prosim o pomoc
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22.08.2018
Ran by J (administrator) on JOJKO (22-08-2018 18:15:17)
Running from C:\Users\J\Desktop
Loaded Profiles: J (Available Profiles: J)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Synology\Assistant\UsbClientService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\J\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [267064 2017-03-22] (Apple Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [170128 2018-07-12] (ESET)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-03-16] (Apple Inc.)
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [MCzUYa#7JR.exe] => C:\Program Files\STMicroelectronics\SR24EB8W0YK6ODCZR4I1E7RB44OLQBS\MCzUYa#7JR.exe
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [d8Pahqx.exe] => C:\Users\J\AppData\Local\Temp\8f2738c26a9a42aa92217eb95818c453\d8Pahqx.exe <==== ATTENTION
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [8r9OJftt.exe] => C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e\8r9OJftt.exe
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [5kO0UQkxapP.exe] => C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21\5kO0UQkxapP.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{85851E5F-D3D8-4A99-A6C9-02C746D4E657}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: YoutubeAdBlock -> {BAA31A35-DDC9-488F-864E-7FF705D4DDBD} -> C:\Program Files\zDUkwTwaYIE\kBqtKVgI.dll => No File
FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxp://www.google.sk/"
CHR Profile: C:\Users\J\AppData\Local\Google\Chrome\User Data\Default [2018-08-22]
CHR Extension: (Prezentácie) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-15]
CHR Extension: (YouTube) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-15]
CHR Extension: (Adblocker na Youtube™) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjigjjillnilojhbaojacalmfjboejk [2018-08-06] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Tabuľky) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Tlačidlo Uložiť na Pintereste) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-07-25]
CHR Extension: (Send to Kindle (by Klip.me)) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan [2017-03-15]
CHR Extension: (POI pocket) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjealhgenmicaddhkbbghbglhigfcibb [2017-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-15]
CHR Extension: (Chrome Media Router) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-22]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [290792 2016-06-02] (Intel Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1817952 2018-07-12] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [1817952 2018-07-12] (ESET)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [284136 2016-06-02] (Intel Corporation)
R2 UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [248856 2017-01-18] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 busenum; C:\Windows\System32\DRIVERS\busenum.sys [45792 2012-08-03] (Windows (R) Win 7 DDK provider)
R3 cvusbdrv; C:\Windows\System32\Drivers\cvusbdrv.sys [42720 2014-06-13] (Broadcom Corporation)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [368392 2014-06-13] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [124376 2018-07-12] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [92600 2018-07-12] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150792 2018-07-12] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [43816 2018-07-12] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [73424 2018-07-12] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [54240 2018-07-12] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [95224 2018-07-12] (ESET)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [352752 2014-06-13] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [796656 2014-06-13] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [85464 2014-06-13] (Intel Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwsn00.sys [10382576 2014-06-13] (Intel Corporation)
S3 OSFMount; C:\Program Files\OSFMount\OSFMount.sys [974264 2014-02-07] (PassMark Software)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [17904 2011-07-15] (ST Microelectronics)
R3 ST_Accel; C:\Windows\System32\DRIVERS\ST_Accel.sys [72832 2014-06-13] (STMicroelectronics)
S1 PowZip; \SystemRoot\System32\drivers\PowZip.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-22 18:15 - 2018-08-22 18:16 - 000011151 _____ C:\Users\J\Desktop\FRST.txt
2018-08-22 18:14 - 2018-08-22 18:15 - 000000000 ____D C:\FRST
2018-08-22 18:14 - 2018-08-22 18:14 - 000029696 _____ C:\Users\J\AppData\Local\MSGBOX.EXE
2018-08-22 18:14 - 2018-08-22 18:14 - 000015327 _____ C:\Users\J\Desktop\LM.bat
2018-08-22 18:13 - 2018-08-22 18:13 - 000112640 _____ (forum.viry.cz) C:\Users\J\Desktop\FRSTLauncher.exe
2018-08-22 18:12 - 2018-08-22 18:11 - 001773568 _____ (Farbar) C:\Users\J\Desktop\FRST.exe
2018-08-22 18:11 - 2018-08-22 18:11 - 001773568 _____ (Farbar) C:\Users\J\Downloads\FRST.exe
2018-08-22 18:03 - 2018-08-22 18:03 - 000000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-22 18:03 - 2018-08-22 18:03 - 000000000 ____D C:\Users\J\AppData\Roaming\Systweak
2018-08-22 17:51 - 2018-08-22 18:03 - 000000000 __SHD C:\Users\J\IntelGraphicsProfiles
2018-08-22 17:51 - 2018-08-22 17:51 - 000000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2018-08-22 17:45 - 2018-08-22 17:46 - 000000000 ____D C:\AdwCleaner
2018-08-22 17:43 - 2018-08-22 17:45 - 007417040 _____ (Malwarebytes) C:\Users\J\Downloads\adwcleaner_7.2.2.exe
2018-08-22 17:36 - 2018-08-22 17:38 - 000000000 ____D C:\Windows\system32\MRT
2018-08-22 17:36 - 2018-08-22 17:36 - 134276632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-22 17:35 - 2018-08-22 17:35 - 000000000 ____D C:\Program Files\Intel
2018-08-22 17:35 - 2018-08-22 17:35 - 000000000 ____D C:\Program Files\Common Files\Intel
2018-08-22 17:35 - 2018-08-22 17:35 - 000000000 ____D C:\Intel
