Zdravím, mám problém s nadmerným vyťažením systému, aj keď sa na PC nepracuje. Prechádzaním fóra som dospel k názoru že je to asi "vinou" aplikácií uvedených v hlavičke. Pre istotu prikladám log z FRST. Vopred vďaka za pomoc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Michal (administrator) on IZBA-NOTEBOOK (22-03-2016 00:54:30)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Platform: Windows 10 Education (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Windows\SysWOW64\srvany.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\KMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(MY.COM B.V.) C:\Users\Michal\AppData\Local\MyComGames\MyComGames.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\ProgramData\Boxtools\Toolbox.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.8.3092.0_x64__8wekyb3d8bbwe\Solitaire.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46331.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46331.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6811.23771.0_x64__8wekyb3d8bbwe\OHub.exe
() C:\Program Files\WindowsApps\Microsoft.BingWeather_4.8.277.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6811.23771.0_x64__8wekyb3d8bbwe\HubTaskHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
() C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
() C:\Users\Michal\AppData\Roaming\Microsoft\Networking\inet32upd.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
() C:\Users\Michal\AppData\Roaming\Microsoft\Networking\winnet32b.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3233976 2015-08-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Atheros Communications)
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [MyComGames] => C:\Users\Michal\AppData\Local\MyComGames\MyComGames.exe [4844912 2016-03-14] (MY.COM B.V.)
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31232 2015-07-10] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177600 2015-11-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155792 2015-11-16] (NVIDIA Corporation)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2016-03-22] ()
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2016-03-22] ()
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk [2016-03-15]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3b214fb8-3ec8-42e8-9ca9-c43bf144c8c7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9aeb10d4-95c4-4138-9a49-114db0e24005}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
FireFox:
========
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\6wk6y0xp.default
FF Homepage: www.google.sk
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-14] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-472273817-3362002235-3154087924-1001: @my.com/Games -> C:\Users\Michal\AppData\Local\MyComGames\NPMyComDetector.dll [2016-01-27] (MY.COM B.V.)
FF Extension: Unseen - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\6wk6y0xp.default\Extensions\unseen@tangrs.xpi [2015-11-17]
FF Extension: Video AdBlock for Firefox - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\6wk6y0xp.default\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-12-18] [not signed]
FF Extension: Adblock Plus - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\6wk6y0xp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-17]
CHR Extension: (Dokumenty Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-07]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-02-16]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07]
CHR Extension: (Google Search) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Tabuľky Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-17]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-17]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07]
CHR HKU\S-1-5-21-472273817-3362002235-3154087924-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1345056 2016-02-13] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-11-17] (BitRaider, LLC)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [236832 2015-10-02] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135352 2015-08-17] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-12] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-16] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-14] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-08-17] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [231520 2015-07-14] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-08-17] (Intel Corporation)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-11-16] (NVIDIA Corporation)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-22 00:54 - 2016-03-22 00:55 - 00018876 _____ C:\Users\Michal\Desktop\FRST.txt
2016-03-22 00:54 - 2016-03-22 00:54 - 00000000 ____D C:\FRST
2016-03-22 00:52 - 2016-03-22 00:54 - 02374144 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2016-03-22 00:30 - 2016-03-22 00:30 - 00000000 ____D C:\Users\Michal\Documents\SimCity
2016-03-22 00:29 - 2016-03-22 00:29 - 02352060 _____ C:\Users\Michal\Downloads\Simcity crack.zip.part
2016-03-22 00:29 - 2016-03-22 00:29 - 00235632 _____ C:\Users\Michal\Downloads\SIMCITY DIGITAL DELUXE EDITION-REPACK Last Crack January 10, 2016.rar
2016-03-22 00:29 - 2016-03-22 00:29 - 00000000 ____D C:\Users\Michal\Downloads\SIMCITY DIGITAL DELUXE EDITION-REPACK Last Crack January 10, 2016
2016-03-22 00:27 - 2016-03-22 00:27 - 05226018 _____ C:\Users\Michal\Downloads\SimCity crack.rar
2016-03-22 00:25 - 2016-03-22 00:25 - 00000978 _____ C:\Users\Michal\Desktop\SimCity.lnk
2016-03-22 00:25 - 2016-03-22 00:25 - 00000000 ____D C:\Users\Michal\AppData\Roaming\SimCity
2016-03-22 00:25 - 2016-03-22 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-03-22 00:25 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-03-22 00:25 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-03-22 00:17 - 2016-03-22 00:17 - 00000000 ____D C:\Users\Michal\Downloads\SimCity 5 + všechny DLC (2013) (CZ)
2016-03-21 23:52 - 2016-03-21 23:52 - 00016148 _____ C:\Windows\system32\IZBA-NOTEBOOK_Michal_HistoryPrediction.bin
2016-03-21 22:48 - 2016-03-22 00:15 - 2086666240 _____ C:\Users\Michal\Downloads\SimCity 5 + všechny DLC (2013) (CZ).part1.rar
2016-03-21 22:48 - 2016-03-21 23:02 - 380974438 _____ C:\Users\Michal\Downloads\SimCity 5 + všechny DLC (2013) (CZ).part2.rar
2016-03-19 17:06 - 2016-03-19 17:18 - 1305222440 _____ C:\Users\Michal\Downloads\PROKLETY OSTROV (SHUTTER ISLAND) 2010 DVDRip CZ DABING.AVI
2016-03-19 10:38 - 2016-03-19 10:57 - 2047688704 _____ C:\Users\Michal\Downloads\Atlas mraků - Cloud Atlas (2012) CZ dabing.avi
2016-03-19 09:20 - 2016-03-19 09:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-17 20:20 - 2016-03-17 20:40 - 1754363904 _____ C:\Users\Michal\Downloads\Zelvy Ninja_TMNT Korytnacky (2014) BDRip CZ.avi
2016-03-15 14:27 - 2016-03-15 14:27 - 00000000 ___HD C:\OneDriveTemp
2016-03-14 21:36 - 2016-03-14 21:36 - 00000000 ____D C:\Users\Michal\Downloads\Orava-2016
2016-03-14 19:56 - 2016-03-14 21:35 - 1353886826 _____ C:\Users\Michal\Downloads\Orava-2016.rar
2016-03-14 14:46 - 2016-03-14 14:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2016-03-10 19:53 - 2016-03-10 19:53 - 00000000 ____D C:\Users\Michal\AppData\LocalLow\KMPlayer
2016-03-09 21:44 - 2016-03-15 14:57 - 00000000 ____D C:\ProgramData\Boxtools
2016-03-09 21:44 - 2016-03-09 21:44 - 03668504 _____ (Boxoft Solution ) C:\Users\Michal\Downloads\setup(free-flac-to-mp3).exe
2016-03-09 21:44 - 2016-03-09 21:44 - 00001122 _____ C:\Users\Michal\Desktop\Boxoft Flac to MP3 (freeware).lnk
2016-03-09 21:44 - 2016-03-09 21:44 - 00000040 _____ C:\Users\Michal\AppData\Roaming\cdr.ini
2016-03-09 21:44 - 2016-03-09 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boxoft Flac to MP3 (freeware)
2016-03-09 21:44 - 2016-03-09 21:44 - 00000000 ____D C:\Program Files (x86)\Boxoft Flac to MP3 (freeware)
2016-03-09 21:44 - 2010-12-06 09:53 - 00756736 _____ (hxxp://www.mp3dev.org/) C:\Windows\SysWOW64\LameACM.acm
2016-03-09 21:44 - 2010-12-06 09:53 - 00000401 _____ C:\Windows\SysWOW64\lame_acm.xml
2016-03-09 21:23 - 2016-03-09 21:25 - 03500834 _____ C:\Users\Michal\Downloads\4 Non Blondes - What's Up (mp3goo.com).mp3.part
2016-03-09 17:27 - 2016-03-09 18:54 - 868170700 _____ C:\Users\Michal\Downloads\Co.jsme.komu.udelali.2014.108p.BDRip.XViD.AC3.CZ.dabing.avi.part
2016-03-09 16:30 - 2016-02-23 15:53 - 01314496 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-09 16:30 - 2016-02-23 15:51 - 00633184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-03-09 16:30 - 2016-02-23 15:41 - 00299600 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-03-09 16:30 - 2016-02-23 15:11 - 00658784 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-03-09 16:30 - 2016-02-23 15:08 - 03622272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 16:30 - 2016-02-23 15:07 - 22322624 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-09 16:30 - 2016-02-23 14:23 - 00952968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-09 16:30 - 2016-02-23 14:11 - 00249976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-03-09 16:30 - 2016-02-23 13:39 - 02879024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 16:30 - 2016-02-23 13:38 - 20858360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-09 16:30 - 2016-02-23 13:16 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 16:30 - 2016-02-23 12:55 - 24592896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 16:30 - 2016-02-23 12:45 - 12504576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 16:30 - 2016-02-23 12:45 - 06788608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-09 16:30 - 2016-02-23 12:42 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-03-09 16:30 - 2016-02-23 12:38 - 02663424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-03-09 16:30 - 2016-02-23 12:14 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-03-09 16:30 - 2016-02-23 12:04 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2016-03-09 16:30 - 2016-02-23 12:03 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2016-03-09 16:30 - 2016-02-23 12:02 - 03587584 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-03-09 16:30 - 2016-02-23 11:55 - 19326464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 16:30 - 2016-02-23 11:55 - 14241792 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 16:30 - 2016-02-23 11:51 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll
2016-03-09 16:30 - 2016-02-23 11:51 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll
