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-12 11:48 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-12 11:48 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-12 11:48 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-12 11:48 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-12 11:48 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-12 11:48 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-12 11:48 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-12 11:48 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-12 11:48 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-12 11:48 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-12 11:48 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-12 11:48 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-12 11:48 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-12 11:48 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-12 11:48 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-12 11:48 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-12 11:48 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-12 11:48 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-12 11:48 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-12 11:48 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-12 11:48 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-12 11:48 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-12 11:48 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-12 11:48 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-12 11:48 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-12 11:48 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-12 11:48 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-12 11:48 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-12 11:48 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-12 11:48 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-12 11:48 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-12 11:48 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-12 11:48 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-12 11:48 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-12 11:48 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-12 11:48 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-12 11:48 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-12 11:48 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-12 11:48 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-12 11:48 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-12 11:48 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-12 11:48 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-12 11:48 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-12 11:48 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-12 11:48 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-12 11:48 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-12 11:48 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-12 11:48 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-12 11:48 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-12 11:48 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-12 11:48 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-12 11:48 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-12 11:48 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-12 11:48 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-12 11:48 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-12 11:48 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-12 11:48 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-12 11:48 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-12 11:48 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-12 11:48 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-12 11:48 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-12 11:48 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-12 11:48 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-12 11:48 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-12 11:48 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-12 11:44 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-12 11:44 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-10 23:16 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-10 23:16 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-10 23:16 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-10 23:16 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-10 23:16 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-10 23:16 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-10 23:16 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-10 23:16 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-10 23:16 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-10 23:16 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-10 23:16 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-10 23:16 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-10 23:16 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-10 23:16 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-10 23:16 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-10 23:16 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-10 23:16 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-11-30 13:54 - 2015-11-30 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-11-30 13:54 - 2015-11-30 13:54 - 00000000 ____D C:\ProgramData\ESET
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-19 09:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-19 09:28 - 2015-02-07 22:21 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-19 09:18 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-19 09:18 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-19 08:59 - 2015-02-07 22:21 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-19 08:59 - 2011-09-14 04:55 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2015-12-19 08:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-18 18:14 - 2013-07-01 21:31 - 00796664 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-18 18:14 - 2009-07-14 06:13 - 00796664 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-18 18:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-18 18:10 - 2015-04-04 09:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 18:10 - 2015-04-04 09:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-18 18:10 - 2012-05-14 17:03 - 00000000 ____D C:\Users\jozo\AppData\Roaming\DMCache