2018-08-22 17:35 - 2016-06-02 13:59 - 000069112 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2018-08-22 17:24 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-22 17:24 - 2018-06-29 17:40 - 000549376 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-08-22 17:24 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-22 17:24 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-22 17:23 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-22 17:23 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2018-08-22 17:23 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-22 17:23 - 2018-08-02 04:45 - 000189616 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2018-08-22 17:23 - 2018-08-02 04:45 - 000189616 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-22 17:23 - 2018-08-02 04:45 - 000136368 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2018-08-22 17:23 - 2018-08-02 04:44 - 000137904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-22 17:23 - 2018-08-02 04:44 - 000067248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-22 17:23 - 2018-08-02 04:43 - 001310464 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-22 17:23 - 2018-08-02 04:16 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-22 17:23 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-22 17:23 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-22 17:23 - 2018-08-02 04:16 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-22 17:23 - 2018-08-02 04:16 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-22 17:23 - 2018-08-02 04:14 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-22 17:23 - 2018-08-02 04:13 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-22 17:23 - 2018-08-02 04:11 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-22 17:23 - 2018-08-02 04:11 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-22 17:23 - 2018-08-02 04:11 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-22 17:23 - 2018-08-02 04:10 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-22 17:23 - 2018-08-02 04:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-22 17:23 - 2018-08-02 04:10 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-22 17:23 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-22 17:23 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-22 17:23 - 2018-07-19 06:16 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-22 17:23 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-22 17:23 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-22 17:23 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-22 17:23 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-22 17:23 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-22 17:23 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-22 17:23 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-22 17:23 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-22 17:23 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-22 17:23 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-22 17:23 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-22 17:23 - 2018-07-19 05:55 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-22 17:23 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-22 17:23 - 2018-07-19 05:49 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-22 17:23 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-22 17:23 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-22 17:23 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-22 17:23 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-22 17:23 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-22 17:23 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-22 17:23 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-22 17:23 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-22 17:23 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-22 17:23 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-22 17:23 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-22 17:23 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-22 17:23 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-22 17:23 - 2018-07-19 05:28 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-22 17:23 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-22 17:23 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-22 17:23 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-22 17:23 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-22 17:23 - 2018-07-13 21:07 - 001309888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-22 17:23 - 2018-07-13 21:06 - 000240832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-08-22 17:23 - 2018-07-13 21:06 - 000187584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-08-22 17:23 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-22 17:23 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-22 17:23 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-22 17:23 - 2018-07-08 17:41 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-22 17:23 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-22 17:23 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-22 17:23 - 2018-07-07 17:19 - 002404352 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-22 17:23 - 2018-07-06 17:54 - 000713408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-22 17:23 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-22 17:23 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-22 17:23 - 2018-06-29 17:40 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-22 17:23 - 2018-06-29 17:10 - 000389632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-22 17:23 - 2018-06-27 17:50 - 000105152 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-22 17:23 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-22 17:23 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-22 17:23 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-22 17:23 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-22 17:23 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-22 17:23 - 2018-06-27 17:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-22 17:23 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-22 17:23 - 2018-06-21 05:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-08-08 15:04 - 2018-08-08 15:04 - 000000000 ____D C:\Users\J\AppData\Local\ESET
2018-08-08 15:02 - 2018-08-08 15:02 - 000001958 _____ C:\Users\Public\Desktop\ESET Ochrana online platieb.lnk
2018-08-08 14:59 - 2018-08-08 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-08-08 14:59 - 2018-08-08 14:59 - 000000000 ____D C:\ProgramData\ESET
2018-08-08 14:59 - 2018-08-08 14:59 - 000000000 ____D C:\Program Files\ESET
2018-08-08 14:57 - 2018-08-08 14:57 - 004279416 _____ (ESET) C:\Users\J\Downloads\eset_internet_security_live_installer.exe
2018-08-08 14:54 - 2018-08-08 15:06 - 000000000 ____D C:\Program Files\Along
2018-08-08 14:53 - 2018-08-08 15:04 - 000000000 ____D C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e
2018-08-08 14:53 - 2018-08-08 15:04 - 000000000 ____D C:\Users\J\AppData\Local\07b30a6f67f542c5be91c6606b540aab
2018-08-08 14:53 - 2018-08-08 15:04 - 000000000 ____D C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21
2018-08-08 14:53 - 2018-08-08 14:53 - 000000290 __RSH C:\Users\J\ntuser.pol
2018-08-06 08:37 - 2018-08-08 15:04 - 000000000 ____D C:\Program Files\LDRIRJvSptwQC
2018-08-06 08:37 - 2018-08-06 08:37 - 001413120 _____ C:\Users\J\AppData\Local\sham.db
2018-08-06 08:37 - 2018-08-06 08:37 - 000140800 _____ C:\Users\J\AppData\Local\installer.dat
2018-08-06 08:36 - 2018-08-08 15:14 - 000000000 ____D C:\Users\J\AppData\Roaming\2a8deef5c96d48db95f683b9225c6454
2018-08-06 08:36 - 2018-08-08 15:11 - 000000000 ____D C:\Users\J\AppData\Local\7ad965c9b1e64d9dbc54f82c9d3994a5
