Kód: Vybrat vše
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2016
Ran by Freerider (administrator) on FREERIDER-PC (05-06-2016 12:50:42)
Running from C:\Users\Freerider\Desktop
Loaded Profiles: Freerider & UpdatusUser (Available Profiles: Freerider & UpdatusUser & Classic .NET AppPool & DefaultAppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows\WER\wermgr.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe
(forum.viry.cz) C:\Users\Freerider\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-08-16] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [698712 2013-02-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2727568 2016-01-29] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-30] (SlySoft, Inc.)
HKLM-x32\...\Run: [wermgr] => C:\ProgramData\Microsoft\Windows\WER\wermgr.exe [6786560 2015-01-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-07] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-07] (Acronis)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk [2016-02-21]
ShortcutTarget: Dell System Manager.lnk -> C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe (Dell Inc.)
Startup: C:\Users\Freerider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-05-08]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1 192.168.0.1
Tcpip\..\Interfaces\{245DB6AB-B2FF-4780-8706-2B647C90DB86}: [DhcpNameServer] 192.168.50.1 192.168.0.1
Tcpip\..\Interfaces\{42529813-341E-41E9-A485-4EED32048929}: [DhcpNameServer] 192.168.50.1 192.168.0.1
Tcpip\..\Interfaces\{88154AED-AA65-4AD3-A39D-2147F91873DD}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{F6744DE0-B6F3-43F0-A204-2A273F988B83}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-670735467-1812237546-1025010430-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-670735467-1812237546-1025010430-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-05-26] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-05-26] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-05-26] (Microsoft Corporation)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16] ()
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-05-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-15] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-05-26] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-15] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Freerider\AppData\Roaming\Mozilla\Firefox\Profiles\dwgkbtnp.default
FF NetworkProxy: "http", "217.20.83.130"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-26] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-26] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-05-26] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-26] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-02-26] (Adobe Systems Inc.)
FF Extension: colorPicker - C:\Users\Freerider\AppData\Roaming\Mozilla\Firefox\Profiles\dwgkbtnp.default\Extensions\colorPicker@colorPicker.xpi [2016-04-27]
FF Extension: Firebug - C:\Users\Freerider\AppData\Roaming\Mozilla\Firefox\Profiles\dwgkbtnp.default\Extensions\firebug@software.joehewitt.com.xpi [2016-03-31]
FF Extension: Adblock Plus - C:\Users\Freerider\AppData\Roaming\Mozilla\Firefox\Profiles\dwgkbtnp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2945792 2016-05-26] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-05-16] (SurfRight B.V.)
R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-21] (Microsoft Corporation)
R2 NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [6237800 2010-04-30] ()