2015-12-18 17:53 - 2014-04-17 19:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-18 17:00 - 2015-07-28 09:40 - 00000000 ____D C:\Users\jozo\Counter-Strike 1.6
2015-12-17 17:59 - 2013-03-11 22:50 - 00000000 ____D C:\Users\jozo\AppData\Roaming\vlc
2015-12-12 18:44 - 2009-07-14 05:45 - 00436024 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-12 14:31 - 2013-03-13 15:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-12 14:31 - 2013-03-13 15:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-12 13:09 - 2013-03-13 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-12 13:05 - 2012-04-20 18:28 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-12 13:04 - 2015-04-04 19:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-12-12 12:52 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2015-12-12 11:50 - 2013-07-24 13:12 - 00000000 ____D C:\Windows\system32\MRT
2015-12-12 11:50 - 2012-04-20 19:37 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 21:50 - 2012-05-26 18:35 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 21:50 - 2012-05-26 18:35 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 21:50 - 2012-05-26 18:35 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-07 18:00 - 2013-07-01 21:35 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-12-07 18:00 - 2013-07-01 21:35 - 00000000 ____D C:\Windows\system32\NV
2015-12-07 18:00 - 2011-09-14 04:41 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-02 13:18 - 2012-04-22 08:05 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-02 08:23 - 2014-04-14 20:53 - 00003932 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 08:23 - 2014-04-14 20:53 - 00003680 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2012-11-07 20:44 - 2013-08-05 11:49 - 0010240 _____ () C:\Users\jozo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-16 11:08 - 2014-03-16 11:08 - 0000092 _____ () C:\Users\jozo\AppData\Local\fusioncache.dat
2012-04-25 12:08 - 2013-06-12 20:17 - 0007602 _____ () C:\Users\jozo\AppData\Local\Resmon.ResmonCfg
2013-06-19 15:50 - 2013-06-19 15:50 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-01 10:21 - 2010-07-07 00:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2011-09-14 05:00 - 2011-09-14 05:01 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-09-14 05:00 - 2011-09-14 05:00 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\UTSCSI.EXE
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-22 08:58
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Poprosim o preventivnu kontrolu PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Poprosim o preventivnu kontrolu PC
Zdravim 
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Poprosim o preventivnu kontrolu PC
# AdwCleaner v5.025 - Logfile created 19/12/2015 at 22:11:08
# Updated 13/12/2015 by Xplode
# Database : 2015-12-13.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : jozo - JOZO-PC
# Running from : C:\Users\jozo\Desktop\adwcleaner_5.025.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
[-] File Deleted : C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_dayz.en.softonic.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
***** [ Web browsers ] *****
[-] [C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : dayz.en.softonic.com
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1128 bytes] ##########
# Updated 13/12/2015 by Xplode
# Database : 2015-12-13.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : jozo - JOZO-PC
# Running from : C:\Users\jozo\Desktop\adwcleaner_5.025.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
[-] File Deleted : C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_dayz.en.softonic.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
***** [ Web browsers ] *****
[-] [C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : dayz.en.softonic.com
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1128 bytes] ##########
Re: Poprosim o preventivnu kontrolu PC
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Poprosim o preventivnu kontrolu PC
Malwarebytes Anti-Malware
www.malwarebytes.org
Dátum kontroly: 20. 12. 2015
Čas kontroly: 13:15
Protokol: vysledky.txt
Správca: Áno
Verzia: 2.2.0.1024
Dazabáza malware: v2015.12.20.03
Databáza rootkitov: v2015.12.18.01
Licencia: Skúšobná verzia
Ochrana pred škodlivým softvérom: Zapnuté
Ochrana pred škodlivými webstránkami: Zapnuté
Vlastná ochrana: Vypnuté
OS: Windows 7 Service Pack 1
CPU: x64
Súborový systém: NTFS
Používateľ: jozo
Typ kontroly: Kontrola hrozieb
Výsledok: Dokončená
Skontrolovaných objektov: 391614
Uplynulý čas: 35 min, 57 s
Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Vypnuté
Heuristika: Zapnuté
PUP: Upozorniť
PUM: Zapnuté
Procesy: 0
(Žiadne škodlivé položky neboli zistené)
Moduly: 0
(Žiadne škodlivé položky neboli zistené)
Kľúče databázy Registry: 4
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, , [f65d77303a514ee8b88f3dc840c4a15f],
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, , [97bcf0b73f4c59ddac9bce373bc9ab55],
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{79F93477-7090-41CA-9822-257806169D6D}, , [cf845255e6a5082e48e42bda3aca8c74],
PUP.Optional.PCSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [4b0854536229d95d8401812ffa0916ea],
Hodnoty databázy Registry: 1
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{79F93477-7090-41CA-9822-257806169D6D}|AppPath, C:\PROGRA~2\MUSICT~1\Datamngr\SRTOOL~1\IE, , [cf845255e6a5082e48e42bda3aca8c74]
Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Priečinky: 0
(Žiadne škodlivé položky neboli zistené)
Súbory: 3
Trojan.BitCoinMiner, C:\Users\jozo\AppData\Roaming\Microsoft\Network\new.zip, , [d47f2d7a4e3d79bdb57fba70ea172fd1],
PUP.Optional.OpenCandy, C:\Users\jozo\AppData\Roaming\PowerISO\Upgrade\PowerISO6.exe, , [252e1f88b4d772c416ad78275da7ed13],