2016-03-09 16:30 - 2016-02-23 11:48 - 21859840 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-03-09 16:30 - 2016-02-23 11:48 - 05157376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 16:30 - 2016-02-23 11:46 - 00400384 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2016-03-09 16:30 - 2016-02-23 11:45 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-03-09 16:30 - 2016-02-23 11:45 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-03-09 16:30 - 2016-02-23 11:45 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-09 16:30 - 2016-02-23 11:44 - 01821696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-03-09 16:30 - 2016-02-23 11:38 - 07524864 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-03-09 16:30 - 2016-02-23 11:17 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2016-03-09 16:30 - 2016-02-23 11:11 - 12589056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 16:30 - 2016-02-23 11:03 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-03-09 16:30 - 2016-02-23 11:00 - 11263488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 16:30 - 2016-02-23 11:00 - 05457408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-03-09 16:30 - 2016-02-23 10:58 - 18800640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-03-09 16:29 - 2016-02-23 15:52 - 00858408 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-03-09 16:29 - 2016-02-23 15:51 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2016-03-09 16:29 - 2016-02-23 15:50 - 00630160 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-03-09 16:29 - 2016-02-23 15:48 - 08022368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 16:29 - 2016-02-23 15:48 - 01294352 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-03-09 16:29 - 2016-02-23 15:48 - 01123952 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-03-09 16:29 - 2016-02-23 15:41 - 01150816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 16:29 - 2016-02-23 15:41 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2016-03-09 16:29 - 2016-02-23 15:40 - 00110584 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2016-03-09 16:29 - 2016-02-23 15:38 - 00272752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2016-03-09 16:29 - 2016-02-23 15:36 - 00080128 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-03-09 16:29 - 2016-02-23 15:11 - 00781984 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 16:29 - 2016-02-23 15:11 - 00103776 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-03-09 16:29 - 2016-02-23 14:39 - 00607416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-03-09 16:29 - 2016-02-23 14:30 - 01643872 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-03-09 16:29 - 2016-02-23 14:25 - 01085632 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 16:29 - 2016-02-23 14:21 - 00529456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-03-09 16:29 - 2016-02-23 14:21 - 00141152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2016-03-09 16:29 - 2016-02-23 14:11 - 00073360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2016-03-09 16:29 - 2016-02-23 14:11 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2016-03-09 16:29 - 2016-02-23 14:09 - 00229352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2016-03-09 16:29 - 2016-02-23 14:06 - 00069232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-03-09 16:29 - 2016-02-23 13:58 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-03-09 16:29 - 2016-02-23 13:50 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-03-09 16:29 - 2016-02-23 13:50 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\NetCfgNotifyObjectHost.exe
2016-03-09 16:29 - 2016-02-23 13:42 - 00658536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 16:29 - 2016-02-23 13:42 - 00467296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-03-09 16:29 - 2016-02-23 13:42 - 00078176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-03-09 16:29 - 2016-02-23 13:35 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 16:29 - 2016-02-23 13:20 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-03-09 16:29 - 2016-02-23 13:17 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-03-09 16:29 - 2016-02-23 13:15 - 00539728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-03-09 16:29 - 2016-02-23 13:15 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 16:29 - 2016-02-23 12:59 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2016-03-09 16:29 - 2016-02-23 12:59 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-03-09 16:29 - 2016-02-23 12:57 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-03-09 16:29 - 2016-02-23 12:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 16:29 - 2016-02-23 12:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetCfgNotifyObjectHost.exe
2016-03-09 16:29 - 2016-02-23 12:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-03-09 16:29 - 2016-02-23 12:25 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 16:29 - 2016-02-23 12:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 16:29 - 2016-02-23 12:17 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-03-09 16:29 - 2016-02-23 12:17 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-03-09 16:29 - 2016-02-23 12:08 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-03-09 16:29 - 2016-02-23 12:03 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 16:29 - 2016-02-23 11:45 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 16:29 - 2016-02-23 11:29 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-03-09 16:29 - 2016-02-23 11:17 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-08 00:11 - 2016-03-08 00:35 - 1467934720 _____ C:\Users\Michal\Downloads\KRAL DROZDIA BRADA 1984 CZ.avi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-22 00:50 - 2015-10-02 15:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-22 00:30 - 2015-08-17 20:31 - 00000000 ____D C:\Users\Michal
2016-03-22 00:27 - 2015-08-17 21:00 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-20 15:27 - 2015-08-17 21:00 - 00000968 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-19 17:20 - 2015-08-17 21:20 - 00000000 ____D C:\The KMPlayer
2016-03-19 17:03 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\AppReadiness
2016-03-19 09:25 - 2015-08-17 20:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-18 15:08 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-15 14:30 - 2015-08-17 21:00 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-15 14:28 - 2015-08-17 21:07 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-03-15 14:27 - 2015-12-26 21:43 - 00000000 ____D C:\Users\Michal\AppData\Local\MyComGames
2016-03-15 14:27 - 2015-08-17 20:35 - 00000000 ___RD C:\Users\Michal\OneDrive
2016-03-15 14:26 - 2015-08-17 20:36 - 00000000 __SHD C:\Users\Michal\IntelGraphicsProfiles
2016-03-14 15:05 - 2015-08-17 21:32 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-14 14:52 - 2015-07-10 11:55 - 00000000 ____D C:\Windows\CbsTemp
2016-03-14 14:43 - 2015-08-17 20:31 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-14 14:41 - 2015-07-10 13:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-14 14:41 - 2015-07-10 13:20 - 00348672 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-14 14:39 - 2015-07-10 10:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-14 14:37 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-14 14:37 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-14 14:37 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-14 14:37 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-14 14:37 - 2015-07-10 12:02 - 00000000 ____D C:\Windows\INF
2016-03-14 14:29 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\NDF
2016-03-10 18:39 - 2015-08-18 12:01 - 00083594 _____ C:\Windows\system32\perfh01B.dat
2016-03-10 18:39 - 2015-08-18 12:01 - 00025730 _____ C:\Windows\system32\perfc01B.dat
2016-03-10 18:39 - 2015-08-17 20:29 - 01018266 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-09 21:27 - 2015-08-17 23:17 - 00000554 _____ C:\Users\Michal\AppData\Roaming\burnaware.ini
2016-03-09 16:10 - 2015-08-17 20:35 - 00002370 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-08 08:10 - 2015-10-04 07:32 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:10 - 2015-10-04 07:32 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-06 19:57 - 2015-09-14 13:26 - 00312056 _____ C:\Windows\system32\Drivers\EasyAntiCheat.sys
2016-03-06 19:57 - 2015-08-18 11:44 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-28 21:32 - 2015-08-17 21:17 - 00000000 ____D C:\Users\Michal\AppData\Roaming\vlc
==================== Files in the root of some directories =======
2015-08-17 23:17 - 2016-03-09 21:27 - 0000554 _____ () C:\Users\Michal\AppData\Roaming\burnaware.ini
2016-03-09 21:44 - 2016-03-09 21:44 - 0000040 _____ () C:\Users\Michal\AppData\Roaming\cdr.ini
2015-11-09 23:32 - 2015-11-09 23:32 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-08-17 20:39 - 2015-08-17 20:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\InstHelper.exe
C:\Users\Michal\AppData\Local\Temp\Uni000.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-14 14:52
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problem s winnet32b, conhost32
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Problem s winnet32b, conhost32
Krasny den Vam preju 
Co takhle si tu hru radeji koupit nez shanet cracky, jehoz soucasti byl ve vasem pripade "pouze" BitCoin miner? Nejedna se o jediny nelegalni software v tomto pocitaci, takze pokud budete warezovat dal, je jen otazkou casu, kdy si poridite crack s kryptovirem... a to je teprve radost.
Co takhle si tu hru radeji koupit nez shanet cracky, jehoz soucasti byl ve vasem pripade "pouze" BitCoin miner? Nejedna se o jediny nelegalni software v tomto pocitaci, takze pokud budete warezovat dal, je jen otazkou casu, kdy si poridite crack s kryptovirem... a to je teprve radost.- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi
Kód: Vybrat vše
Start CreateRestorePoint: CloseProcesses: File: C:\ProgramData\Boxtools\Toolbox.exe File: C:\Windows\SysWOW64\srvany.exe HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-16] (NVIDIA Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd) Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2016-03-22] () Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2016-03-22] () C:\Users\Michal\AppData\Roaming\Microsoft\Networking C:\Windows\KMService.exe R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed] S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] CMD: dir "C:\Windows\System32\Tasks" CMD: dir "C:\PROGRA~1" CMD: dir "C:\PROGRA~2" CMD: dir "C:\PROGRA~3" CMD: dir "%localappdata%" CMD: dir "%appdata%" Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Problem s winnet32b, conhost32
Holt máte úplnú pravdu, nemá cenu zapierať...
Tu je log:
Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Michal (2016-03-22 01:31:22) Run:1
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\ProgramData\Boxtools\Toolbox.exe
File: C:\Windows\SysWOW64\srvany.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-16] (NVIDIA Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2016-03-22] ()
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2016-03-22] ()
C:\Users\Michal\AppData\Roaming\Microsoft\Networking
C:\Windows\KMService.exe
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
CMD: dir "C:\Windows\System32\Tasks"
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************
Error: (0) Failed to create a restore point.
Processes closed successfully.