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2701880 2016-01-29] ()
S3 ose64; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [242224 2016-05-25] (Microsoft Corporation) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-21] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12465344 2015-08-14] ()
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-12-18] ()
S3 ampa; C:\Windows\SysWOW64\ampa.sys [17008 2013-12-18] ()
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [48464 2015-06-29] (Dell Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-05-30] ()
S2 HOSTNT; C:\Windows\SysWow64\Drivers\HOSTNT.sys [4032 2016-03-30] () [File not signed]
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-05-04] (Intel Corporation)
S4 RsFx0310; C:\Windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-21] (Microsoft Corporation)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2012-05-21] (STMicroelectronics)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2016-04-02] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2016-04-02] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2016-04-02] (Acronis International GmbH)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31936 2015-08-14] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-08-04] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-05 12:50 - 2016-06-05 12:50 - 00019226 _____ C:\Users\Freerider\Desktop\FRST.txt
2016-06-05 11:15 - 2016-06-05 11:15 - 03677248 _____ C:\Users\Freerider\Desktop\adwcleaner_5.119.exe
2016-06-05 02:39 - 2016-06-05 02:39 - 00605200 _____ C:\Users\Freerider\Downloads\Files.zip
2016-06-05 02:39 - 2012-08-06 00:45 - 00311296 _____ (Apple Inc.) C:\Users\Freerider\Desktop\qtmlclient.dll
2016-06-05 02:39 - 2007-06-28 04:07 - 01085440 _____ (Apple Inc.) C:\Users\Freerider\Desktop\iTunesMobileDevice.dll
2016-06-05 02:37 - 2016-06-05 02:38 - 00000074 _____ C:\Users\Freerider\Desktop\RecBoot.txt
2016-06-05 02:37 - 2016-06-05 02:37 - 00480165 _____ C:\Users\Freerider\Downloads\RecBoot-1.3-WIN.zip
2016-06-05 02:37 - 2010-09-01 19:08 - 00203776 _____ C:\Users\Freerider\Desktop\RecBoot.exe
2016-06-05 02:37 - 2010-08-31 17:54 - 00147968 _____ (Travis Robinson) C:\Users\Freerider\Desktop\LibUsbDotNet.dll
2016-06-05 02:35 - 2016-06-05 02:35 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-05 02:35 - 2016-06-05 02:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-05 02:35 - 2016-06-05 02:35 - 00000000 ____D C:\Program Files\iTunes
2016-06-05 02:35 - 2016-06-05 02:35 - 00000000 ____D C:\Program Files\iPod
2016-06-05 02:35 - 2016-06-05 02:35 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-06-05 02:33 - 2016-06-05 02:34 - 35836296 _____ (Wondershare Software Co.,Ltd. ) C:\Users\Freerider\Downloads\iphone-data-recovery.exe
2016-06-05 02:27 - 2016-06-05 02:31 - 170473288 _____ (Apple Inc.) C:\Users\Freerider\Downloads\iTunes6464Setup.exe
2016-06-05 00:27 - 2016-06-05 00:27 - 00010507 _____ C:\Users\Freerider\Desktop\Addition.rar
2016-06-05 00:22 - 2016-06-05 00:22 - 00112640 _____ (forum.viry.cz) C:\Users\Freerider\Desktop\FRSTLauncher.exe
2016-06-05 00:20 - 2016-06-05 12:46 - 00000000 ____D C:\FRST
2016-06-05 00:20 - 2016-06-05 00:20 - 02384384 _____ (Farbar) C:\Users\Freerider\Desktop\FRST64.exe
2016-06-04 18:29 - 2016-06-04 18:29 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-06-04 18:20 - 2016-06-04 18:20 - 00388608 _____ (Trend Micro Inc.) C:\Users\Freerider\Downloads\HijackThis.exe
2016-06-02 23:34 - 2016-06-02 23:34 - 00000000 ____D C:\8b871e8165aa39ad1aba55cd
2016-06-02 10:54 - 2016-06-02 10:54 - 00000000 ____D C:\TempProjekty