2018-08-06 08:36 - 2018-08-08 15:11 - 000000000 ____D C:\ProgramData\bdfc3936540148e9a6e8a1e7dd0175f5
2018-08-06 08:36 - 2018-08-08 15:10 - 000000000 ____D C:\Program Files\zDUkwTwaYIE
2018-08-06 08:36 - 2018-08-08 15:04 - 000000000 ____D C:\ProgramData\bzLvYYFFZmFknGVB
2018-08-06 08:36 - 2018-08-08 15:04 - 000000000 ____D C:\Program Files\xpZXRwYFlIWU2
2018-08-06 08:36 - 2018-08-08 15:04 - 000000000 ____D C:\Program Files\VHbWajSWU
2018-08-06 08:36 - 2018-08-08 15:04 - 000000000 ____D C:\Program Files\ELCdlNcAzQmJaXxTcwR
2018-08-06 08:36 - 2018-08-06 08:36 - 000001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenRecorder.lnk
2018-08-06 08:36 - 2018-08-06 08:36 - 000000000 ____D C:\Program Files\ScreenRecorder
2018-08-06 08:35 - 2018-08-08 15:08 - 000000000 ____D C:\Program Files\IBeJrDHLZIUn
2018-08-06 08:35 - 2018-08-06 08:35 - 000000000 ____D C:\Users\J\AppData\LocalLow\YcbZTHxVCdjoC
2018-08-06 08:34 - 2018-08-08 15:11 - 000000000 ____D C:\ProgramData\f1223d26-924b-4f5b-8457-8cd296ae280d
2018-08-06 08:34 - 2018-08-06 08:34 - 000000000 ____D C:\ProgramData\033263c4-979d-4ee6-9fc8-d45499817fa8
2018-08-06 08:33 - 2018-08-08 15:14 - 000000000 ____D C:\Users\J\AppData\Local\netinfokit
2018-08-06 08:33 - 2018-08-06 08:33 - 000003828 _____ C:\Users\J\Downloads\SEPA_VÚB_20180803170204.xml
2018-07-26 15:49 - 2018-08-08 15:04 - 000000000 ____D C:\Users\J\AppData\Roaming\KeyCreator
2018-07-26 15:49 - 2018-07-26 15:49 - 000000000 ____D C:\Users\J\Desktop\Crack
2018-07-26 14:36 - 2018-08-08 19:51 - 000000000 ____D C:\Users\J\AppData\Roaming\DPFXR
2018-07-26 14:36 - 2018-07-26 14:36 - 000001209 _____ C:\Users\Public\Desktop\Duplicate Photos Fixer Pro.lnk
2018-07-26 14:36 - 2018-07-26 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Photos Fixer Pro
2018-07-26 14:36 - 2018-07-26 14:36 - 000000000 ____D C:\Program Files\Duplicate Photos Fixer Pro
2018-07-26 14:35 - 2018-07-26 14:36 - 003362760 _____ (Systweak Software ) C:\Users\J\Downloads\dpfsetupadg_sysblog-best5duplicatephotofindertool.exe
2018-07-26 14:24 - 2018-06-13 17:55 - 012880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-26 14:24 - 2018-06-13 17:54 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-07-26 14:24 - 2018-06-08 17:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-07-26 14:24 - 2018-06-08 17:55 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-07-26 14:24 - 2018-06-08 17:55 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-07-26 14:24 - 2018-06-08 17:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-26 14:24 - 2018-06-08 17:55 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-07-26 14:24 - 2018-06-08 17:55 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-07-26 14:24 - 2018-06-08 17:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-07-26 14:24 - 2018-06-08 17:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-07-26 14:24 - 2018-06-08 17:25 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-07-26 14:24 - 2018-06-08 17:19 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-07-26 14:24 - 2018-06-08 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-07-26 14:24 - 2018-06-07 17:57 - 000564736 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-07-26 14:24 - 2018-06-07 17:57 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-07-26 14:24 - 2018-06-07 17:57 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-07-26 14:24 - 2018-06-07 17:34 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-26 14:24 - 2018-06-07 17:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-07-26 14:24 - 2018-05-02 17:30 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-07-26 14:24 - 2018-05-02 17:30 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-07-26 14:24 - 2018-05-02 17:30 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-07-26 14:24 - 2018-05-02 17:30 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-07-26 14:24 - 2018-05-02 17:30 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-07-26 14:24 - 2018-05-02 17:30 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-07-26 14:24 - 2018-05-02 17:29 - 000006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-07-26 14:24 - 2018-04-26 15:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-26 14:24 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-26 14:24 - 2018-04-25 17:54 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-07-26 14:24 - 2018-04-25 17:17 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-07-23 09:33 - 2018-06-13 19:59 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-23 09:33 - 2018-06-13 17:53 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-23 09:33 - 2018-06-08 15:05 - 002703872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-23 09:33 - 2018-06-08 15:05 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-23 09:33 - 2018-06-08 15:05 - 000619520 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-23 09:33 - 2018-06-08 15:05 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-23 09:33 - 2018-06-08 15:05 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-23 09:33 - 2018-06-08 15:05 - 000353792 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-23 09:33 - 2018-06-08 15:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-23 09:33 - 2018-06-08 15:05 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-22 18:11 - 2009-07-14 06:34 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-22 18:11 - 2009-07-14 06:34 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-22 18:07 - 2010-11-20 23:01 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-22 18:07 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2018-08-22 18:02 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-22 17:51 - 2017-03-15 13:52 - 000000000 ____D C:\Users\J
2018-08-22 17:50 - 2009-07-14 06:33 - 000267432 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-22 17:29 - 2017-03-15 16:23 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-22 17:29 - 2017-03-15 16:23 - 000002154 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-08 16:19 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2018-08-06 08:36 - 2017-03-15 14:01 - 000000000 ____D C:\Program Files\STMicroelectronics
2018-08-06 08:36 - 2009-07-14 06:52 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-08-06 08:35 - 2017-04-07 16:15 - 000003130 __RSH C:\ProgramData\ntuser.pol
2018-08-06 08:35 - 2009-07-14 04:37 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-07-26 18:22 - 2017-04-28 19:32 - 000000000 ____D C:\Windows\system32\appraiser
==================== Files in the root of some directories =======
2018-08-06 08:37 - 2018-08-06 08:37 - 000140800 _____ () C:\Users\J\AppData\Local\installer.dat
2018-08-22 18:14 - 2018-08-22 18:14 - 000029696 _____ () C:\Users\J\AppData\Local\MSGBOX.EXE
2018-08-06 08:37 - 2018-08-06 08:37 - 001413120 _____ () C:\Users\J\AppData\Local\sham.db
Some files in TEMP:
====================