========================= File: C:\ProgramData\Boxtools\Toolbox.exe ========================
File not signed
MD5: 9002819DD5639EB046F4C68C09B2F9E0
Creation and modification date: 2016-03-09 21:44 - 2011-02-11 15:19
Size: 2760192
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Windows\SysWOW64\srvany.exe ========================
File not signed
MD5: 4635935FC972C582632BF45C26BFCB0E
Creation and modification date: 2015-08-17 23:11 - 2003-04-18 18:06
Size: 0008192
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Pro Agent => value removed successfully
C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe => moved successfully
C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe => moved successfully
C:\Users\Michal\AppData\Roaming\Microsoft\Networking => moved successfully
C:\Windows\KMService.exe => moved successfully
KMService => service removed successfully
wfpcapture => service removed successfully
========= dir "C:\Windows\System32\Tasks" =========
Volume in drive C has no label.
Volume Serial Number is 263B-4473
Directory of C:\Windows\System32\Tasks
16.01.2016 00:47 <DIR> .
16.01.2016 00:47 <DIR> ..
16.01.2016 00:47 3�972 Adobe Acrobat Update Task
11.11.2015 14:50 3�816 Adobe Flash Player Updater
17.08.2015 20:46 3�628 ASUS Smart Gesture Launcher
02.02.2016 15:22 3�798 GoogleUpdateTaskMachineCore
02.02.2016 15:22 4�030 GoogleUpdateTaskMachineUA
09.11.2015 23:32 3�776 HPCustParticipation HP Deskjet 3510 series
17.08.2015 21:12 3�026 klcp_update
10.07.2015 12:04 <DIR> Microsoft
17.08.2015 23:04 <DIR> OfficeSoftwareProtectionPlatform
17.08.2015 20:39 3�260 RtHDVBg_ListenToDevice
17.08.2015 20:39 3�194 RTKCPL
9 File(s) 32�500 bytes
4 Dir(s) 43�271�221�248 bytes free
========= End of CMD: =========
========= dir "C:\PROGRA~1" =========
Volume in drive C has no label.
Volume Serial Number is 263B-4473
Directory of C:\PROGRA~1
23.11.2015 18:50 <DIR> .
23.11.2015 18:50 <DIR> ..
17.08.2015 20:48 <DIR> Common Files
17.08.2015 20:46 <DIR> DIFX
17.08.2015 20:37 <DIR> Elantech
17.08.2015 20:54 <DIR> ESET
09.11.2015 23:32 <DIR> HP
17.08.2015 20:32 <DIR> Intel
14.03.2016 14:37 <DIR> Internet Explorer
17.08.2015 23:03 <DIR> Microsoft Office
18.08.2015 12:01 <DIR> MSBuild
23.11.2015 18:54 <DIR> NVIDIA Corporation
17.08.2015 20:39 <DIR> Realtek
18.08.2015 12:01 <DIR> Reference Assemblies
10.07.2015 17:00 <DIR> Windows Defender
13.02.2016 19:40 <DIR> Windows Journal
10.07.2015 17:00 <DIR> Windows Mail
14.03.2016 14:37 <DIR> Windows Media Player
14.03.2016 14:37 <DIR> Windows Multimedia Platform
10.07.2015 12:04 <DIR> Windows NT
10.07.2015 17:00 <DIR> Windows Photo Viewer
14.03.2016 14:37 <DIR> Windows Portable Devices
17.08.2015 20:36 <DIR> WinRAR
0 File(s) 0 bytes
23 Dir(s) 43�271�221�248 bytes free
========= End of CMD: =========
========= dir "C:\PROGRA~2" =========
Volume in drive C has no label.
Volume Serial Number is 263B-4473
Directory of C:\PROGRA~2
19.03.2016 09:25 <DIR> .
19.03.2016 09:25 <DIR> ..
17.08.2015 21:31 <DIR> Adobe
17.08.2015 20:46 <DIR> ASUS
17.08.2015 20:48 <DIR> Bluetooth Suite
09.03.2016 21:44 <DIR> Boxoft Flac to MP3 (freeware)
17.08.2015 23:16 <DIR> BurnAware Free
17.11.2015 11:14 <DIR> Common Files
17.08.2015 23:20 <DIR> CPUID
17.08.2015 22:01 <DIR> DAEMON Tools Pro
17.08.2015 23:21 <DIR> Google
09.11.2015 23:32 <DIR> HP
09.11.2015 23:32 <DIR> HP Photo Creations
17.08.2015 20:51 <DIR> Intel
14.03.2016 14:37 <DIR> Internet Explorer
17.08.2015 21:12 <DIR> K-Lite Codec Pack
09.11.2015 23:32 <DIR> Microsoft
17.08.2015 23:03 <DIR> Microsoft Analysis Services
15.10.2015 14:24 <DIR> Microsoft ASP.NET
17.08.2015 23:05 <DIR> Microsoft Office
17.08.2015 23:05 <DIR> Microsoft Sync Framework
17.08.2015 23:03 <DIR> Microsoft Visual Studio 8
17.08.2015 23:05 <DIR> Microsoft.NET
22.03.2016 01:24 <DIR> Mozilla Firefox
22.03.2016 01:24 <DIR> Mozilla Maintenance Service
18.08.2015 12:01 <DIR> MSBuild
23.11.2015 18:54 <DIR> NVIDIA Corporation
17.08.2015 20:42 <DIR> Qualcomm Atheros
17.08.2015 20:46 <DIR> Realtek
18.08.2015 12:01 <DIR> Reference Assemblies
06.03.2016 19:57 <DIR> Steam
17.08.2015 21:17 <DIR> VideoLAN
10.07.2015 17:00 <DIR> Windows Defender
10.07.2015 17:00 <DIR> Windows Mail
10.07.2015 17:00 <DIR> Windows Media Player
14.03.2016 14:37 <DIR> Windows Multimedia Platform
10.07.2015 12:04 <DIR> Windows NT
10.07.2015 17:00 <DIR> Windows Photo Viewer
14.03.2016 14:37 <DIR> Windows Portable Devices
0 File(s) 0 bytes
39 Dir(s) 43�271�221�248 bytes free
========= End of CMD: =========
========= dir "C:\PROGRA~3" =========
Volume in drive C has no label.
Volume Serial Number is 263B-4473
Directory of C:\PROGRA~3
18.08.2015 07:48 <DIR> Adobe
09.11.2015 23:32 57 Ament.ini
15.03.2016 14:28 <DIR> ASUS Smart Gesture
19.08.2015 09:26 <DIR> Atheros
17.11.2015 11:18 <DIR> BitRaider
19.08.2015 10:11 <DIR> Bohemia Interactive
22.03.2016 01:26 <DIR> Boxtools
10.07.2015 12:04 <DIR> Comms
17.08.2015 23:02 <DIR> DAEMON Tools Pro
17.08.2015 20:54 <DIR> ESET
09.11.2015 23:32 <DIR> HP
09.11.2015 23:32 <DIR> HP Photo Creations
16.03.2016 19:37 <DIR> Microsoft Help
17.08.2015 20:34 <DIR> Microsoft OneDrive
23.11.2015 18:53 <DIR> NVIDIA
23.11.2015 18:55 <DIR> NVIDIA Corporation
16.10.2015 22:29 <DIR> Package Cache
17.08.2015 20:42 <DIR> Qualcomm Atheros
10.07.2015 17:11 <DIR> regid.1991-06.com.microsoft
17.08.2015 23:26 <DIR> SetupTPDriver
02.10.2015 15:05 <DIR> SoftwareDistribution
19.08.2015 10:11 <DIR> Steam
10.07.2015 13:22 <DIR> USOPrivate
10.07.2015 13:22 <DIR> USOShared
09.11.2015 23:32 <DIR> Visan
1 File(s) 57 bytes
24 Dir(s) 43�271�217�152 bytes free
========= End of CMD: =========
========= dir "%localappdata%" =========
Volume in drive C has no label.
Volume Serial Number is 263B-4473
Directory of C:\Users\Michal\AppData\Local
22.03.2016 01:26 <DIR> .
22.03.2016 01:26 <DIR> ..
08.09.2015 12:02 <DIR> Adobe
01.01.2016 17:34 <DIR> Arma 3
19.08.2015 09:28 <DIR> BMExplorer
18.08.2015 11:47 <DIR> CEF
09.11.2015 23:15 <DIR> Comms
12.01.2016 00:09 <DIR> CrashDumps
22.12.2015 22:50 <DIR> DayZ
20.02.2016 11:40 <DIR> Diagnostics
18.09.2015 17:45 <DIR> dxhr
17.08.2015 20:55 <DIR> ESET
07.11.2015 22:13 <DIR> Google
09.11.2015 23:34 <DIR> HP
17.08.2015 21:34 <DIR> Macromedia
11.02.2016 08:35 <DIR> Microsoft
17.08.2015 23:03 <DIR> Microsoft Help
17.08.2015 20:52 <DIR> MicrosoftEdge
17.08.2015 21:18 <DIR> Mozilla
22.03.2016 01:26 <DIR> MyComGames
17.08.2015 20:41 <DIR> NetworkTiles
23.11.2015 18:56 <DIR> NVIDIA
23.11.2015 18:56 <DIR> NVIDIA Corporation
21.01.2016 14:48 <DIR> Packages
18.08.2015 22:07 <DIR> PeerDistRepub
17.08.2015 21:11 <DIR> Programs
17.08.2015 20:33 <DIR> Publishers
18.08.2015 11:47 <DIR> Steam
18.11.2015 11:56 <DIR> SWTOR
17.11.2015 11:16 <DIR> SWTORPerf
22.03.2016 01:31 <DIR> Temp
17.08.2015 20:31 <DIR> TileDataLayer
17.08.2015 20:31 <DIR> VirtualStore
0 File(s) 0 bytes
33 Dir(s) 43�271�217�152 bytes free
========= End of CMD: =========
Tu je log:
Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Michal (2016-03-22 01:31:22) Run:1
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\ProgramData\Boxtools\Toolbox.exe
File: C:\Windows\SysWOW64\srvany.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-16] (NVIDIA Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2016-03-22] ()
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2016-03-22] ()
C:\Users\Michal\AppData\Roaming\Microsoft\Networking
C:\Windows\KMService.exe
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
CMD: dir "C:\Windows\System32\Tasks"
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************
Error: (0) Failed to create a restore point.