PUP.Optional.SweetIM, C:\Windows\Installer\1ec55c.msi, , [b49f990e0f7c52e4aefac6d9c440de22],
Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)
(end)
www.malwarebytes.org
Dátum kontroly: 20. 12. 2015
Čas kontroly: 13:15
Protokol: vysledky.txt
Správca: Áno
Verzia: 2.2.0.1024
Dazabáza malware: v2015.12.20.03
Databáza rootkitov: v2015.12.18.01
Licencia: Skúšobná verzia
Ochrana pred škodlivým softvérom: Zapnuté
Ochrana pred škodlivými webstránkami: Zapnuté
Vlastná ochrana: Vypnuté
OS: Windows 7 Service Pack 1
CPU: x64
Súborový systém: NTFS
Používateľ: jozo
Typ kontroly: Kontrola hrozieb
Výsledok: Dokončená
Skontrolovaných objektov: 391614
Uplynulý čas: 35 min, 57 s
Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Vypnuté
Heuristika: Zapnuté
PUP: Upozorniť
PUM: Zapnuté
Procesy: 0
(Žiadne škodlivé položky neboli zistené)
Moduly: 0
(Žiadne škodlivé položky neboli zistené)
Kľúče databázy Registry: 4
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, , [f65d77303a514ee8b88f3dc840c4a15f],
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, , [97bcf0b73f4c59ddac9bce373bc9ab55],
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{79F93477-7090-41CA-9822-257806169D6D}, , [cf845255e6a5082e48e42bda3aca8c74],
PUP.Optional.PCSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [4b0854536229d95d8401812ffa0916ea],
Hodnoty databázy Registry: 1
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{79F93477-7090-41CA-9822-257806169D6D}|AppPath, C:\PROGRA~2\MUSICT~1\Datamngr\SRTOOL~1\IE, , [cf845255e6a5082e48e42bda3aca8c74]
Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Priečinky: 0
(Žiadne škodlivé položky neboli zistené)
Súbory: 3
Trojan.BitCoinMiner, C:\Users\jozo\AppData\Roaming\Microsoft\Network\new.zip, , [d47f2d7a4e3d79bdb57fba70ea172fd1],
PUP.Optional.OpenCandy, C:\Users\jozo\AppData\Roaming\PowerISO\Upgrade\PowerISO6.exe, , [252e1f88b4d772c416ad78275da7ed13],
PUP.Optional.SweetIM, C:\Windows\Installer\1ec55c.msi, , [b49f990e0f7c52e4aefac6d9c440de22],
Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)
(end)
Re: Poprosim o preventivnu kontrolu PC
Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Ale tentokrat se spravnym nastavenim!!! Tohle byl jen sken hrozeb, ten nekontroluje cely pocitac. Ja chtel vlastni sken vsech disku. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Poprosim o preventivnu kontrolu PC
Malwarebytes Anti-Malware
www.malwarebytes.org
Dátum kontroly: 23. 12. 2015
Čas kontroly: 8:33
Protokol: vysledok.txt
Správca: Áno
Verzia: 2.2.0.1024
Dazabáza malware: v2015.12.23.01
Databáza rootkitov: v2015.12.18.01
Licencia: Skúšobná verzia
Ochrana pred škodlivým softvérom: Zapnuté
Ochrana pred škodlivými webstránkami: Zapnuté
Vlastná ochrana: Vypnuté
OS: Windows 7 Service Pack 1
CPU: x64
Súborový systém: NTFS
Používateľ: jozo
Typ kontroly: Vlastná kontrola
Výsledok: Dokončená
Skontrolovaných objektov: 643359
Uplynulý čas: 5 hod, 1 min 1 s
Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Zapnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté
Procesy: 0
(Žiadne škodlivé položky neboli zistené)
Moduly: 0
(Žiadne škodlivé položky neboli zistené)
Kľúče databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Priečinky: 0
(Žiadne škodlivé položky neboli zistené)
Súbory: 3
HackTool.Agent, C:\Program Files (x86)\Internet Download Manager\1\IDM.v6.xx.release.3-patch.exe, , [e697c8e0632895a17be31de91be512ee],
RiskWare.FilePatcher, C:\Program Files (x86)\Internet Download Manager\2\Jamu v2.exe, , [0b729216701b0630ab68e58c837e639d],
PUP.Optional.IntroKeygen, C:\Program Files\Yamicsoft\Windows 7 Manager\CORE10k.EXE, , [93ea6d3b5d2e0234bdefee83d430f20e],
Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)
(end)
www.malwarebytes.org
Dátum kontroly: 23. 12. 2015
Čas kontroly: 8:33
Protokol: vysledok.txt
Správca: Áno
Verzia: 2.2.0.1024
Dazabáza malware: v2015.12.23.01
Databáza rootkitov: v2015.12.18.01
Licencia: Skúšobná verzia
Ochrana pred škodlivým softvérom: Zapnuté
Ochrana pred škodlivými webstránkami: Zapnuté
Vlastná ochrana: Vypnuté
OS: Windows 7 Service Pack 1
CPU: x64
Súborový systém: NTFS
Používateľ: jozo
Typ kontroly: Vlastná kontrola
Výsledok: Dokončená
Skontrolovaných objektov: 643359
Uplynulý čas: 5 hod, 1 min 1 s
Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Zapnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté
Procesy: 0
(Žiadne škodlivé položky neboli zistené)
Moduly: 0
(Žiadne škodlivé položky neboli zistené)
Kľúče databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Priečinky: 0
(Žiadne škodlivé položky neboli zistené)
Súbory: 3
HackTool.Agent, C:\Program Files (x86)\Internet Download Manager\1\IDM.v6.xx.release.3-patch.exe, , [e697c8e0632895a17be31de91be512ee],
RiskWare.FilePatcher, C:\Program Files (x86)\Internet Download Manager\2\Jamu v2.exe, , [0b729216701b0630ab68e58c837e639d],
PUP.Optional.IntroKeygen, C:\Program Files\Yamicsoft\Windows 7 Manager\CORE10k.EXE, , [93ea6d3b5d2e0234bdefee83d430f20e],
Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)
(end)
Re: Poprosim o preventivnu kontrolu PC
Nalezy nechte odstranit, pak MBAM odinstalujte. Dejte nove logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Poprosim o preventivnu kontrolu PC
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-12-2015
Ran by jozo (administrator) on JOZO-PC (24-12-2015 00:17:06)
Running from C:\Users\jozo\Desktop
Loaded Profiles: jozo (Available Profiles: UpdatusUser & jozo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Comodo Security Solutions Inc.) C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
(UASSOFT.COM) C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(UASSOFT.COM) C:\Program Files (x86)\Mouse Driver\StartAutorun.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(UASSOFT.COM) C:\Program Files (x86)\Mouse Driver\KMCONFIG.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(UASSOFT.COM) C:\Program Files (x86)\Mouse Driver\KMProcess.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMGrHlp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-12] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [KMCONFIG] => C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3825232 2014-02-05] (Tonec Inc.)
HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\MountPoints2: {b8568b15-8ac9-11e1-b3b9-14dae9d427f5} - F:\Autorun.exe
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2012-11-16] (Tonec Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C13E6B8D-D1B9-4160-94C4-646B7F508980}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-05-18] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-05-18] (Oracle Corporation)
BHO-x32: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-02] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-02] (Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/SK/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab
FireFox:
========
FF ProfilePath: C:\Users\jozo\AppData\Roaming\Mozilla\Firefox\Profiles\hi8xqg3c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\system32\npDeployJava1.dll [2012-05-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.4.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-05-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-07-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-2166713913-840719987-1516321088-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jozo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-12] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\jozo\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\jozo\AppData\Roaming\IDM\idmmzcc5 [2014-03-30] [not signed]
FF HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\jozo\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR Profile: C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-10]
CHR Extension: (Disk Google) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-12]
CHR Extension: (Google Search) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-23]
CHR Extension: (IE Tab) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2015-11-28]
CHR Extension: (IDM Integration Module) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-04-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-04-14]
CHR Extension: (Gmail) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-02-05]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [70352 2012-12-19] (Comodo Security Solutions Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2522616 2015-12-19] (ESET)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [1851088 2012-11-26] (Comodo Security Solutions, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 KMWDSERVICE; C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe [1821184 2009-08-31] (UASSOFT.COM) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-24] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S1 CFRMD; C:\Windows\SysWOW64\DRIVERS\CFRMD.sys [37976 2012-12-04] (Windows (R) Win 7 DDK provider) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263528 2015-12-19] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2015-12-19] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [142976 2015-12-19] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [206312 2015-12-19] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [52872 2015-12-19] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69840 2015-12-19] (ESET)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203104 2012-09-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 nmwcd; system32\drivers\ccdcmbx64.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbox64.sys [X]
S3 nmwcdnsucx64; system32\drivers\nmwcdnsucx64.sys [X]
S3 nmwcdnsux64; system32\drivers\nmwcdnsux64.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-24 00:17 - 2015-12-24 00:17 - 00017767 _____ C:\Users\jozo\Desktop\FRST.txt
2015-12-24 00:16 - 2015-12-24 00:16 - 00000000 ____D C:\Users\jozo\Desktop\FRST-OlderVersion
2015-12-23 13:38 - 2015-12-23 13:38 - 00001591 _____ C:\Users\jozo\Desktop\vysledok.txt
2015-12-22 22:35 - 2015-12-22 22:58 - 2823378504 _____ C:\Users\jozo\Downloads\mi3.mkv
2015-12-20 13:13 - 2015-12-20 13:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-12-20 13:11 - 2015-12-20 13:11 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\jozo\Desktop\mbam-setup-1.75.0.1300.exe
2015-12-19 22:06 - 2015-12-19 22:06 - 01740288 _____ C:\Users\jozo\Desktop\adwcleaner_5.025.exe
2015-12-19 09:37 - 2015-12-24 00:17 - 00000000 ____D C:\FRST
2015-12-19 09:34 - 2015-12-24 00:16 - 02370560 _____ (Farbar) C:\Users\jozo\Desktop\FRST64.exe
2015-12-17 13:24 - 2015-12-18 12:29 - 00001192 _____ C:\Users\jozo\Desktop\Prevzaté súbory - odkaz.lnk
2015-12-12 11:53 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-12 11:53 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-12 11:52 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-12 11:52 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-12 11:48 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-12 11:48 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-12 11:48 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-12 11:48 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-12 11:48 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-12 11:48 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-12 11:48 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-12 11:48 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-12 11:48 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-12 11:48 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-12 11:48 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-12 11:48 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-12 11:48 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-12 11:48 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-12 11:48 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-12 11:48 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-12 11:48 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-12 11:48 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-12 11:48 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-12 11:48 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-12 11:48 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-12 11:48 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-12 11:48 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-12 11:48 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-12 11:48 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-12 11:48 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-12 11:48 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-12 11:48 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-12 11:48 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-12 11:48 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-12 11:48 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-12 11:48 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-12 11:48 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-12 11:48 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-12 11:48 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-12 11:48 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-12 11:48 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-12 11:48 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-12 11:48 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-12 11:48 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-12 11:48 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-12 11:48 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-12 11:48 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-12 11:48 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-12 11:48 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-12 11:48 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-12 11:48 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-12 11:48 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-12 11:48 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-12 11:48 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-12 11:48 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-12 11:48 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-12 11:48 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-12 11:48 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-12 11:48 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-12 11:48 