2016-06-02 10:53 - 2016-06-02 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2016-06-02 10:53 - 2016-06-02 10:53 - 00000000 ____D C:\Program Files\WinHTTrack
2016-06-02 10:25 - 2016-06-02 10:25 - 00827418 _____ C:\Users\Freerider\Downloads\zaverecna_prace.pdf
2016-05-31 20:22 - 2016-05-31 20:22 - 00000000 ____D C:\Users\Freerider\AppData\Roaming\iFunbox_UserCache
2016-05-31 20:22 - 2015-02-10 21:31 - 00000000 ____D C:\Users\Freerider\Desktop\ifunbox_classic
2016-05-31 07:51 - 2016-05-31 07:52 - 03933749 _____ C:\Users\Freerider\Downloads\ifunbox_classic.zip
2016-05-30 23:55 - 2016-05-30 23:55 - 00034585 _____ C:\ComboFix.txt
2016-05-30 23:46 - 2016-05-30 23:55 - 00000000 ____D C:\Qoobox
2016-05-30 23:46 - 2016-05-30 23:55 - 00000000 ____D C:\ComboFix
2016-05-30 23:46 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2016-05-30 23:46 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2016-05-30 23:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-05-30 23:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-05-30 23:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-05-30 23:46 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2016-05-30 23:46 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2016-05-30 23:46 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2016-05-30 23:45 - 2016-06-05 11:17 - 00000000 ____D C:\AdwCleaner
2016-05-30 23:45 - 2016-05-30 23:54 - 00000000 ____D C:\Windows\erdnt
2016-05-30 23:44 - 2016-05-30 23:45 - 05659529 ____R (Swearware) C:\Users\Freerider\Desktop\ComboFix.exe
2016-05-30 23:42 - 2016-05-30 23:42 - 03677248 _____ C:\Users\Freerider\Downloads\AdwCleaner.exe
2016-05-30 23:41 - 2016-05-30 23:47 - 00000000 ____D C:\Users\Freerider\AppData\Local\CrashDumps
2016-05-30 22:28 - 2016-05-30 22:28 - 00000000 _____ C:\autoexec.bat
2016-05-30 22:23 - 2016-05-30 22:23 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-05-30 22:22 - 2016-05-30 22:22 - 03482800 _____ (Enigma Software Group USA, LLC.) C:\Users\Freerider\Downloads\SpyHunter-Installer.exe
2016-05-30 21:56 - 2016-05-30 21:56 - 00000000 ____D C:\Users\Freerider\AppData\Local\pangu
2016-05-30 21:52 - 2016-05-30 21:52 - 02535424 _____ () C:\Users\Freerider\Desktop\tinyumbrella_windows-x64_8_2_0_60_InstalledJRE.exe
2016-05-30 16:29 - 2016-05-30 16:29 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-05-30 16:28 - 2016-05-30 18:23 - 00000000 ____D C:\ProgramData\RogueKiller
2016-05-30 16:26 - 2016-05-30 16:27 - 24125512 _____ C:\Users\Freerider\Desktop\RogueKillerX64.exe
2016-05-30 16:26 - 2016-05-30 16:26 - 01610816 _____ (Malwarebytes) C:\Users\Freerider\Desktop\JRT.exe
2016-05-23 19:18 - 2016-05-23 19:18 - 00000088 _____ C:\Users\Freerider\Downloads\ProScout97-Link-Password.txt
2016-05-23 18:47 - 2016-05-23 18:47 - 00147323 _____ C:\Users\Freerider\Downloads\Gr3eNoX-Exploit-Scanner-V1.1.rar
2016-05-23 18:47 - 2012-06-14 20:54 - 00000000 ____D C:\Users\Freerider\Downloads\Gr3eNoX Exploit Scanner V1.1
2016-05-23 18:45 - 2016-05-23 19:02 - 00000000 ____D C:\Users\Freerider\Downloads\kali-linux-light-2016.1-amd64
2016-05-18 07:37 - 2016-05-18 07:39 - 00000000 ____D C:\Users\Freerider\Desktop\HDDScan-3.3
2016-05-18 07:37 - 2016-05-18 07:37 - 03822364 _____ C:\Users\Freerider\Downloads\HDDScan-3.3.zip
2016-05-17 21:49 - 2016-05-17 21:50 - 00001024 ____H C:\AMTAG.BIN
2016-05-17 21:49 - 2015-09-24 17:57 - 01817712 _____ C:\Windows\ampa.exe
2016-05-17 21:49 - 2013-12-18 12:33 - 00017008 _____ C:\Windows\SysWOW64\ampa.sys