Processes closed successfully.
========================= File: C:\ProgramData\Boxtools\Toolbox.exe ========================
File not signed
MD5: 9002819DD5639EB046F4C68C09B2F9E0
Creation and modification date: 2016-03-09 21:44 - 2011-02-11 15:19
Size: 2760192
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Windows\SysWOW64\srvany.exe ========================
File not signed
MD5: 4635935FC972C582632BF45C26BFCB0E
Creation and modification date: 2015-08-17 23:11 - 2003-04-18 18:06
Size: 0008192
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Pro Agent => value removed successfully
C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe => moved successfully
C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe => moved successfully
C:\Users\Michal\AppData\Roaming\Microsoft\Networking => moved successfully
C:\Windows\KMService.exe => moved successfully
KMService => service removed successfully
wfpcapture => service removed successfully
========= dir "C:\Windows\System32\Tasks" =========
Volume in drive C has no label.
Volume Serial Number is 263B-4473
Directory of C:\Windows\System32\Tasks
16.01.2016 00:47 <DIR> .
16.01.2016 00:47 <DIR> ..
16.01.2016 00:47 3�972 Adobe Acrobat Update Task
11.11.2015 14:50 3�816 Adobe Flash Player Updater
17.08.2015 20:46 3�628 ASUS Smart Gesture Launcher
02.02.2016 15:22 3�798 GoogleUpdateTaskMachineCore
02.02.2016 15:22 4�030 GoogleUpdateTaskMachineUA
09.11.2015 23:32 3�776 HPCustParticipation HP Deskjet 3510 series
17.08.2015 21:12 3�026 klcp_update
10.07.2015 12:04 <DIR> Microsoft
17.08.2015 23:04 <DIR> OfficeSoftwareProtectionPlatform
17.08.2015 20:39 3�260 RtHDVBg_ListenToDevice
17.08.2015 20:39 3�194 RTKCPL
9 File(s) 32�500 bytes
4 Dir(s) 43�271�221�248 bytes free
========= End of CMD: =========
========= dir "C:\PROGRA~1" =========
Volume in drive C has no label.
Volume Serial Number is 263B-4473
Directory of C:\PROGRA~1
23.11.2015 18:50 <DIR> .
23.11.2015 18:50 <DIR> ..
17.08.2015 20:48 <DIR> Common Files
17.08.2015 20:46 <DIR> DIFX
17.08.2015 20:37 <DIR> Elantech
17.08.2015 20:54 <DIR> ESET
09.11.2015 23:32 <DIR> HP
17.08.2015 20:32 <DIR> Intel
14.03.2016 14:37 <DIR> Internet Explorer
17.08.2015 23:03 <DIR> Microsoft Office
18.08.2015 12:01 <DIR> MSBuild
23.11.2015 18:54 <DIR> NVIDIA Corporation
17.08.2015 20:39 <DIR> Realtek
18.08.2015 12:01 <DIR> Reference Assemblies
10.07.2015 17:00 <DIR> Windows Defender
13.02.2016 19:40 <DIR> Windows Journal
10.07.2015 17:00 <DIR> Windows Mail
14.03.2016 14:37 <DIR> Windows Media Player
14.03.2016 14:37 <DIR> Windows Multimedia Platform
10.07.2015 12:04 <DIR> Windows NT
10.07.2015 17:00 <DIR> Windows Photo Viewer
14.03.2016 14:37 <DIR> Windows Portable Devices
17.08.2015 20:36 <DIR> WinRAR
0 File(s) 0 bytes
23 Dir(s) 43�271�221�248 bytes free
========= End of CMD: =========
========= dir "C:\PROGRA~2" =========
Volume in drive C has no label.
Volume Serial Number is 263B-4473
Directory of C:\PROGRA~2
19.03.2016 09:25 <DIR> .
19.03.2016 09:25 <DIR> ..
17.08.2015 21:31 <DIR> Adobe
17.08.2015 20:46 <DIR> ASUS
17.08.2015 20:48 <DIR> Bluetooth Suite
09.03.2016 21:44 <DIR> Boxoft Flac to MP3 (freeware)
17.08.2015 23:16 <DIR> BurnAware Free
17.11.2015 11:14 <DIR> Common Files
17.08.2015 23:20 <DIR> CPUID
17.08.2015 22:01 <DIR> DAEMON Tools Pro
17.08.2015 23:21 <DIR> Google
09.11.2015 23:32 <DIR> HP
09.11.2015 23:32 <DIR> HP Photo Creations
17.08.2015 20:51 <DIR> Intel
14.03.2016 14:37 <DIR> Internet Explorer
17.08.2015 21:12 <DIR> K-Lite Codec Pack
09.11.2015 23:32 <DIR> Microsoft
17.08.2015 23:03 <DIR> Microsoft Analysis Services
15.10.2015 14:24 <DIR> Microsoft ASP.NET
17.08.2015 23:05 <DIR> Microsoft Office
17.08.2015 23:05 <DIR> Microsoft Sync Framework
17.08.2015 23:03 <DIR> Microsoft Visual Studio 8
17.08.2015 23:05 <DIR> Microsoft.NET
22.03.2016 01:24 <DIR> Mozilla Firefox
22.03.2016 01:24 <DIR> Mozilla Maintenance Service
18.08.2015 12:01 <DIR> MSBuild
23.11.2015 18:54 <DIR> NVIDIA Corporation
17.08.2015 20:42 <DIR> Qualcomm Atheros
17.08.2015 20:46 <DIR> Realtek
18.08.2015 12:01 <DIR> Reference Assemblies
06.03.2016 19:57 <DIR> Steam
17.08.2015 21:17 <DIR> VideoLAN
10.07.2015 17:00 <DIR> Windows Defender
10.07.2015 17:00 <DIR> Windows Mail
10.07.2015 17:00 <DIR> Windows Media Player
14.03.2016 14:37 <DIR> Windows Multimedia Platform
10.07.2015 12:04 <DIR> Windows NT
10.07.2015 17:00 <DIR> Windows Photo Viewer
14.03.2016 14:37 <DIR> Windows Portable Devices
0 File(s) 0 bytes
39 Dir(s) 43�271�221�248 bytes free
========= End of CMD: =========
========= dir "C:\PROGRA~3" =========
Volume in drive C has no label.
Volume Serial Number is 263B-4473
Directory of C:\PROGRA~3
18.08.2015 07:48 <DIR> Adobe
09.11.2015 23:32 57 Ament.ini
15.03.2016 14:28 <DIR> ASUS Smart Gesture
19.08.2015 09:26 <DIR> Atheros
17.11.2015 11:18 <DIR> BitRaider
19.08.2015 10:11 <DIR> Bohemia Interactive
22.03.2016 01:26 <DIR> Boxtools
10.07.2015 12:04 <DIR> Comms
17.08.2015 23:02 <DIR> DAEMON Tools Pro
17.08.2015 20:54 <DIR> ESET
09.11.2015 23:32 <DIR> HP
09.11.2015 23:32 <DIR> HP Photo Creations
16.03.2016 19:37 <DIR> Microsoft Help
17.08.2015 20:34 <DIR> Microsoft OneDrive
23.11.2015 18:53 <DIR> NVIDIA
23.11.2015 18:55 <DIR> NVIDIA Corporation
16.10.2015 22:29 <DIR> Package Cache
17.08.2015 20:42 <DIR> Qualcomm Atheros
10.07.2015 17:11 <DIR> regid.1991-06.com.microsoft
17.08.2015 23:26 <DIR> SetupTPDriver
02.10.2015 15:05 <DIR> SoftwareDistribution
19.08.2015 10:11 <DIR> Steam
10.07.2015 13:22 <DIR> USOPrivate
10.07.2015 13:22 <DIR> USOShared
09.11.2015 23:32 <DIR> Visan
1 File(s) 57 bytes
24 Dir(s) 43�271�217�152 bytes free
========= End of CMD: =========
========= dir "%localappdata%" =========
Volume in drive C has no label.
Volume Serial Number is 263B-4473
Directory of C:\Users\Michal\AppData\Local
22.03.2016 01:26 <DIR> .
22.03.2016 01:26 <DIR> ..