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-12 11:48 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-12 11:48 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-12 11:48 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-12 11:48 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-12 11:48 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-12 11:48 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-12 11:48 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-12 11:48 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-12 11:48 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-12 11:48 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-12 11:48 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-12 11:48 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-12 11:48 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-12 11:48 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-12 11:48 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-12 11:48 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-12 11:48 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-12 11:48 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-12 11:48 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-12 11:48 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-12 11:48 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-12 11:44 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-12 11:44 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-10 23:16 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-10 23:16 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-10 23:16 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-10 23:16 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-10 23:16 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-10 23:16 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-10 23:16 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-10 23:16 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-10 23:16 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-10 23:16 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-10 23:16 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-10 23:16 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-10 23:16 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-10 23:16 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-10 23:16 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-10 23:16 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-10 23:16 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-11-30 13:54 - 2015-11-30 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-11-30 13:54 - 2015-11-30 13:54 - 00000000 ____D C:\ProgramData\ESET
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-23 23:50 - 2014-04-17 19:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-23 23:50 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-23 23:50 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-23 23:35 - 2015-02-07 22:21 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-23 23:35 - 2011-09-14 04:55 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2015-12-23 23:34 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-23 18:38 - 2012-05-14 17:03 - 00000000 ____D C:\Users\jozo\AppData\Roaming\DMCache
2015-12-23 18:28 - 2015-02-07 22:21 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-23 08:34 - 2009-07-14 06:13 - 00812354 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-23 08:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-20 13:14 - 2013-02-26 23:36 - 00000000 ____D C:\Users\jozo\AppData\Roaming\Malwarebytes
2015-12-20 13:14 - 2013-02-26 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-20 10:05 - 2015-07-28 09:40 - 00000000 ____D C:\Users\jozo\Counter-Strike 1.6
2015-12-19 22:11 - 2015-01-06 19:55 - 00000000 ____D C:\AdwCleaner
2015-12-19 17:33 - 2015-10-07 06:16 - 00142976 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2015-12-19 17:33 - 2015-09-23 09:30 - 00263528 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2015-12-19 17:33 - 2015-09-23 09:30 - 00206312 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2015-12-19 17:33 - 2015-09-23 09:30 - 00186784 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2015-12-19 17:33 - 2015-09-23 09:30 - 00069840 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2015-12-19 17:33 - 2015-07-14 14:29 - 00052872 _____ (ESET) C:\Windows\system32\Drivers\EpfwLWF.sys
2015-12-19 09:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-18 18:14 - 2013-07-01 21:31 - 00796664 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-18 18:10 - 2015-04-04 09:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 18:10 - 2015-04-04 09:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-17 17:59 - 2013-03-11 22:50 - 00000000 ____D C:\Users\jozo\AppData\Roaming\vlc
2015-12-12 18:44 - 2009-07-14 05:45 - 00436024 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-12 14:31 - 2013-03-13 15:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-12 14:31 - 2013-03-13 15:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-12 13:09 - 2013-03-13 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-12 13:05 - 2012-04-20 18:28 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-12 13:04 - 2015-04-04 19:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-12-12 12:52 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2015-12-12 11:50 - 2013-07-24 13:12 - 00000000 ____D C:\Windows\system32\MRT
2015-12-12 11:50 - 2012-04-20 19:37 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 21:50 - 2012-05-26 18:35 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 21:50 - 2012-05-26 18:35 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 21:50 - 2012-05-26 18:35 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-07 18:00 - 2013-07-01 21:35 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-12-07 18:00 - 2013-07-01 21:35 - 00000000 ____D C:\Windows\system32\NV
2015-12-07 18:00 - 2011-09-14 04:41 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-02 13:18 - 2012-04-22 08:05 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-02 08:23 - 2014-04-14 20:53 - 00003932 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 08:23 - 2014-04-14 20:53 - 00003680 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2012-11-07 20:44 - 2013-08-05 11:49 - 0010240 _____ () C:\Users\jozo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-16 11:08 - 2014-03-16 11:08 - 0000092 _____ () C:\Users\jozo\AppData\Local\fusioncache.dat
2012-04-25 12:08 - 2013-06-12 20:17 - 0007602 _____ () C:\Users\jozo\AppData\Local\Resmon.ResmonCfg
2013-06-19 15:50 - 2013-06-19 15:50 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-01 10:21 - 2010-07-07 00:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2011-09-14 05:00 - 2011-09-14 05:01 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-09-14 05:00 - 2011-09-14 05:00 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some files in TEMP:
====================
C:\Users\jozo\AppData\Local\Temp\sqlite3.dll
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\UTSCSI.EXE
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-22 08:58
==================== End of FRST.txt ============================
Ran by jozo (administrator) on JOZO-PC (24-12-2015 00:17:06)
Running from C:\Users\jozo\Desktop
Loaded Profiles: jozo (Available Profiles: UpdatusUser & jozo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Comodo Security Solutions Inc.) C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
(UASSOFT.COM) C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(UASSOFT.COM) C:\Program Files (x86)\Mouse Driver\StartAutorun.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(UASSOFT.COM) C:\Program Files (x86)\Mouse Driver\KMCONFIG.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(UASSOFT.COM) C:\Program Files (x86)\Mouse Driver\KMProcess.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMGrHlp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-12] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [KMCONFIG] => C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3825232 2014-02-05] (Tonec Inc.)
HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\MountPoints2: {b8568b15-8ac9-11e1-b3b9-14dae9d427f5} - F:\Autorun.exe
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll [2010-09-02] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2012-11-16] (Tonec Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C13E6B8D-D1B9-4160-94C4-646B7F508980}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-05-18] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-05-18] (Oracle Corporation)
BHO-x32: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-02] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-02] (Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/SK/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab
FireFox:
========
FF ProfilePath: C:\Users\jozo\AppData\Roaming\Mozilla\Firefox\Profiles\hi8xqg3c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\system32\npDeployJava1.dll [2012-05-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.4.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-05-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-07-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-2166713913-840719987-1516321088-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jozo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-12] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\jozo\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\jozo\AppData\Roaming\IDM\idmmzcc5 [2014-03-30] [not signed]
FF HKU\S-1-5-21-2166713913-840719987-1516321088-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\jozo\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR Profile: C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-10]
CHR Extension: (Disk Google) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-12]
CHR Extension: (Google Search) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-23]
CHR Extension: (IE Tab) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2015-11-28]
CHR Extension: (IDM Integration Module) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-04-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-04-14]
CHR Extension: (Gmail) - C:\Users\jozo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-02-05]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe [70352 2012-12-19] (Comodo Security Solutions Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2522616 2015-12-19] (ESET)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe [1851088 2012-11-26] (Comodo Security Solutions, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 KMWDSERVICE; C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe [1821184 2009-08-31] (UASSOFT.COM) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-24] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S1 CFRMD; C:\Windows\SysWOW64\DRIVERS\CFRMD.sys [37976 2012-12-04] (Windows (R) Win 7 DDK provider) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263528 2015-12-19] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [186784 2015-12-19] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [142976 2015-12-19] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [206312 2015-12-19] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [52872 2015-12-19] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69840 2015-12-19] (ESET)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203104 2012-09-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 nmwcd; system32\drivers\ccdcmbx64.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbox64.sys [X]
S3 nmwcdnsucx64; system32\drivers\nmwcdnsucx64.sys [X]
S3 nmwcdnsux64; system32\drivers\nmwcdnsux64.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-24 00:17 - 2015-12-24 00:17 - 00017767 _____ C:\Users\jozo\Desktop\FRST.txt
2015-12-24 00:16 - 2015-12-24 00:16 - 00000000 ____D C:\Users\jozo\Desktop\FRST-OlderVersion
2015-12-23 13:38 - 2015-12-23 13:38 - 00001591 _____ C:\Users\jozo\Desktop\vysledok.txt
2015-12-22 22:35 - 2015-12-22 22:58 - 2823378504 _____ C:\Users\jozo\Downloads\mi3.mkv
2015-12-20 13:13 - 2015-12-20 13:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-12-20 13:11 - 2015-12-20 13:11 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\jozo\Desktop\mbam-setup-1.75.0.1300.exe
2015-12-19 22:06 - 2015-12-19 22:06 - 01740288 _____ C:\Users\jozo\Desktop\adwcleaner_5.025.exe
2015-12-19 09:37 - 2015-12-24 00:17 - 00000000 ____D C:\FRST
2015-12-19 09:34 - 2015-12-24 00:16 - 02370560 _____ (Farbar) C:\Users\jozo\Desktop\FRST64.exe
2015-12-17 13:24 - 2015-12-18 12:29 - 00001192 _____ C:\Users\jozo\Desktop\Prevzaté súbory - odkaz.lnk
2015-12-12 11:53 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-12 11:53 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-12 11:52 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-12 11:52 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-12 11:48 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-12 11:48 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-12 11:48 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-12 11:48 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-12 11:48 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-12 11:48 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-12 11:48 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-12 11:48 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-12 11:48 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-12 11:48 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-12 11:48 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-12 11:48 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-12 11:48 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-12 11:48 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-12 11:48 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-12 11:48 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-12 11:48 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-12 11:48 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-12 11:48 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-12 11:48 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-12 11:48 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-12 11:48 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-12 11:48 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-12 11:48 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-12 11:48 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-12 11:48 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-12 11:48 