2016-05-17 21:49 - 2013-12-18 12:33 - 00017008 _____ C:\Windows\system32\ampa.sys
2016-05-17 21:48 - 2016-05-17 21:50 - 00000000 ____D C:\Users\Freerider\Downloads\AOMEI Partition Assistant Pro Edition 5.8 portable
2016-05-17 21:44 - 2016-05-17 21:44 - 12776382 _____ C:\Users\Freerider\Downloads\AOMEI-Partition-Assistant-Pro-Edition-5.8-portable.rar
2016-05-17 00:24 - 2016-05-17 00:24 - 00001085 _____ C:\Users\Freerider\Desktop\Cheat Engine.lnk
2016-05-17 00:24 - 2016-05-17 00:24 - 00000000 ____D C:\Users\Freerider\Documents\My Cheat Tables
2016-05-17 00:24 - 2016-05-17 00:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2016-05-17 00:24 - 2016-05-17 00:24 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.4
2016-05-16 22:08 - 2016-05-16 22:09 - 09056424 _____ (Cheat Engine ) C:\Users\Freerider\Downloads\CheatEngine64.exe
2016-05-16 21:26 - 2016-05-16 21:26 - 00006942 _____ C:\Users\Freerider\Desktop\JRT.txt
2016-05-16 21:23 - 2016-05-16 21:23 - 01610816 _____ (Malwarebytes) C:\Users\Freerider\Downloads\JRT.exe
2016-05-16 19:18 - 2016-05-17 07:19 - 00000000 ___RD C:\ESD
2016-05-16 19:14 - 2016-05-16 19:14 - 01483336 _____ (Microsoft Corporation) C:\Users\Freerider\Downloads\mediacreationtool.exe
2016-05-15 22:08 - 2016-05-15 22:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-15 22:05 - 2016-05-15 22:05 - 22851472 _____ (Malwarebytes ) C:\Users\Freerider\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-15 21:59 - 2016-05-15 21:59 - 00001893 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-05-15 21:59 - 2016-05-15 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-05-15 21:59 - 2016-05-15 21:59 - 00000000 ____D C:\Program Files\HitmanPro
2016-05-15 21:57 - 2016-05-15 21:59 - 00000000 ____D C:\Users\Freerider\Downloads\HitmanPro.3.7.14
2016-05-15 21:50 - 2016-05-15 21:50 - 12977923 _____ C:\Users\Freerider\Downloads\HitmanPro 3.7.14 Build 263 Final + Patch.rar
2016-05-15 21:48 - 2016-05-15 21:48 - 11438608 _____ (SurfRight B.V.) C:\Users\Freerider\Downloads\hitmanpro_x64.exe
2016-05-15 16:11 - 2016-05-15 16:14 - 110867232 _____ (Bitnami) C:\Users\Freerider\Downloads\xampp-win32-5.5.35-0-VC11-installer.exe
2016-05-15 14:42 - 2016-05-15 14:42 - 00000845 _____ C:\Users\Freerider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-05-15 14:42 - 2016-05-15 14:42 - 00000797 _____ C:\Users\Freerider\Desktop\Start Tor Browser.lnk
2016-05-15 14:39 - 2016-05-15 14:41 - 43833160 _____ C:\Users\Freerider\Downloads\torbrowser-install-5.5.5_en-US.exe
2016-05-14 19:14 - 2016-05-14 19:14 - 00000634 _____ C:\Users\Freerider\default-soapui-workspace.xml
2016-05-14 19:13 - 2016-05-14 19:14 - 00600163 _____ C:\Users\Freerider\Documents\gsxws2-apple-soapui-project.xml
2016-05-14 19:13 - 2016-05-14 19:13 - 00002791 _____ C:\Users\Freerider\soapui-settings.xml
2016-05-14 15:22 - 2016-05-14 15:22 - 00000000 ____D C:\Users\Freerider\soapUI-Tutorials
2016-05-14 15:22 - 2016-05-14 15:22 - 00000000 ____D C:\Users\Freerider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartBear
2016-05-14 15:21 - 2016-05-14 15:21 - 00000000 ____D C:\Program Files\SmartBear
2016-05-14 15:13 - 2016-05-14 15:21 - 144986609 _____ C:\Users\Freerider\Downloads\openlogic-soapui-4.5.2-windows-amd64-bin-2.zip
2016-05-14 11:39 - 2016-05-14 11:39 - 00003038 _____ C:\Windows\System32\Tasks\{E4BA5613-F60B-428D-BC40-F7FD8EB5693F}
2016-05-14 11:37 - 2016-05-14 11:37 - 00000000 ____D C:\Users\Freerider\AppData\Roaming\Myanmar Online Family
2016-05-14 11:37 - 2016-05-14 11:37 - 00000000 ____D C:\ProgramData\Caphyon