08.09.2015 12:02 <DIR> Adobe
01.01.2016 17:34 <DIR> Arma 3
19.08.2015 09:28 <DIR> BMExplorer
18.08.2015 11:47 <DIR> CEF
09.11.2015 23:15 <DIR> Comms
12.01.2016 00:09 <DIR> CrashDumps
22.12.2015 22:50 <DIR> DayZ
20.02.2016 11:40 <DIR> Diagnostics
18.09.2015 17:45 <DIR> dxhr
17.08.2015 20:55 <DIR> ESET
07.11.2015 22:13 <DIR> Google
09.11.2015 23:34 <DIR> HP
17.08.2015 21:34 <DIR> Macromedia
11.02.2016 08:35 <DIR> Microsoft
17.08.2015 23:03 <DIR> Microsoft Help
17.08.2015 20:52 <DIR> MicrosoftEdge
17.08.2015 21:18 <DIR> Mozilla
22.03.2016 01:26 <DIR> MyComGames
17.08.2015 20:41 <DIR> NetworkTiles
23.11.2015 18:56 <DIR> NVIDIA
23.11.2015 18:56 <DIR> NVIDIA Corporation
21.01.2016 14:48 <DIR> Packages
18.08.2015 22:07 <DIR> PeerDistRepub
17.08.2015 21:11 <DIR> Programs
17.08.2015 20:33 <DIR> Publishers
18.08.2015 11:47 <DIR> Steam
18.11.2015 11:56 <DIR> SWTOR
17.11.2015 11:16 <DIR> SWTORPerf
22.03.2016 01:31 <DIR> Temp
17.08.2015 20:31 <DIR> TileDataLayer
17.08.2015 20:31 <DIR> VirtualStore
0 File(s) 0 bytes
33 Dir(s) 43�271�217�152 bytes free
========= End of CMD: =========
Re: Problem s winnet32b, conhost32
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Cleaning
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Problem s winnet32b, conhost32
tu to je:
# AdwCleaner v5.105 - Logfile created 22/03/2016 at 08:22:22
# Updated 21/03/2016 by Xplode
# Database : 2016-03-21.3 [Server]
# Operating system : Windows 10 Education (x64)
# Username : Michal - IZBA-NOTEBOOK
# Running from : C:\Users\Michal\Desktop\adwcleaner_5.105.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1006 bytes] - [22/03/2016 01:23:08]
C:\AdwCleaner\AdwCleaner[C2].txt - [772 bytes] - [22/03/2016 08:22:22]
C:\AdwCleaner\AdwCleaner[S1].txt - [833 bytes] - [22/03/2016 01:20:42]
C:\AdwCleaner\AdwCleaner[S2].txt - [905 bytes] - [22/03/2016 08:20:00]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [988 bytes] ##########
# AdwCleaner v5.105 - Logfile created 22/03/2016 at 08:22:22
# Updated 21/03/2016 by Xplode
# Database : 2016-03-21.3 [Server]
# Operating system : Windows 10 Education (x64)
# Username : Michal - IZBA-NOTEBOOK
# Running from : C:\Users\Michal\Desktop\adwcleaner_5.105.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1006 bytes] - [22/03/2016 01:23:08]
C:\AdwCleaner\AdwCleaner[C2].txt - [772 bytes] - [22/03/2016 08:22:22]
C:\AdwCleaner\AdwCleaner[S1].txt - [833 bytes] - [22/03/2016 01:20:42]
C:\AdwCleaner\AdwCleaner[S2].txt - [905 bytes] - [22/03/2016 08:20:00]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [988 bytes] ##########
Re: Problem s winnet32b, conhost32
Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Problem s winnet32b, conhost32
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Michal (administrator) on IZBA-NOTEBOOK (22-03-2016 11:54:03)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Platform: Windows 10 Education (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(MY.COM B.V.) C:\Users\Michal\AppData\Local\MyComGames\MyComGames.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\ProgramData\Boxtools\Toolbox.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.BingWeather_4.8.277.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_182.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3233976 2015-08-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Atheros Communications)
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [MyComGames] => C:\Users\Michal\AppData\Local\MyComGames\MyComGames.exe [4844912 2016-03-14] (MY.COM B.V.)
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31232 2015-07-10] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177600 2015-11-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155792 2015-11-16] (NVIDIA Corporation)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk [2016-03-22]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3b214fb8-3ec8-42e8-9ca9-c43bf144c8c7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9aeb10d4-95c4-4138-9a49-114db0e24005}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
FireFox:
========
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\6wk6y0xp.default
FF Homepage: www.google.sk
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-14] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-472273817-3362002235-3154087924-1001: @my.com/Games -> C:\Users\Michal\AppData\Local\MyComGames\NPMyComDetector.dll [2016-01-27] (MY.COM B.V.)
FF Extension: Unseen - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\6wk6y0xp.default\Extensions\unseen@tangrs.xpi [2015-11-17]
FF Extension: Video AdBlock for Firefox - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\6wk6y0xp.default\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-12-18] [not signed]
FF Extension: Adblock Plus - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\6wk6y0xp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-17]
CHR Extension: (Dokumenty Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-07]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-02-16]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07]
CHR Extension: (Google Search) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Tabuľky Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-17]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-17]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07]
CHR HKU\S-1-5-21-472273817-3362002235-3154087924-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1345056 2016-02-13] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-11-17] (BitRaider, LLC)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [236832 2015-10-02] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135352 2015-08-17] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-12] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-16] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-14] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-08-17] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [231520 2015-07-14] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-08-17] (Intel Corporation)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-11-16] (NVIDIA Corporation)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-22 10:44 - 2016-03-22 10:44 - 00016148 _____ C:\Windows\system32\IZBA-NOTEBOOK_Michal_HistoryPrediction.bin
2016-03-22 08:28 - 2016-03-22 08:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2016-03-22 01:29 - 2016-03-22 01:29 - 00000000 _____ C:\Users\Michal\Desktop\Nový textový dokument.txt
2016-03-22 01:20 - 2016-03-22 08:22 - 00000000 ____D C:\AdwCleaner
2016-03-22 01:19 - 2016-03-22 01:20 - 01530368 _____ C:\Users\Michal\Desktop\adwcleaner_5.105.exe
2016-03-22 01:13 - 2016-03-22 01:13 - 00000472 _____ C:\Users\Michal\Downloads\FixList.zip
2016-03-22 01:13 - 2016-03-22 01:13 - 00000000 ____D C:\Users\Michal\Downloads\FixList
2016-03-22 00:54 - 2016-03-22 11:54 - 00016745 _____ C:\Users\Michal\Desktop\FRST.txt
2016-03-22 00:54 - 2016-03-22 11:54 - 00000000 ____D C:\FRST
2016-03-22 00:52 - 2016-03-22 00:54 - 02374144 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2016-03-22 00:30 - 2016-03-22 00:30 - 00000000 ____D C:\Users\Michal\Documents\SimCity
2016-03-22 00:29 - 2016-03-22 00:29 - 02352060 _____ C:\Users\Michal\Downloads\Simcity crack.zip.part
2016-03-22 00:29 - 2016-03-22 00:29 - 00235632 _____ C:\Users\Michal\Downloads\SIMCITY DIGITAL DELUXE EDITION-REPACK Last Crack January 10, 2016.rar
2016-03-22 00:29 - 2016-03-22 00:29 - 00000000 ____D C:\Users\Michal\Downloads\SIMCITY DIGITAL DELUXE EDITION-REPACK Last Crack January 10, 2016
2016-03-22 00:27 - 2016-03-22 00:27 - 05226018 _____ C:\Users\Michal\Downloads\SimCity crack.rar
2016-03-22 00:25 - 2016-03-22 00:25 - 00000000 ____D C:\Users\Michal\AppData\Roaming\SimCity
2016-03-22 00:25 - 2016-03-22 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-03-22 00:25 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-03-22 00:25 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-03-22 00:17 - 2016-03-22 00:17 - 00000000 ____D C:\Users\Michal\Downloads\SimCity 5 + všechny DLC (2013) (CZ)
2016-03-21 22:48 - 2016-03-22 00:15 - 2086666240 _____ C:\Users\Michal\Downloads\SimCity 5 + všechny DLC (2013) (CZ).part1.rar
2016-03-21 22:48 - 2016-03-21 23:02 - 380974438 _____ C:\Users\Michal\Downloads\SimCity 5 + všechny DLC (2013) (CZ).part2.rar
2016-03-19 17:06 - 2016-03-19 17:18 - 1305222440 _____ C:\Users\Michal\Downloads\PROKLETY OSTROV (SHUTTER ISLAND) 2010 DVDRip CZ DABING.AVI
2016-03-19 10:38 - 2016-03-19 10:57 - 2047688704 _____ C:\Users\Michal\Downloads\Atlas mraků - Cloud Atlas (2012) CZ dabing.avi
2016-03-19 09:20 - 2016-03-22 01:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-17 20:20 - 2016-03-17 20:40 - 1754363904 _____ C:\Users\Michal\Downloads\Zelvy Ninja_TMNT Korytnacky (2014) BDRip CZ.avi
2016-03-15 14:27 - 2016-03-15 14:27 - 00000000 ___HD C:\OneDriveTemp
2016-03-14 21:36 - 2016-03-14 21:36 - 00000000 ____D C:\Users\Michal\Downloads\Orava-2016
2016-03-14 19:56 - 2016-03-14 21:35 - 1353886826 _____ C:\Users\Michal\Downloads\Orava-2016.rar
2016-03-10 19:53 - 2016-03-10 19:53 - 00000000 ____D C:\Users\Michal\AppData\LocalLow\KMPlayer
2016-03-09 21:44 - 2016-03-22 08:55 - 00000000 ____D C:\ProgramData\Boxtools
2016-03-09 21:44 - 2016-03-09 21:44 - 03668504 _____ (Boxoft Solution ) C:\Users\Michal\Downloads\setup(free-flac-to-mp3).exe
2016-03-09 21:44 - 2016-03-09 21:44 - 00001122 _____ C:\Users\Michal\Desktop\Boxoft Flac to MP3 (freeware).lnk
2016-03-09 21:44 - 2016-03-09 21:44 - 00000040 _____ C:\Users\Michal\AppData\Roaming\cdr.ini
2016-03-09 21:44 - 2016-03-09 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boxoft Flac to MP3 (freeware)
2016-03-09 21:44 - 2016-03-09 21:44 - 00000000 ____D C:\Program Files (x86)\Boxoft Flac to MP3 (freeware)
2016-03-09 21:44 - 2010-12-06 09:53 - 00756736 _____ (hxxp://www.mp3dev.org/) C:\Windows\SysWOW64\LameACM.acm
2016-03-09 21:44 - 2010-12-06 09:53 - 00000401 _____ C:\Windows\SysWOW64\lame_acm.xml
2016-03-09 21:23 - 2016-03-09 21:25 - 03500834 _____ C:\Users\Michal\Downloads\4 Non Blondes - What's Up (mp3goo.com).mp3.part
2016-03-09 17:27 - 2016-03-09 18:54 - 868170700 _____ C:\Users\Michal\Downloads\Co.jsme.komu.udelali.2014.108p.BDRip.XViD.AC3.CZ.dabing.avi.part