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-12 11:48 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-12 11:48 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-12 11:48 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-12 11:48 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-12 11:48 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-12 11:48 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-12 11:48 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-12 11:48 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-12 11:48 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-12 11:48 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-12 11:48 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-12 11:48 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-12 11:48 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-12 11:48 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-12 11:48 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-12 11:48 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-12 11:48 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-12 11:48 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-12 11:48 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-12 11:48 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-12 11:48 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-12 11:48 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-12 11:48 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-12 11:48 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-12 11:48 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-12 11:48 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-12 11:48 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-12 11:48 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-12 11:48 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-12 11:48 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-12 11:48 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-12 11:48 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-12 11:48 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-12 11:48 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-12 11:48 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-12 11:48 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-12 11:48 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-12 11:48 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-12 11:48 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-12 11:48 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-12 11:48 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-12 11:48 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-12 11:48 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-12 11:48 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-12 11:48 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-12 11:48 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-12 11:48 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-12 11:48 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-12 11:48 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-12 11:48 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-12 11:44 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-12 11:44 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-10 23:16 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-10 23:16 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-10 23:16 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-10 23:16 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-10 23:16 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-10 23:16 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-10 23:16 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-10 23:16 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-10 23:16 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-10 23:16 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-10 23:16 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-10 23:16 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-10 23:16 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-10 23:16 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-10 23:16 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-10 23:16 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-10 23:16 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-10 23:16 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-11-30 13:54 - 2015-11-30 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-11-30 13:54 - 2015-11-30 13:54 - 00000000 ____D C:\ProgramData\ESET
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-23 23:50 - 2014-04-17 19:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-23 23:50 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-23 23:50 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-23 23:35 - 2015-02-07 22:21 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-23 23:35 - 2011-09-14 04:55 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2015-12-23 23:34 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-23 18:38 - 2012-05-14 17:03 - 00000000 ____D C:\Users\jozo\AppData\Roaming\DMCache
2015-12-23 18:28 - 2015-02-07 22:21 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-23 08:34 - 2009-07-14 06:13 - 00812354 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-23 08:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-20 13:14 - 2013-02-26 23:36 - 00000000 ____D C:\Users\jozo\AppData\Roaming\Malwarebytes
2015-12-20 13:14 - 2013-02-26 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-20 10:05 - 2015-07-28 09:40 - 00000000 ____D C:\Users\jozo\Counter-Strike 1.6
2015-12-19 22:11 - 2015-01-06 19:55 - 00000000 ____D C:\AdwCleaner
2015-12-19 17:33 - 2015-10-07 06:16 - 00142976 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2015-12-19 17:33 - 2015-09-23 09:30 - 00263528 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2015-12-19 17:33 - 2015-09-23 09:30 - 00206312 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2015-12-19 17:33 - 2015-09-23 09:30 - 00186784 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2015-12-19 17:33 - 2015-09-23 09:30 - 00069840 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2015-12-19 17:33 - 2015-07-14 14:29 - 00052872 _____ (ESET) C:\Windows\system32\Drivers\EpfwLWF.sys