2018-08-08 14:54 - 2018-08-08 14:54 - 000375522 _____ ( ) C:\Users\J\AppData\Local\Temp\cda5blikhrf.exe
2018-08-06 08:36 - 2018-08-06 08:36 - 006519109 _____ (ScreenRecorder ) C:\Users\J\AppData\Local\Temp\screenrecorderscreenrecorder.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-08-08 16:12
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
v Chrome sa automaticky otvaraju okna
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
v Chrome sa automaticky otvaraju okna
- Přílohy
-
- Addition.zip
- (6.67 KiB) Staženo 77 x
-
Rudy
- Site Admin
- Příspěvky: 119427
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: v Chrome sa automaticky otvaraju okna
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: v Chrome sa automaticky otvaraju okna
# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-30.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-01-2018
# Duration: 00:00:01
# OS: Windows 7 Professional
# Cleaned: 2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\J\AppData\Roaming\Systweak
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\systweak
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [8838 octets] - [22/08/2018 17:45:49]
AdwCleaner[C00].txt - [7610 octets] - [22/08/2018 17:46:20]
AdwCleaner[S01].txt - [1429 octets] - [22/08/2018 17:53:08]
AdwCleaner[C01].txt - [1575 octets] - [22/08/2018 17:53:28]
AdwCleaner[S02].txt - [1551 octets] - [22/08/2018 18:04:14]
AdwCleaner[S03].txt - [1612 octets] - [01/09/2018 07:18:54]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-30.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-01-2018
# Duration: 00:00:01
# OS: Windows 7 Professional
# Cleaned: 2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\J\AppData\Roaming\Systweak
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\systweak
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [8838 octets] - [22/08/2018 17:45:49]
AdwCleaner[C00].txt - [7610 octets] - [22/08/2018 17:46:20]
AdwCleaner[S01].txt - [1429 octets] - [22/08/2018 17:53:08]
AdwCleaner[C01].txt - [1575 octets] - [22/08/2018 17:53:28]
AdwCleaner[S02].txt - [1551 octets] - [22/08/2018 18:04:14]
AdwCleaner[S03].txt - [1612 octets] - [01/09/2018 07:18:54]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119427
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: v Chrome sa automaticky otvaraju okna
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: v Chrome sa automaticky otvaraju okna
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22.08.2018
Ran by J (administrator) on JOJKO (01-09-2018 18:29:10)
Running from C:\Users\J\Desktop
Loaded Profiles: J (Available Profiles: J)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Synology\Assistant\UsbClientService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD.EXE
(Apple Inc.) C:\Program Files\Apple Software Update\SoftwareUpdate.exe
(Systweak) C:\Program Files\Duplicate Photos Fixer Pro\DuplicatePhotosFixerPro.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [267064 2017-03-22] (Apple Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [170128 2018-07-12] (ESET)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-03-16] (Apple Inc.)
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [MCzUYa#7JR.exe] => C:\Program Files\STMicroelectronics\SR24EB8W0YK6ODCZR4I1E7RB44OLQBS\MCzUYa#7JR.exe
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [d8Pahqx.exe] => C:\Users\J\AppData\Local\Temp\8f2738c26a9a42aa92217eb95818c453\d8Pahqx.exe <==== ATTENTION
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [8r9OJftt.exe] => C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e\8r9OJftt.exe
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [5kO0UQkxapP.exe] => C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21\5kO0UQkxapP.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{85851E5F-D3D8-4A99-A6C9-02C746D4E657}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: YoutubeAdBlock -> {BAA31A35-DDC9-488F-864E-7FF705D4DDBD} -> C:\Program Files\zDUkwTwaYIE\kBqtKVgI.dll => No File
FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxp://www.google.sk/"
CHR Profile: C:\Users\J\AppData\Local\Google\Chrome\User Data\Default [2018-08-22]
CHR Extension: (Prezentácie) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-15]
CHR Extension: (YouTube) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-15]
CHR Extension: (Adblocker na Youtube™) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjigjjillnilojhbaojacalmfjboejk [2018-08-06] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Tabuľky) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Tlačidlo Uložiť na Pintereste) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-07-25]
CHR Extension: (Send to Kindle (by Klip.me)) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan [2017-03-15]
CHR Extension: (POI pocket) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjealhgenmicaddhkbbghbglhigfcibb [2017-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-15]
CHR Extension: (Chrome Media Router) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-22]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [290792 2016-06-02] (Intel Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1817952 2018-07-12] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [1817952 2018-07-12] (ESET)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [284136 2016-06-02] (Intel Corporation)
R2 UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [248856 2017-01-18] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 busenum; C:\Windows\System32\DRIVERS\busenum.sys [45792 2012-08-03] (Windows (R) Win 7 DDK provider)
R3 cvusbdrv; C:\Windows\System32\Drivers\cvusbdrv.sys [42720 2014-06-13] (Broadcom Corporation)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [368392 2014-06-13] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [124376 2018-07-12] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [92600 2018-07-12] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150792 2018-07-12] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [43816 2018-07-12] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [73424 2018-07-12] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [54240 2018-07-12] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [95224 2018-07-12] (ESET)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [352752 2014-06-13] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [796656 2014-06-13] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [85464 2014-06-13] (Intel Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwsn00.sys [10382576 2014-06-13] (Intel Corporation)
S3 OSFMount; C:\Program Files\OSFMount\OSFMount.sys [974264 2014-02-07] (PassMark Software)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [17904 2011-07-15] (ST Microelectronics)
R3 ST_Accel; C:\Windows\System32\DRIVERS\ST_Accel.sys [72832 2014-06-13] (STMicroelectronics)