2016-03-09 16:30 - 2016-02-23 15:53 - 01314496 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-09 16:30 - 2016-02-23 15:51 - 00633184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-03-09 16:30 - 2016-02-23 15:41 - 00299600 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-03-09 16:30 - 2016-02-23 15:11 - 00658784 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-03-09 16:30 - 2016-02-23 15:08 - 03622272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 16:30 - 2016-02-23 15:07 - 22322624 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-09 16:30 - 2016-02-23 14:23 - 00952968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-09 16:30 - 2016-02-23 14:11 - 00249976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-03-09 16:30 - 2016-02-23 13:39 - 02879024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 16:30 - 2016-02-23 13:38 - 20858360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-09 16:30 - 2016-02-23 13:16 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 16:30 - 2016-02-23 12:55 - 24592896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 16:30 - 2016-02-23 12:45 - 12504576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 16:30 - 2016-02-23 12:45 - 06788608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-09 16:30 - 2016-02-23 12:42 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-03-09 16:30 - 2016-02-23 12:38 - 02663424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-03-09 16:30 - 2016-02-23 12:14 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-03-09 16:30 - 2016-02-23 12:04 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2016-03-09 16:30 - 2016-02-23 12:03 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2016-03-09 16:30 - 2016-02-23 12:02 - 03587584 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-03-09 16:30 - 2016-02-23 11:55 - 19326464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 16:30 - 2016-02-23 11:55 - 14241792 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 16:30 - 2016-02-23 11:51 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll
2016-03-09 16:30 - 2016-02-23 11:51 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll
2016-03-09 16:30 - 2016-02-23 11:48 - 21859840 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-03-09 16:30 - 2016-02-23 11:48 - 05157376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 16:30 - 2016-02-23 11:46 - 00400384 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2016-03-09 16:30 - 2016-02-23 11:45 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-03-09 16:30 - 2016-02-23 11:45 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-03-09 16:30 - 2016-02-23 11:45 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-09 16:30 - 2016-02-23 11:44 - 01821696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-03-09 16:30 - 2016-02-23 11:38 - 07524864 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-03-09 16:30 - 2016-02-23 11:17 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2016-03-09 16:30 - 2016-02-23 11:11 - 12589056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 16:30 - 2016-02-23 11:03 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-03-09 16:30 - 2016-02-23 11:00 - 11263488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 16:30 - 2016-02-23 11:00 - 05457408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-03-09 16:30 - 2016-02-23 10:58 - 18800640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-03-09 16:29 - 2016-02-23 15:52 - 00858408 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-03-09 16:29 - 2016-02-23 15:51 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2016-03-09 16:29 - 2016-02-23 15:50 - 00630160 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-03-09 16:29 - 2016-02-23 15:48 - 08022368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 16:29 - 2016-02-23 15:48 - 01294352 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-03-09 16:29 - 2016-02-23 15:48 - 01123952 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-03-09 16:29 - 2016-02-23 15:41 - 01150816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 16:29 - 2016-02-23 15:41 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2016-03-09 16:29 - 2016-02-23 15:40 - 00110584 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2016-03-09 16:29 - 2016-02-23 15:38 - 00272752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2016-03-09 16:29 - 2016-02-23 15:36 - 00080128 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-03-09 16:29 - 2016-02-23 15:11 - 00781984 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 16:29 - 2016-02-23 15:11 - 00103776 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-03-09 16:29 - 2016-02-23 14:39 - 00607416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-03-09 16:29 - 2016-02-23 14:30 - 01643872 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-03-09 16:29 - 2016-02-23 14:25 - 01085632 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 16:29 - 2016-02-23 14:21 - 00529456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-03-09 16:29 - 2016-02-23 14:21 - 00141152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2016-03-09 16:29 - 2016-02-23 14:11 - 00073360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2016-03-09 16:29 - 2016-02-23 14:11 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2016-03-09 16:29 - 2016-02-23 14:09 - 00229352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2016-03-09 16:29 - 2016-02-23 14:06 - 00069232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-03-09 16:29 - 2016-02-23 13:58 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-03-09 16:29 - 2016-02-23 13:50 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-03-09 16:29 - 2016-02-23 13:50 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\NetCfgNotifyObjectHost.exe
2016-03-09 16:29 - 2016-02-23 13:42 - 00658536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 16:29 - 2016-02-23 13:42 - 00467296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-03-09 16:29 - 2016-02-23 13:42 - 00078176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-03-09 16:29 - 2016-02-23 13:35 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 16:29 - 2016-02-23 13:20 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-03-09 16:29 - 2016-02-23 13:17 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-03-09 16:29 - 2016-02-23 13:15 - 00539728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-03-09 16:29 - 2016-02-23 13:15 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 16:29 - 2016-02-23 12:59 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2016-03-09 16:29 - 2016-02-23 12:59 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-03-09 16:29 - 2016-02-23 12:57 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-03-09 16:29 - 2016-02-23 12:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 16:29 - 2016-02-23 12:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetCfgNotifyObjectHost.exe
2016-03-09 16:29 - 2016-02-23 12:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-03-09 16:29 - 2016-02-23 12:25 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 16:29 - 2016-02-23 12:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 16:29 - 2016-02-23 12:17 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-03-09 16:29 - 2016-02-23 12:17 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-03-09 16:29 - 2016-02-23 12:08 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-03-09 16:29 - 2016-02-23 12:03 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 16:29 - 2016-02-23 11:45 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 16:29 - 2016-02-23 11:29 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-03-09 16:29 - 2016-02-23 11:17 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-08 00:11 - 2016-03-08 00:35 - 1467934720 _____ C:\Users\Michal\Downloads\KRAL DROZDIA BRADA 1984 CZ.avi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-22 11:50 - 2015-10-02 15:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-22 11:27 - 2015-08-17 21:00 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-22 08:25 - 2015-12-26 21:43 - 00000000 ____D C:\Users\Michal\AppData\Local\MyComGames
2016-03-22 08:25 - 2015-08-17 21:07 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-03-22 08:25 - 2015-08-17 21:00 - 00000968 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-22 08:25 - 2015-08-17 20:35 - 00000000 ___RD C:\Users\Michal\OneDrive
2016-03-22 08:24 - 2015-08-17 20:36 - 00000000 __SHD C:\Users\Michal\IntelGraphicsProfiles
2016-03-22 08:23 - 2015-07-10 13:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-22 08:23 - 2015-07-10 10:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-22 01:46 - 2015-08-18 12:01 - 00083594 _____ C:\Windows\system32\perfh01B.dat
2016-03-22 01:46 - 2015-08-18 12:01 - 00025730 _____ C:\Windows\system32\perfc01B.dat
2016-03-22 01:46 - 2015-08-17 20:29 - 01018266 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-22 01:46 - 2015-07-10 12:02 - 00000000 ____D C:\Windows\INF
2016-03-22 01:40 - 2015-08-17 20:31 - 00000000 ____D C:\Users\Michal
2016-03-22 01:31 - 2015-10-14 19:37 - 00000000 ____D C:\Users\Michal\AppData\LocalLow\Temp
2016-03-22 01:31 - 2015-08-20 18:59 - 00000000 ____D C:\Users\Michal\AppData\Local\CrashDumps
2016-03-22 01:24 - 2015-08-17 20:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-19 17:20 - 2015-08-17 21:20 - 00000000 ____D C:\The KMPlayer
2016-03-19 17:03 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\AppReadiness
2016-03-18 15:08 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-15 14:30 - 2015-08-17 21:00 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-14 15:05 - 2015-08-17 21:32 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-14 14:52 - 2015-07-10 11:55 - 00000000 ____D C:\Windows\CbsTemp
2016-03-14 14:43 - 2015-08-17 20:31 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-14 14:41 - 2015-07-10 13:20 - 00348672 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-14 14:37 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-14 14:37 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-14 14:37 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-14 14:37 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-14 14:29 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\NDF
2016-03-09 21:27 - 2015-08-17 23:17 - 00000554 _____ C:\Users\Michal\AppData\Roaming\burnaware.ini
2016-03-09 16:10 - 2015-08-17 20:35 - 00002370 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-08 08:10 - 2015-10-04 07:32 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:10 - 2015-10-04 07:32 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-06 19:57 - 2015-09-14 13:26 - 00312056 _____ C:\Windows\system32\Drivers\EasyAntiCheat.sys
2016-03-06 19:57 - 2015-08-18 11:44 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-28 21:32 - 2015-08-17 21:17 - 00000000 ____D C:\Users\Michal\AppData\Roaming\vlc
==================== Files in the root of some directories =======
2015-08-17 23:17 - 2016-03-09 21:27 - 0000554 _____ () C:\Users\Michal\AppData\Roaming\burnaware.ini
2016-03-09 21:44 - 2016-03-09 21:44 - 0000040 _____ () C:\Users\Michal\AppData\Roaming\cdr.ini
2015-11-09 23:32 - 2015-11-09 23:32 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-08-17 20:39 - 2015-08-17 20:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-14 14:52
==================== End of FRST.txt ============================
Ran by Michal (administrator) on IZBA-NOTEBOOK (22-03-2016 11:54:03)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Platform: Windows 10 Education (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(MY.COM B.V.) C:\Users\Michal\AppData\Local\MyComGames\MyComGames.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\ProgramData\Boxtools\Toolbox.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.BingWeather_4.8.277.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_182.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3233976 2015-08-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Atheros Communications)
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [MyComGames] => C:\Users\Michal\AppData\Local\MyComGames\MyComGames.exe [4844912 2016-03-14] (MY.COM B.V.)