2015-12-19 09:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-18 18:14 - 2013-07-01 21:31 - 00796664 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-18 18:10 - 2015-04-04 09:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 18:10 - 2015-04-04 09:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-17 17:59 - 2013-03-11 22:50 - 00000000 ____D C:\Users\jozo\AppData\Roaming\vlc
2015-12-12 18:44 - 2009-07-14 05:45 - 00436024 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-12 14:31 - 2013-03-13 15:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-12 14:31 - 2013-03-13 15:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-12 13:09 - 2013-03-13 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-12 13:05 - 2012-04-20 18:28 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-12 13:04 - 2015-04-04 19:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-12-12 12:52 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2015-12-12 11:50 - 2013-07-24 13:12 - 00000000 ____D C:\Windows\system32\MRT
2015-12-12 11:50 - 2012-04-20 19:37 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 21:50 - 2012-05-26 18:35 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 21:50 - 2012-05-26 18:35 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 21:50 - 2012-05-26 18:35 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-07 18:00 - 2013-07-01 21:35 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-12-07 18:00 - 2013-07-01 21:35 - 00000000 ____D C:\Windows\system32\NV
2015-12-07 18:00 - 2011-09-14 04:41 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-02 13:18 - 2012-04-22 08:05 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-02 08:23 - 2014-04-14 20:53 - 00003932 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 08:23 - 2014-04-14 20:53 - 00003680 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2012-11-07 20:44 - 2013-08-05 11:49 - 0010240 _____ () C:\Users\jozo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-16 11:08 - 2014-03-16 11:08 - 0000092 _____ () C:\Users\jozo\AppData\Local\fusioncache.dat
2012-04-25 12:08 - 2013-06-12 20:17 - 0007602 _____ () C:\Users\jozo\AppData\Local\Resmon.ResmonCfg
2013-06-19 15:50 - 2013-06-19 15:50 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-01 10:21 - 2010-07-07 00:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2011-09-14 05:00 - 2011-09-14 05:01 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-09-14 05:00 - 2011-09-14 05:00 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Some files in TEMP:
====================
C:\Users\jozo\AppData\Local\Temp\sqlite3.dll
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\UTSCSI.EXE
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-22 08:58
==================== End of FRST.txt ============================
Re: Poprosim o preventivnu kontrolu PC
Napiste mi velikost adresare plochy (C:\Users\jozo\Plocha) Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
2015-12-20 13:13 - 2015-12-20 13:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-12-20 13:11 - 2015-12-20 13:11 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\jozo\Desktop\mbam-setup-1.75.0.1300.exe
2015-12-23 23:50 - 2014-04-17 19:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-23 23:35 - 2015-02-07 22:21 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-23 18:28 - 2015-02-07 22:21 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-20 13:14 - 2013-02-26 23:36 - 00000000 ____D C:\Users\jozo\AppData\Roaming\Malwarebytes
2015-12-20 13:14 - 2013-02-26 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Poprosim o preventivnu kontrolu PC
velkost je 3.80 GB
Re: Poprosim o preventivnu kontrolu PC
rivers2 píše:velkost je 3.80 GB
Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Poprosim o preventivnu kontrolu PC
dobre, pokusim sa to zredukovat
Re: Poprosim o preventivnu kontrolu PC
Kde mam fixlog z frst?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Poprosim o preventivnu kontrolu PC
Fix result of Farbar Recovery Scan Tool (x64) Version:23-12-2015
Ran by jozo (2015-12-25 12:10:17) Run:1
Running from C:\Users\jozo\Desktop
Loaded Profiles: jozo (Available Profiles: UpdatusUser & jozo)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
2015-12-20 13:13 - 2015-12-20 13:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-12-20 13:11 - 2015-12-20 13:11 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\jozo\Desktop\mbam-setup-1.75.0.1300.exe
2015-12-23 23:50 - 2014-04-17 19:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-23 23:35 - 2015-02-07 22:21 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-23 18:28 - 2015-02-07 22:21 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-20 13:14 - 2013-02-26 23:36 - 00000000 ____D C:\Users\jozo\AppData\Roaming\Malwarebytes
2015-12-20 13:14 - 2013-02-26 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Error: (0) Failed to create a restore point.
MBAMSwissArmy => service removed successfully
C:\Program Files (x86)\Malwarebytes' Anti-Malware => moved successfully
C:\Users\jozo\Desktop\mbam-setup-1.75.0.1300.exe => moved successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Users\jozo\AppData\Roaming\Malwarebytes => moved successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 958.9 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 12:10:57 ====
Ran by jozo (2015-12-25 12:10:17) Run:1
Running from C:\Users\jozo\Desktop
Loaded Profiles: jozo (Available Profiles: UpdatusUser & jozo)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
2015-12-20 13:13 - 2015-12-20 13:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-12-20 13:11 - 2015-12-20 13:11 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\jozo\Desktop\mbam-setup-1.75.0.1300.exe
2015-12-23 23:50 - 2014-04-17 19:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-23 23:35 - 2015-02-07 22:21 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-23 18:28 - 2015-02-07 22:21 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-20 13:14 - 2013-02-26 23:36 - 00000000 ____D C:\Users\jozo\AppData\Roaming\Malwarebytes
2015-12-20 13:14 - 2013-02-26 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Error: (0) Failed to create a restore point.
MBAMSwissArmy => service removed successfully
C:\Program Files (x86)\Malwarebytes' Anti-Malware => moved successfully
C:\Users\jozo\Desktop\mbam-setup-1.75.0.1300.exe => moved successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Users\jozo\AppData\Roaming\Malwarebytes => moved successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 958.9 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 12:10:57 ====
Přispějete na provoz fóra?