S1 PowZip; \SystemRoot\System32\drivers\PowZip.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-01 08:43 - 2018-09-01 08:43 - 000000000 ____D C:\Users\J\Desktop\Nový priečinok
2018-09-01 07:21 - 2018-09-01 07:21 - 000000000 ____D C:\Users\J\AppData\Roaming\Systweak
2018-09-01 07:16 - 2018-09-01 07:16 - 007417040 _____ (Malwarebytes) C:\Users\J\Desktop\adwcleaner_7.2.2 (1).exe
2018-08-22 18:18 - 2018-08-22 18:18 - 000006831 _____ C:\Users\J\Desktop\Addition.zip
2018-08-22 18:16 - 2018-08-22 18:16 - 000020837 _____ C:\Users\J\Desktop\Addition.txt
2018-08-22 18:15 - 2018-09-01 18:29 - 000010320 _____ C:\Users\J\Desktop\FRST.txt
2018-08-22 18:14 - 2018-09-01 18:29 - 000000000 ____D C:\FRST
2018-08-22 18:13 - 2018-08-22 18:13 - 000112640 _____ (forum.viry.cz) C:\Users\J\Desktop\FRSTLauncher.exe
2018-08-22 18:12 - 2018-08-22 18:11 - 001773568 _____ (Farbar) C:\Users\J\Desktop\FRST.exe
2018-08-22 18:11 - 2018-08-22 18:11 - 001773568 _____ (Farbar) C:\Users\J\Downloads\FRST.exe
2018-08-22 18:03 - 2018-08-22 18:03 - 000000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-22 17:51 - 2018-09-01 07:21 - 000000000 __SHD C:\Users\J\IntelGraphicsProfiles
2018-08-22 17:51 - 2018-08-22 17:51 - 000000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2018-08-22 17:45 - 2018-08-22 17:46 - 000000000 ____D C:\AdwCleaner
2018-08-22 17:43 - 2018-08-22 17:45 - 007417040 _____ (Malwarebytes) C:\Users\J\Downloads\adwcleaner_7.2.2.exe
2018-08-22 17:36 - 2018-08-22 17:38 - 000000000 ____D C:\Windows\system32\MRT
2018-08-22 17:36 - 2018-08-22 17:36 - 134276632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-22 17:35 - 2018-08-22 17:35 - 000000000 ____D C:\Program Files\Intel
2018-08-22 17:35 - 2018-08-22 17:35 - 000000000 ____D C:\Program Files\Common Files\Intel
2018-08-22 17:35 - 2018-08-22 17:35 - 000000000 ____D C:\Intel
2018-08-22 17:35 - 2016-06-02 13:59 - 000069112 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2018-08-22 17:24 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-22 17:24 - 2018-06-29 17:40 - 000549376 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-08-22 17:24 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-22 17:24 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-22 17:23 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-22 17:23 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2018-08-22 17:23 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-22 17:23 - 2018-08-02 04:45 - 000189616 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2018-08-22 17:23 - 2018-08-02 04:45 - 000189616 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-22 17:23 - 2018-08-02 04:45 - 000136368 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2018-08-22 17:23 - 2018-08-02 04:44 - 000137904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-22 17:23 - 2018-08-02 04:44 - 000067248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-22 17:23 - 2018-08-02 04:43 - 001310464 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-22 17:23 - 2018-08-02 04:16 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-22 17:23 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-22 17:23 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-22 17:23 - 2018-08-02 04:16 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-22 17:23 - 2018-08-02 04:16 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-22 17:23 - 2018-08-02 04:14 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-22 17:23 - 2018-08-02 04:13 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-22 17:23 - 2018-08-02 04:11 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-22 17:23 - 2018-08-02 04:11 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-22 17:23 - 2018-08-02 04:11 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-22 17:23 - 2018-08-02 04:10 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-22 17:23 - 2018-08-02 04:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-22 17:23 - 2018-08-02 04:10 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-22 17:23 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-22 17:23 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-22 17:23 - 2018-07-19 06:16 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-22 17:23 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-22 17:23 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-22 17:23 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-22 17:23 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-22 17:23 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-22 17:23 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-22 17:23 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-22 17:23 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-22 17:23 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-22 17:23 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-22 17:23 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-22 17:23 - 2018-07-19 05:55 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-22 17:23 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-22 17:23 - 2018-07-19 05:49 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-22 17:23 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-22 17:23 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-22 17:23 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-22 17:23 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-22 17:23 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-22 17:23 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-22 17:23 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-22 17:23 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-22 17:23 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-22 17:23 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-22 17:23 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-22 17:23 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-22 17:23 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-22 17:23 - 2018-07-19 05:28 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-22 17:23 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-22 17:23 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-22 17:23 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-22 17:23 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-22 17:23 - 2018-07-13 21:07 - 001309888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-22 17:23 - 2018-07-13 21:06 - 000240832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-08-22 17:23 - 2018-07-13 21:06 - 000187584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-08-22 17:23 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-22 17:23 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-22 17:23 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-22 17:23 - 2018-07-08 17:41 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-22 17:23 