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
HKU\S-1-5-21-472273817-3362002235-3154087924-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31232 2015-07-10] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177600 2015-11-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155792 2015-11-16] (NVIDIA Corporation)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk [2016-03-22]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3b214fb8-3ec8-42e8-9ca9-c43bf144c8c7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9aeb10d4-95c4-4138-9a49-114db0e24005}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
FireFox:
========
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\6wk6y0xp.default
FF Homepage: www.google.sk
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-14] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-472273817-3362002235-3154087924-1001: @my.com/Games -> C:\Users\Michal\AppData\Local\MyComGames\NPMyComDetector.dll [2016-01-27] (MY.COM B.V.)
FF Extension: Unseen - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\6wk6y0xp.default\Extensions\unseen@tangrs.xpi [2015-11-17]
FF Extension: Video AdBlock for Firefox - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\6wk6y0xp.default\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-12-18] [not signed]
FF Extension: Adblock Plus - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\6wk6y0xp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-17]
CHR Extension: (Dokumenty Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-07]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-02-16]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07]
CHR Extension: (Google Search) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Tabuľky Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-17]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-17]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07]
CHR HKU\S-1-5-21-472273817-3362002235-3154087924-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1345056 2016-02-13] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-11-17] (BitRaider, LLC)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [236832 2015-10-02] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135352 2015-08-17] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-12] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-16] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-14] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-08-17] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [231520 2015-07-14] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-08-17] (Intel Corporation)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-11-16] (NVIDIA Corporation)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-22 10:44 - 2016-03-22 10:44 - 00016148 _____ C:\Windows\system32\IZBA-NOTEBOOK_Michal_HistoryPrediction.bin
2016-03-22 08:28 - 2016-03-22 08:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2016-03-22 01:29 - 2016-03-22 01:29 - 00000000 _____ C:\Users\Michal\Desktop\Nový textový dokument.txt
2016-03-22 01:20 - 2016-03-22 08:22 - 00000000 ____D C:\AdwCleaner
2016-03-22 01:19 - 2016-03-22 01:20 - 01530368 _____ C:\Users\Michal\Desktop\adwcleaner_5.105.exe
2016-03-22 01:13 - 2016-03-22 01:13 - 00000472 _____ C:\Users\Michal\Downloads\FixList.zip
2016-03-22 01:13 - 2016-03-22 01:13 - 00000000 ____D C:\Users\Michal\Downloads\FixList
2016-03-22 00:54 - 2016-03-22 11:54 - 00016745 _____ C:\Users\Michal\Desktop\FRST.txt
2016-03-22 00:54 - 2016-03-22 11:54 - 00000000 ____D C:\FRST
2016-03-22 00:52 - 2016-03-22 00:54 - 02374144 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2016-03-22 00:30 - 2016-03-22 00:30 - 00000000 ____D C:\Users\Michal\Documents\SimCity
2016-03-22 00:29 - 2016-03-22 00:29 - 02352060 _____ C:\Users\Michal\Downloads\Simcity crack.zip.part
2016-03-22 00:29 - 2016-03-22 00:29 - 00235632 _____ C:\Users\Michal\Downloads\SIMCITY DIGITAL DELUXE EDITION-REPACK Last Crack January 10, 2016.rar
2016-03-22 00:29 - 2016-03-22 00:29 - 00000000 ____D C:\Users\Michal\Downloads\SIMCITY DIGITAL DELUXE EDITION-REPACK Last Crack January 10, 2016
2016-03-22 00:27 - 2016-03-22 00:27 - 05226018 _____ C:\Users\Michal\Downloads\SimCity crack.rar
2016-03-22 00:25 - 2016-03-22 00:25 - 00000000 ____D C:\Users\Michal\AppData\Roaming\SimCity
2016-03-22 00:25 - 2016-03-22 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-03-22 00:25 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-03-22 00:25 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-03-22 00:17 - 2016-03-22 00:17 - 00000000 ____D C:\Users\Michal\Downloads\SimCity 5 + všechny DLC (2013) (CZ)
2016-03-21 22:48 - 2016-03-22 00:15 - 2086666240 _____ C:\Users\Michal\Downloads\SimCity 5 + všechny DLC (2013) (CZ).part1.rar
2016-03-21 22:48 - 2016-03-21 23:02 - 380974438 _____ C:\Users\Michal\Downloads\SimCity 5 + všechny DLC (2013) (CZ).part2.rar
2016-03-19 17:06 - 2016-03-19 17:18 - 1305222440 _____ C:\Users\Michal\Downloads\PROKLETY OSTROV (SHUTTER ISLAND) 2010 DVDRip CZ DABING.AVI
2016-03-19 10:38 - 2016-03-19 10:57 - 2047688704 _____ C:\Users\Michal\Downloads\Atlas mraků - Cloud Atlas (2012) CZ dabing.avi
2016-03-19 09:20 - 2016-03-22 01:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-17 20:20 - 2016-03-17 20:40 - 1754363904 _____ C:\Users\Michal\Downloads\Zelvy Ninja_TMNT Korytnacky (2014) BDRip CZ.avi
2016-03-15 14:27 - 2016-03-15 14:27 - 00000000 ___HD C:\OneDriveTemp
2016-03-14 21:36 - 2016-03-14 21:36 - 00000000 ____D C:\Users\Michal\Downloads\Orava-2016
2016-03-14 19:56 - 2016-03-14 21:35 - 1353886826 _____ C:\Users\Michal\Downloads\Orava-2016.rar
2016-03-10 19:53 - 2016-03-10 19:53 - 00000000 ____D C:\Users\Michal\AppData\LocalLow\KMPlayer
2016-03-09 21:44 - 2016-03-22 08:55 - 00000000 ____D C:\ProgramData\Boxtools
2016-03-09 21:44 - 2016-03-09 21:44 - 03668504 _____ (Boxoft Solution ) C:\Users\Michal\Downloads\setup(free-flac-to-mp3).exe
2016-03-09 21:44 - 2016-03-09 21:44 - 00001122 _____ C:\Users\Michal\Desktop\Boxoft Flac to MP3 (freeware).lnk
2016-03-09 21:44 - 2016-03-09 21:44 - 00000040 _____ C:\Users\Michal\AppData\Roaming\cdr.ini
2016-03-09 21:44 - 2016-03-09 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boxoft Flac to MP3 (freeware)
2016-03-09 21:44 - 2016-03-09 21:44 - 00000000 ____D C:\Program Files (x86)\Boxoft Flac to MP3 (freeware)
2016-03-09 21:44 - 2010-12-06 09:53 - 00756736 _____ (hxxp://www.mp3dev.org/) C:\Windows\SysWOW64\LameACM.acm
2016-03-09 21:44 - 2010-12-06 09:53 - 00000401 _____ C:\Windows\SysWOW64\lame_acm.xml
2016-03-09 21:23 - 2016-03-09 21:25 - 03500834 _____ C:\Users\Michal\Downloads\4 Non Blondes - What's Up (mp3goo.com).mp3.part
2016-03-09 17:27 - 2016-03-09 18:54 - 868170700 _____ C:\Users\Michal\Downloads\Co.jsme.komu.udelali.2014.108p.BDRip.XViD.AC3.CZ.dabing.avi.part
2016-03-09 16:30 - 2016-02-23 15:53 - 01314496 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-09 16:30 - 2016-02-23 15:51 - 00633184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-03-09 16:30 - 2016-02-23 15:41 - 00299600 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-03-09 16:30 - 2016-02-23 15:11 - 00658784 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-03-09 16:30 - 2016-02-23 15:08 - 03622272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 16:30 - 2016-02-23 15:07 - 22322624 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-09 16:30 - 2016-02-23 14:23 - 00952968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-09 16:30 - 2016-02-23 14:11 - 00249976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-03-09 16:30 - 2016-02-23 13:39 - 02879024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 16:30 - 2016-02-23 13:38 - 20858360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-09 16:30 - 2016-02-23 13:16 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 16:30 - 2016-02-23 12:55 - 24592896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 16:30 - 2016-02-23 12:45 - 12504576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 16:30 - 2016-02-23 12:45 - 06788608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-09 16:30 - 2016-02-23 12:42 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-03-09 16:30 - 2016-02-23 12:38 - 02663424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-03-09 16:30 - 2016-02-23 12:14 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-03-09 16:30 - 2016-02-23 12:04 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2016-03-09 16:30 - 2016-02-23 12:03 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2016-03-09 16:30 - 2016-02-23 12:02 - 03587584 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-03-09 16:30 - 2016-02-23 11:55 - 19326464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 16:30 - 2016-02-23 11:55 - 14241792 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 16:30 - 2016-02-23 11:51 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll
2016-03-09 16:30 - 2016-02-23 11:51 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll
2016-03-09 16:30 - 2016-02-23 11:48 - 21859840 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-03-09 16:30 - 2016-02-23 11:48 - 05157376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 16:30 - 2016-02-23 11:46 - 00400384 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2016-03-09 16:30 - 2016-02-23 11:45 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-03-09 16:30 - 2016-02-23 11:45 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-03-09 16:30 - 2016-02-23 11:45 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-09 16:30 - 2016-02-23 11:44 - 01821696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-03-09 16:30 - 2016-02-23 11:38 - 07524864 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-03-09 16:30 - 2016-02-23 11:17 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2016-03-09 16:30 - 2016-02-23 11:11 - 12589056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 16:30 - 2016-02-23 11:03 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-03-09 16:30 - 2016-02-23 11:00 - 11263488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 16:30 - 2016-02-23 11:00 - 05457408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-03-09 16:30 - 2016-02-23 10:58 - 18800640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-03-09 16:29 - 2016-02-23 15:52 - 00858408 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-03-09 16:29 - 2016-02-23 15:51 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2016-03-09 16:29 - 2016-02-23 15:50 - 00630160 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-03-09 16:29 - 2016-02-23 15:48 - 08022368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 16:29 - 2016-02-23 15:48 - 01294352 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-03-09 16:29 - 2016-02-23 15:48 - 01123952 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-03-09 16:29 - 2016-02-23 15:41 - 01150816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 16:29 - 2016-02-23 15:41 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2016-03-09 16:29 - 2016-02-23 15:40 - 00110584 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2016-03-09 16:29 - 2016-02-23 15:38 - 00272752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2016-03-09 16:29 - 2016-02-23 15:36 - 00080128 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-03-09 16:29 - 2016-02-23 15:11 - 00781984 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 16:29 - 2016-02-23 15:11 - 00103776 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-03-09 16:29 - 2016-02-23 14:39 - 00607416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-03-09 16:29 - 2016-02-23 14:30 - 01643872 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-03-09 16:29 - 2016-02-23 14:25 - 01085632 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 16:29 - 2016-02-23 14:21 - 00529456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-03-09 16:29 - 2016-02-23 14:21 - 00141152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2016-03-09 16:29 - 2016-02-23 14:11 - 00073360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2016-03-09 16:29 - 2016-02-23 14:11 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2016-03-09 16:29 - 2016-02-23 14:09 - 00229352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2016-03-09 16:29 - 2016-02-23 14:06 - 00069232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-03-09 16:29 - 2016-02-23 13:58 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-03-09 16:29 - 2016-02-23 13:50 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-03-09 16:29 - 2016-02-23 13:50 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\NetCfgNotifyObjectHost.exe
2016-03-09 16:29 - 2016-02-23 13:42 - 00658536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 16:29 - 2016-02-23 13:42 - 00467296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-03-09 16:29 - 2016-02-23 13:42 - 00078176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-03-09 16:29 - 2016-02-23 13:35 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 16:29 - 2016-02-23 13:20 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-03-09 16:29 - 2016-02-23 13:17 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-03-09 16:29 - 2016-02-23 13:15 - 00539728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-03-09 16:29 - 2016-02-23 13:15 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 16:29 - 2016-02-23 12:59 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2016-03-09 16:29 - 2016-02-23 12:59 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-03-09 16:29 - 2016-02-23 12:57 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-03-09 16:29 - 2016-02-23 12:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 16:29 - 2016-02-23 12:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetCfgNotifyObjectHost.exe
2016-03-09 16:29 - 2016-02-23 12:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-03-09 16:29 - 2016-02-23 12:25 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 16:29 - 2016-02-23 12:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 16:29 - 2016-02-23 12:17 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-03-09 16:29 - 2016-02-23 12:17 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-03-09 16:29 - 2016-02-23 12:08 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-03-09 16:29 - 2016-02-23 12:03 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 16:29 - 2016-02-23 11:45 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 16:29 - 2016-02-23 11:29 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-03-09 16:29 - 2016-02-23 11:17 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-08 00:11 - 2016-03-08 00:35 - 1467934720 _____ C:\Users\Michal\Downloads\KRAL DROZDIA BRADA 1984 CZ.avi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-22 11:50 - 2015-10-02 15:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-22 11:27 - 2015-08-17 21:00 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-22 08:25 - 2015-12-26 21:43 - 00000000 ____D C:\Users\Michal\AppData\Local\MyComGames
2016-03-22 08:25 - 2015-08-17 21:07 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-03-22 08:25 - 2015-08-17 21:00 - 00000968 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-22 08:25 - 2015-08-17 20:35 - 00000000 ___RD C:\Users\Michal\OneDrive
2016-03-22 08:24 - 2015-08-17 20:36 - 00000000 __SHD C:\Users\Michal\IntelGraphicsProfiles
2016-03-22 08:23 - 2015-07-10 13:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-22 08:23 - 2015-07-10 10:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-22 01:46 - 2015-08-18 12:01 - 00083594 _____ C:\Windows\system32\perfh01B.dat
2016-03-22 01:46 - 2015-08-18 12:01 - 00025730 _____ C:\Windows\system32\perfc01B.dat
2016-03-22 01:46 - 2015-08-17 20:29 - 01018266 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-22 01:46 - 2015-07-10 12:02 - 00000000 ____D C:\Windows\INF
2016-03-22 01:40 - 2015-08-17 20:31 - 00000000 ____D C:\Users\Michal
2016-03-22 01:31 - 2015-10-14 19:37 - 00000000 ____D C:\Users\Michal\AppData\LocalLow\Temp
2016-03-22 01:31 - 2015-08-20 18:59 - 00000000 ____D C:\Users\Michal\AppData\Local\CrashDumps
2016-03-22 01:24 - 2015-08-17 20:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-19 17:20 - 2015-08-17 21:20 - 00000000 ____D C:\The KMPlayer
2016-03-19 17:03 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\AppReadiness
2016-03-18 15:08 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-15 14:30 - 2015-08-17 21:00 - 00002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-14 15:05 - 2015-08-17 21:32 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-14 14:52 - 2015-07-10 11:55 - 00000000 ____D C:\Windows\CbsTemp
2016-03-14 14:43 - 2015-08-17 20:31 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-14 14:41 - 2015-07-10 13:20 - 00348672 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-14 14:37 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-14 14:37 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-14 14:37 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-14 14:37 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-14 14:29 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\NDF
2016-03-09 21:27 - 2015-08-17 23:17 - 00000554 _____ C:\Users\Michal\AppData\Roaming\burnaware.ini
2016-03-09 16:10 - 2015-08-17 20:35 - 00002370 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-08 08:10 - 2015-10-04 07:32 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:10 - 2015-10-04 07:32 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-06 19:57 - 2015-09-14 13:26 - 00312056 _____ C:\Windows\system32\Drivers\EasyAntiCheat.sys
2016-03-06 19:57 - 2015-08-18 11:44 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-28 21:32 - 2015-08-17 21:17 - 00000000 ____D C:\Users\Michal\AppData\Roaming\vlc
==================== Files in the root of some directories =======
2015-08-17 23:17 - 2016-03-09 21:27 - 0000554 _____ () C:\Users\Michal\AppData\Roaming\burnaware.ini
2016-03-09 21:44 - 2016-03-09 21:44 - 0000040 _____ () C:\Users\Michal\AppData\Roaming\cdr.ini
2015-11-09 23:32 - 2015-11-09 23:32 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-08-17 20:39 - 2015-08-17 20:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-14 14:52
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (8.38 KiB) Staženo 64 x
Re: Problem s winnet32b, conhost32
Mate vypnutou funkci bodu obnoveni - velice doporucuji tuto funkci zapnout.
- Kliknete pravym na Tento pocitac -> Vlastnosti -> Upresnit nastaveni systemu -> nahore zalozka Ochrana systemu -> Konfigurovat -> vyberte Obnovit nastaveni systemu a predchozi verze souboru a ulozte klikem na Pouzit.
- Pokud si chcete hrat s velikosti mista na disku, ktere je vyuzito body obnoveni, nedoporucuji tuto hranici snizovat pod 1 GB. Pokud mate mista na disku dost, ponechte defaultni 3-5% vyuziti disku.
Aktualizujte ESET Smart Security na aktualni verzi 9 (mate 8.0). Jinak si myslim, ze je pocitac cisty.- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Problem s winnet32b, conhost32
ďakujem veľmi za pomoc 
Re: Problem s winnet32b, conhost32
Nemate zac, rad jsem pomohl 
Mejte se krasne a treba zase nekdy
Mejte se krasne a treba zase nekdy
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?