2016-05-13 21:50 - 2016-06-02 09:47 - 00000000 ____D C:\Users\Freerider\AppData\Roaming\Apple Computer
2016-05-13 21:50 - 2016-05-13 21:50 - 00000000 ____D C:\Users\Freerider\AppData\Local\Apple Computer
2016-05-13 21:50 - 2016-05-13 21:50 - 00000000 ____D C:\Users\Freerider\AppData\Local\Apple
2016-05-13 21:50 - 2016-05-13 21:50 - 00000000 ____D C:\ProgramData\Apple Computer
2016-05-13 21:49 - 2016-06-05 02:35 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-13 21:49 - 2016-05-13 21:49 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-05-13 21:49 - 2016-05-13 21:49 - 00000000 ____D C:\Program Files\Bonjour
2016-05-13 21:49 - 2016-05-13 21:49 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-05-13 21:49 - 2016-05-13 21:49 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-05-13 21:28 - 2016-06-02 10:41 - 00000000 ____D C:\Users\Freerider\Downloads\apple
2016-05-12 11:58 - 2016-05-12 11:58 - 00026427 _____ C:\Users\Freerider\Downloads\pq58884_created.svg
2016-05-11 18:25 - 2016-06-05 12:30 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1aba1b05ad442.job
2016-05-11 18:25 - 2016-06-05 11:18 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1aba1b03ff8dd.job
2016-05-11 18:25 - 2016-05-11 18:25 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d1aba1b05ad442
2016-05-11 18:25 - 2016-05-11 18:25 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d1aba1b03ff8dd
2016-05-10 07:54 - 2016-05-10 07:54 - 01844649 _____ C:\Users\Freerider\Downloads\NodLogin64bits.rar
2016-05-08 21:22 - 2016-05-08 21:22 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2016-05-08 21:22 - 2016-05-08 21:22 - 00002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy 2016.lnk
2016-05-08 21:22 - 2016-05-08 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2016-05-08 21:13 - 2016-05-08 21:13 - 00000000 ____D C:\Users\Freerider\Documents\OneNote Notebooks
2016-05-08 21:12 - 2016-05-08 21:12 - 00000000 ___SD C:\Users\Freerider\Documents\My Shapes
2016-05-08 21:07 - 2016-05-08 21:22 - 00002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio 2016.lnk
2016-05-08 21:07 - 2016-05-08 21:22 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-05-08 21:07 - 2016-05-08 21:22 - 00002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-05-08 21:07 - 2016-05-08 21:22 - 00002186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 2016.lnk
2016-05-08 21:07 - 2016-05-08 21:22 - 00002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-05-08 21:07 - 2016-05-08 21:22 - 00002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-05-08 21:07 - 2016-05-08 21:22 - 00002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-05-08 21:07 - 2016-05-08 21:22 - 00002102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-05-08 21:07 - 2016-05-08 21:22 - 00002100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-05-08 21:04 - 2016-06-04 18:27 - 00000000 ____D C:\Program Files\Microsoft Office
2016-05-08 21:04 - 2016-05-08 21:04 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-05-08 21:01 - 2016-05-08 21:01 - 00000000 ____D C:\Users\Freerider\Downloads\Microsoft Office 2016 Professional Plus 16.0.4229.1023 RTM
2016-05-08 20:36 - 2016-05-08 20:38 - 00000000 ____D C:\totalcmd
2016-05-08 20:36 - 2016-05-08 20:36 - 03722264 _____ (Ghisler Software GmbH) C:\Users\Freerider\Downloads\tcm851x32.exe
2016-05-08 20:36 - 2016-05-08 20:36 - 00000632 _____ C:\Users\Freerider\Desktop\Total Commander.lnk
2016-05-08 20:36 - 2016-05-08 20:36 - 00000000 ____D C:\Users\Freerider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2016-05-08 20:36 - 2016-05-08 20:36 - 00000000 ____D C:\Users\Freerider\AppData\Roaming\GHISLER