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-22 17:23 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-22 17:23 - 2018-07-07 17:19 - 002404352 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-22 17:23 - 2018-07-06 17:54 - 000713408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-22 17:23 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-22 17:23 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-22 17:23 - 2018-06-29 17:40 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-22 17:23 - 2018-06-29 17:10 - 000389632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-22 17:23 - 2018-06-27 17:50 - 000105152 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-22 17:23 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-22 17:23 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-22 17:23 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-22 17:23 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-22 17:23 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-22 17:23 - 2018-06-27 17:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-22 17:23 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-22 17:23 - 2018-06-21 05:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-08-08 15:04 - 2018-08-08 15:04 - 000000000 ____D C:\Users\J\AppData\Local\ESET
2018-08-08 15:02 - 2018-08-08 15:02 - 000001958 _____ C:\Users\Public\Desktop\ESET Ochrana online platieb.lnk
2018-08-08 14:59 - 2018-08-08 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-08-08 14:59 - 2018-08-08 14:59 - 000000000 ____D C:\ProgramData\ESET
2018-08-08 14:59 - 2018-08-08 14:59 - 000000000 ____D C:\Program Files\ESET
2018-08-08 14:57 - 2018-08-08 14:57 - 004279416 _____ (ESET) C:\Users\J\Downloads\eset_internet_security_live_installer.exe
2018-08-08 14:54 - 2018-08-08 15:06 - 000000000 ____D C:\Program Files\Along
2018-08-08 14:53 - 2018-08-08 15:04 - 000000000 ____D C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e
2018-08-08 14:53 - 2018-08-08 15:04 - 000000000 ____D C:\Users\J\AppData\Local\07b30a6f67f542c5be91c6606b540aab
2018-08-08 14:53 - 2018-08-08 15:04 - 000000000 ____D C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21
2018-08-08 14:53 - 2018-08-08 14:53 - 000000290 __RSH C:\Users\J\ntuser.pol
2018-08-06 08:37 - 2018-08-08 15:04 - 000000000 ____D C:\Program Files\LDRIRJvSptwQC
2018-08-06 08:37 - 2018-08-06 08:37 - 001413120 _____ C:\Users\J\AppData\Local\sham.db
2018-08-06 08:37 - 2018-08-06 08:37 - 000140800 _____ C:\Users\J\AppData\Local\installer.dat
2018-08-06 08:36 - 2018-08-08 15:14 - 000000000 ____D C:\Users\J\AppData\Roaming\2a8deef5c96d48db95f683b9225c6454
2018-08-06 08:36 - 2018-08-08 15:11 - 000000000 ____D C:\Users\J\AppData\Local\7ad965c9b1e64d9dbc54f82c9d3994a5
2018-08-06 08:36 - 2018-08-08 15:11 - 000000000 ____D C:\ProgramData\bdfc3936540148e9a6e8a1e7dd0175f5
2018-08-06 08:36 - 2018-08-08 15:10 - 000000000 ____D C:\Program Files\zDUkwTwaYIE
2018-08-06 08:36 - 2018-08-08 15:04 - 000000000 ____D C:\ProgramData\bzLvYYFFZmFknGVB
2018-08-06 08:36 - 2018-08-08 15:04 - 000000000 ____D C:\Program Files\xpZXRwYFlIWU2
2018-08-06 08:36 - 2018-08-08 15:04 - 000000000 ____D C:\Program Files\VHbWajSWU
2018-08-06 08:36 - 2018-08-08 15:04 - 000000000 ____D C:\Program Files\ELCdlNcAzQmJaXxTcwR
2018-08-06 08:36 - 2018-08-06 08:36 - 000001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenRecorder.lnk
2018-08-06 08:36 - 2018-08-06 08:36 - 000000000 ____D C:\Program Files\ScreenRecorder
2018-08-06 08:35 - 2018-08-08 15:08 - 000000000 ____D C:\Program Files\IBeJrDHLZIUn
2018-08-06 08:35 - 2018-08-06 08:35 - 000000000 ____D C:\Users\J\AppData\LocalLow\YcbZTHxVCdjoC
2018-08-06 08:34 - 2018-08-08 15:11 - 000000000 ____D C:\ProgramData\f1223d26-924b-4f5b-8457-8cd296ae280d
2018-08-06 08:34 - 2018-08-06 08:34 - 000000000 ____D C:\ProgramData\033263c4-979d-4ee6-9fc8-d45499817fa8
2018-08-06 08:33 - 2018-08-08 15:14 - 000000000 ____D C:\Users\J\AppData\Local\netinfokit
2018-08-06 08:33 - 2018-08-06 08:33 - 000003828 _____ C:\Users\J\Downloads\SEPA_VÚB_20180803170204.xml
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-01 09:13 - 2017-12-13 18:16 - 000000000 ____D C:\Users\J\Desktop\Rozpravky
2018-09-01 08:06 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2018-09-01 07:31 - 2010-11-20 23:01 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-01 07:31 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2018-09-01 07:28 - 2009-07-14 06:34 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-01 07:28 - 2009-07-14 06:34 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-01 07:20 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-01 07:19 - 2018-07-26 15:49 - 000000000 ____D C:\Users\J\Desktop\Crack
2018-08-22 17:51 - 2017-03-15 13:52 - 000000000 ____D C:\Users\J
2018-08-22 17:50 - 2009-07-14 06:33 - 000267432 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-22 17:29 - 2017-03-15 16:23 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-22 17:29 - 2017-03-15 16:23 - 000002154 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-08 19:51 - 2018-07-26 14:36 - 000000000 ____D C:\Users\J\AppData\Roaming\DPFXR
2018-08-08 15:04 - 2018-07-26 15:49 - 000000000 ____D C:\Users\J\AppData\Roaming\KeyCreator
2018-08-06 08:36 - 2017-03-15 14:01 - 000000000 ____D C:\Program Files\STMicroelectronics
2018-08-06 08:36 - 2009-07-14 06:52 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-08-06 08:35 - 2017-04-07 16:15 - 000003130 __RSH C:\ProgramData\ntuser.pol
2018-08-06 08:35 - 2009-07-14 04:37 - 000000000 ___HD C:\Windows\system32\GroupPolicy
==================== Files in the root of some directories =======
2018-08-06 08:37 - 2018-08-06 08:37 - 000140800 _____ () C:\Users\J\AppData\Local\installer.dat
2018-08-06 08:37 - 2018-08-06 08:37 - 001413120 _____ () C:\Users\J\AppData\Local\sham.db
Some files in TEMP:
====================
2018-08-08 14:54 - 2018-08-08 14:54 - 000375522 _____ ( ) C:\Users\J\AppData\Local\Temp\cda5blikhrf.exe
2018-08-06 08:36 - 2018-08-06 08:36 - 006519109 _____ (ScreenRecorder ) C:\Users\J\AppData\Local\Temp\screenrecorderscreenrecorder.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-01 07:59
==================== End of FRST.txt ============================
Ran by J (administrator) on JOJKO (01-09-2018 18:29:10)
Running from C:\Users\J\Desktop
Loaded Profiles: J (Available Profiles: J)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Synology\Assistant\UsbClientService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD.EXE
(Apple Inc.) C:\Program Files\Apple Software Update\SoftwareUpdate.exe
(Systweak) C:\Program Files\Duplicate Photos Fixer Pro\DuplicatePhotosFixerPro.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [267064 2017-03-22] (Apple Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [170128 2018-07-12] (ESET)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-03-16] (Apple Inc.)