2016-05-08 20:36 - 2014-04-23 08:51 - 00000545 _____ C:\Windows\UC.PIF
2016-05-08 20:36 - 2014-04-23 08:51 - 00000545 _____ C:\Windows\RAR.PIF
2016-05-08 20:36 - 2014-04-23 08:51 - 00000545 _____ C:\Windows\PKZIP.PIF
2016-05-08 20:36 - 2014-04-23 08:51 - 00000545 _____ C:\Windows\PKUNZIP.PIF
2016-05-08 20:36 - 2014-04-23 08:51 - 00000545 _____ C:\Windows\LHA.PIF
2016-05-08 20:36 - 2014-04-23 08:51 - 00000545 _____ C:\Windows\ARJ.PIF
2016-05-08 20:09 - 2016-05-29 22:38 - 00000000 ____D C:\Users\Freerider\Documents\Barvinek
2016-05-08 19:08 - 2016-05-08 19:08 - 01010447 _____ C:\Users\Freerider\Downloads\O15CTRRemove.diagcab
2016-05-07 20:42 - 2016-05-08 22:57 - 00000000 ___RD C:\Users\Freerider\Documents\Scanned Documents
2016-05-07 20:42 - 2016-05-07 20:42 - 00000000 ____D C:\Users\Freerider\Documents\Fax
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-05 11:26 - 2009-07-14 06:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-05 11:26 - 2009-07-14 06:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-05 11:23 - 2011-04-12 10:34 - 00839902 _____ C:\Windows\system32\perfh005.dat
2016-06-05 11:23 - 2011-04-12 10:34 - 00211490 _____ C:\Windows\system32\perfc005.dat
2016-06-05 11:23 - 2009-07-14 07:13 - 02068830 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-05 11:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-05 11:18 - 2016-02-16 01:47 - 00000000 ____D C:\ProgramData\VMware
2016-06-05 11:18 - 2016-01-17 23:31 - 00000000 ____D C:\Users\UpdatusUser
2016-06-05 11:18 - 2016-01-05 02:17 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-05 11:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-05 11:17 - 2016-01-05 00:13 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-04 18:29 - 2016-01-06 00:50 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-04 18:29 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-06-03 07:35 - 2016-02-20 00:28 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-02 10:15 - 2016-01-05 02:07 - 00000000 ____D C:\Users\Freerider\AppData\Local\Apps\2.0
2016-06-02 09:37 - 2016-02-16 01:49 - 00000000 ____D C:\Users\Freerider\AppData\Roaming\VMware
2016-06-02 09:37 - 2016-02-16 01:49 - 00000000 ____D C:\Users\Freerider\AppData\Local\VMware
2016-05-31 20:22 - 2016-01-07 20:07 - 00000600 _____ C:\Users\Freerider\AppData\Roaming\winscp.rnd
2016-05-31 11:49 - 2016-01-05 02:26 - 00000000 ____D C:\Users\Freerider\AppData\Local\PokerStars.EU
2016-05-31 11:49 - 2016-01-05 02:25 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2016-05-30 23:54 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-05-30 22:27 - 2016-01-04 23:20 - 00000000 ____D C:\Users\Freerider
2016-05-30 16:24 - 2016-05-03 07:45 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-05-30 02:55 - 2016-03-02 23:21 - 00000000 ____D C:\Users\DefaultAppPool
2016-05-28 00:46 - 2016-03-10 17:15 - 00000000 ____D C:\Users\Freerider\AppData\Roaming\TS3Client
2016-05-23 19:19 - 2016-01-06 00:58 - 00000000 ____D C:\Users\Freerider\AppData\Roaming\uTorrent
2016-05-22 01:00 - 2016-03-20 16:15 - 00000000 ____D C:\Users\Freerider\AppData\Local\ElevatedDiagnostics
2016-05-20 08:09 - 2016-05-03 07:45 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-05-20 08:09 - 2016-05-03 07:45 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-05-18 18:32 - 2016-03-10 17:14 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-05-15 22:42 - 2016-01-04 23:39 - 00000000 ____D C:\ProgramData\Oracle
2016-05-15 22:38 - 2016-01-04 23:39 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-05-15 22:38 - 2016-01-04 23:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-15 22:37 - 2016-01-04 23:39 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-15 22:25 - 2016-01-06 10:53 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-15 22:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration
2016-05-15 22:03 - 2016-03-04 21:10 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2016-05-15 21:49 - 2016-01-25 22:24 - 00000000 ____D C:\Windows\system32\appmgmt
2016-05-15 19:19 - 2016-01-04 23:40 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-15 19:19 - 2016-01-04 23:40 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-15 19:17 - 2016-02-20 00:27 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-15 19:17 - 2016-02-20 00:27 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-15 19:17 - 2016-02-02 10:01 - 00000000 ____D C:\Users\Freerider\AppData\Roaming\Skype
2016-05-15 19:17 - 2016-01-04 23:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-15 19:17 - 2009-07-14 06:45 - 00436440 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-15 17:54 - 2016-01-05 02:07 - 00112272 _____ C:\Users\Freerider\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-15 16:26 - 2016-01-17 22:15 - 00000000 ____D C:\ProgramData\SOLIDWORKS
2016-05-15 16:24 - 2016-01-17 22:15 - 00000000 ____D C:\Program Files\Common Files\SOLIDWORKS Shared
2016-05-15 16:24 - 2016-01-05 02:17 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-05-15 16:19 - 2016-01-17 22:15 - 00000000 ____D C:\Program Files\SOLIDWORKS Corp
2016-05-15 16:12 - 2016-01-17 22:05 - 00000000 ____D C:\Users\Freerider\Documents\SOLIDWORKS Downloads
2016-05-13 21:49 - 2016-01-17 22:10 - 00000000 ____D C:\ProgramData\Apple
2016-05-12 11:55 - 2016-04-24 20:21 - 00004409 _____ C:\Users\Freerider\Downloads\barvinek_logo.svg
2016-05-10 22:03 - 2016-05-05 22:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-10 20:56 - 2016-02-02 10:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-10 20:56 - 2016-02-02 10:00 - 00000000 ____D C:\ProgramData\Skype
2016-05-10 20:55 - 2016-01-06 00:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-05-10 18:24 - 2016-02-20 18:35 - 00000000 ____D C:\Users\Freerider\AppData\Roaming\TeamViewer
2016-05-08 21:48 - 2016-01-06 00:52 - 00002196 _____ C:\Users\Freerider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-05-08 21:48 - 2016-01-06 00:52 - 00000000 ___RD C:\Users\Freerider\OneDrive
==================== Files in the root of some directories =======
2016-01-07 20:07 - 2016-05-31 20:22 - 0000600 _____ () C:\Users\Freerider\AppData\Roaming\winscp.rnd
2016-01-05 01:08 - 2016-01-05 01:08 - 0000001 _____ () C:\Users\Freerider\AppData\Local\llftool.4.40.agreement
2016-04-02 17:28 - 2016-04-02 17:28 - 0000041 ___SH () C:\ProgramData\.zreglib
Some files in TEMP:
====================
C:\Users\Freerider\AppData\Local\Temp\libeay32.dll
C:\Users\Freerider\AppData\Local\Temp\msvcr120.dll
C:\Users\Freerider\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1aba1b03ff8dd.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1aba1b05ad442.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
==================== Security Center ==================
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Freerider\Desktop" je 397 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\steam.exe" -silent [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray.exe
"C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
.
Přispějete na provoz fóra?