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [MCzUYa#7JR.exe] => C:\Program Files\STMicroelectronics\SR24EB8W0YK6ODCZR4I1E7RB44OLQBS\MCzUYa#7JR.exe
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [d8Pahqx.exe] => C:\Users\J\AppData\Local\Temp\8f2738c26a9a42aa92217eb95818c453\d8Pahqx.exe <==== ATTENTION
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [8r9OJftt.exe] => C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e\8r9OJftt.exe
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [5kO0UQkxapP.exe] => C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21\5kO0UQkxapP.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{85851E5F-D3D8-4A99-A6C9-02C746D4E657}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: YoutubeAdBlock -> {BAA31A35-DDC9-488F-864E-7FF705D4DDBD} -> C:\Program Files\zDUkwTwaYIE\kBqtKVgI.dll => No File
FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxp://www.google.sk/"
CHR Profile: C:\Users\J\AppData\Local\Google\Chrome\User Data\Default [2018-08-22]
CHR Extension: (Prezentácie) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-15]
CHR Extension: (YouTube) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-15]
CHR Extension: (Adblocker na Youtube™) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjigjjillnilojhbaojacalmfjboejk [2018-08-06] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Tabuľky) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Tlačidlo Uložiť na Pintereste) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-07-25]
CHR Extension: (Send to Kindle (by Klip.me)) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan [2017-03-15]
CHR Extension: (POI pocket) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjealhgenmicaddhkbbghbglhigfcibb [2017-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-15]
CHR Extension: (Chrome Media Router) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-22]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [290792 2016-06-02] (Intel Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1817952 2018-07-12] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [1817952 2018-07-12] (ESET)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [284136 2016-06-02] (Intel Corporation)
R2 UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [248856 2017-01-18] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 busenum; C:\Windows\System32\DRIVERS\busenum.sys [45792 2012-08-03] (Windows (R) Win 7 DDK provider)
R3 cvusbdrv; C:\Windows\System32\Drivers\cvusbdrv.sys [42720 2014-06-13] (Broadcom Corporation)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [368392 2014-06-13] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [124376 2018-07-12] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [92600 2018-07-12] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150792 2018-07-12] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [43816 2018-07-12] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [73424 2018-07-12] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [54240 2018-07-12] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [95224 2018-07-12] (ESET)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [352752 2014-06-13] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [796656 2014-06-13] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [85464 2014-06-13] (Intel Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwsn00.sys [10382576 2014-06-13] (Intel Corporation)
S3 OSFMount; C:\Program Files\OSFMount\OSFMount.sys [974264 2014-02-07] (PassMark Software)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [17904 2011-07-15] (ST Microelectronics)
R3 ST_Accel; C:\Windows\System32\DRIVERS\ST_Accel.sys [72832 2014-06-13] (STMicroelectronics)
S1 PowZip; \SystemRoot\System32\drivers\PowZip.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-01 08:43 - 2018-09-01 08:43 - 000000000 ____D C:\Users\J\Desktop\Nový priečinok
2018-09-01 07:21 - 2018-09-01 07:21 - 000000000 ____D C:\Users\J\AppData\Roaming\Systweak
2018-09-01 07:16 - 2018-09-01 07:16 - 007417040 _____ (Malwarebytes) C:\Users\J\Desktop\adwcleaner_7.2.2 (1).exe
2018-08-22 18:18 - 2018-08-22 18:18 - 000006831 _____ C:\Users\J\Desktop\Addition.zip
2018-08-22 18:16 - 2018-08-22 18:16 - 000020837 _____ C:\Users\J\Desktop\Addition.txt
2018-08-22 18:15 - 2018-09-01 18:29 - 000010320 _____ C:\Users\J\Desktop\FRST.txt
2018-08-22 18:14 - 2018-09-01 18:29 - 000000000 ____D C:\FRST
2018-08-22 18:13 - 2018-08-22 18:13 - 000112640 _____ (forum.viry.cz) C:\Users\J\Desktop\FRSTLauncher.exe
2018-08-22 18:12 - 2018-08-22 18:11 - 001773568 _____ (Farbar) C:\Users\J\Desktop\FRST.exe
2018-08-22 18:11 - 2018-08-22 18:11 - 001773568 _____ (Farbar) C:\Users\J\Downloads\FRST.exe
2018-08-22 18:03 - 2018-08-22 18:03 - 000000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-22 17:51 - 2018-09-01 07:21 - 000000000 __SHD C:\Users\J\IntelGraphicsProfiles
2018-08-22 17:51 - 2018-08-22 17:51 - 000000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2018-08-22 17:45 - 2018-08-22 17:46 - 000000000 ____D C:\AdwCleaner
2018-08-22 17:43 - 2018-08-22 17:45 - 007417040 _____ (Malwarebytes) C:\Users\J\Downloads\adwcleaner_7.2.2.exe
2018-08-22 17:36 - 2018-08-22 17:38 - 000000000 ____D C:\Windows\system32\MRT
2018-08-22 17:36 - 2018-08-22 17:36 - 134276632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-22 17:35 - 2018-08-22 17:35 - 000000000 ____D C:\Program Files\Intel
2018-08-22 17:35 - 2018-08-22 17:35 - 000000000 ____D C:\Program Files\Common Files\Intel
2018-08-22 17:35 - 2018-08-22 17:35 - 000000000 ____D C:\Intel
2018-08-22 17:35 - 2016-06-02 13:59 - 000069112 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2018-08-22 17:24 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-22 17:24 - 2018-06-29 17:40 - 000549376 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-08-22 17:24 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-22 17:24 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-22 17:23 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-22 17:23 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2018-08-22 17:23 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-22 17:23 - 2018-08-02 04:45 - 000189616 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2018-08-22 17:23 - 2018-08-02 04:45 - 000189616 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-22 17:23 - 2018-08-02 04:45 - 000136368 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2018-08-22 17:23 - 2018-08-02 04:44 - 000137904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-22 17:23 - 2018-08-02 04:44 - 000067248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-22 17:23 - 2018-08-02 04:43 - 001310464 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-22 17:23 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-22 17:23 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-22 17:23 - 2018-08-02 04:16 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-22 17:23 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-22 17:23 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-22 17:23 - 2018-08-02 04:16 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-22 17:23 - 2018-08-02 04:16 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-22 17:23 - 2018-08-02 04:14 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-22 17:23 - 2018-08-02 04:13 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-22 17:23 - 2018-08-02 04:11 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-22 17:23 - 2018-08-02 04:11 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-22 17:23 - 2018-08-02 04:11 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-22 17:23 - 2018-08-02 04:10 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-22 17:23 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-22 17:23 - 2018-08-02 04:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-22 17:23 - 2018-08-02 04:10 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-22 17:23 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-22 17:23 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-22 17:23 - 2018-07-19 06:16 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-22 17:23 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-22 17:23 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-22 17:23 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-22 17:23 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-22 17:23 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-22 17:23 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-22 17:23 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-22 17:23 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-22 17:23 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-22 17:23 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-22 17:23 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-22 17:23 - 2018-07-19 05:55 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-22 17:23 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-22 17:23 - 2018-07-19 05:49 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-22 17:23 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-22 17:23 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-22 17:23 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-22 17:23 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-22 17:23 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-22 17:23 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-22 17:23 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-22 17:23 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-22 17:23 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-22 17:23 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-22 17:23 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-22 17:23 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-22 17:23 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-22 17:23 - 2018-07-19 05:28 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-22 17:23 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-22 17:23 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-22 17:23 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-22 17:23 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-22 17:23 - 2018-07-13 21:07 - 001309888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-22 17:23 - 2018-07-13 21:06 - 000240832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-08-22 17:23 - 2018-07-13 21:06 - 000187584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-08-22 17:23 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-22 17:23 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-22 17:23 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-22 17:23 - 2018-07-08 17:41 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-22 17:23 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-22 17:23 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-22 17:23 - 2018-07-07 17:19 - 002404352 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-22 17:23 - 2018-07-06 17:54 - 000713408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-22 17:23 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-22 17:23 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-22 17:23 - 2018-06-29 17:40 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-22 17:23 - 2018-06-29 17:10 - 000389632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-22 17:23 - 2018-06-27 17:50 - 000105152 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-22 17:23 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-22 17:23 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-22 17:23 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-22 17:23 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-22 17:23 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-22 17:23 - 2018-06-27 17:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-22 17:23 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-22 17:23 - 2018-06-21 05:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-08-08 15:04 - 2018-08-08 15:04 - 000000000 ____D C:\Users\J\AppData\Local\ESET
2018-08-08 15:02 - 2018-08-08 15:02 - 000001958 _____ C:\Users\Public\Desktop\ESET Ochrana online platieb.lnk
2018-08-08 14:59 - 2018-08-08 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-08-08 14:59 - 2018-08-08 14:59 - 000000000 ____D C:\ProgramData\ESET
2018-08-08 14:59 - 2018-08-08 14:59 - 000000000 ____D C:\Program Files\ESET
2018-08-08 14:57 - 2018-08-08 14:57 - 004279416 _____ (ESET) C:\Users\J\Downloads\eset_internet_security_live_installer.exe
2018-08-08 14:54 - 2018-08-08 15:06 - 000000000 ____D C:\Program Files\Along
2018-08-08 14:53 - 2018-08-08 15:04 - 000000000 ____D C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e
2018-08-08 14:53 - 2018-08-08 15:04 - 000000000 ____D C:\Users\J\AppData\Local\07b30a6f67f542c5be91c6606b540aab
2018-08-08 14:53 - 2018-08-08 15:04 - 000000000 ____D C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21
2018-08-08 14:53 - 2018-08-08 14:53 - 000000290 __RSH C:\Users\J\ntuser.pol
2018-08-06 08:37 - 2018-08-08 15:04 - 000000000 ____D C:\Program Files\LDRIRJvSptwQC
2018-08-06 08:37 - 2018-08-06 08:37 - 001413120 _____ C:\Users\J\AppData\Local\sham.db
2018-08-06 08:37 - 2018-08-06 08:37 - 000140800 _____ C:\Users\J\AppData\Local\installer.dat
2018-08-06 08:36 - 2018-08-08 15:14 - 000000000 ____D C:\Users\J\AppData\Roaming\2a8deef5c96d48db95f683b9225c6454
2018-08-06 08:36 - 2018-08-08 15:11 - 000000000 ____D C:\Users\J\AppData\Local\7ad965c9b1e64d9dbc54f82c9d3994a5
2018-08-06 08:36 - 2018-08-08 15:11 - 000000000 ____D C:\ProgramData\bdfc3936540148e9a6e8a1e7dd0175f5
2018-08-06 08:36 - 2018-08-08 15:10 - 000000000 ____D C:\Program Files\zDUkwTwaYIE
2018-08-06 08:36 - 2018-08-08 15:04 - 000000000 ____D C:\ProgramData\bzLvYYFFZmFknGVB
2018-08-06 08:36 - 2018-08-08 15:04 - 000000000 ____D C:\Program Files\xpZXRwYFlIWU2
2018-08-06 08:36 - 2018-08-08 15:04 - 000000000 ____D C:\Program Files\VHbWajSWU
2018-08-06 08:36 - 2018-08-08 15:04 - 000000000 ____D C:\Program Files\ELCdlNcAzQmJaXxTcwR
2018-08-06 08:36 - 2018-08-06 08:36 - 000001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenRecorder.lnk
2018-08-06 08:36 - 2018-08-06 08:36 - 000000000 ____D C:\Program Files\ScreenRecorder
2018-08-06 08:35 - 2018-08-08 15:08 - 000000000 ____D C:\Program Files\IBeJrDHLZIUn
2018-08-06 08:35 - 2018-08-06 08:35 - 000000000 ____D C:\Users\J\AppData\LocalLow\YcbZTHxVCdjoC
2018-08-06 08:34 - 2018-08-08 15:11 - 000000000 ____D C:\ProgramData\f1223d26-924b-4f5b-8457-8cd296ae280d
2018-08-06 08:34 - 2018-08-06 08:34 - 000000000 ____D C:\ProgramData\033263c4-979d-4ee6-9fc8-d45499817fa8
2018-08-06 08:33 - 2018-08-08 15:14 - 000000000 ____D C:\Users\J\AppData\Local\netinfokit
2018-08-06 08:33 - 2018-08-06 08:33 - 000003828 _____ C:\Users\J\Downloads\SEPA_VÚB_20180803170204.xml
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-09-01 09:13 - 2017-12-13 18:16 - 000000000 ____D C:\Users\J\Desktop\Rozpravky
2018-09-01 08:06 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2018-09-01 07:31 - 2010-11-20 23:01 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-01 07:31 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2018-09-01 07:28 - 2009-07-14 06:34 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-01 07:28 - 2009-07-14 06:34 - 000021280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-01 07:20 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-01 07:19 - 2018-07-26 15:49 - 000000000 ____D C:\Users\J\Desktop\Crack
2018-08-22 17:51 - 2017-03-15 13:52 - 000000000 ____D C:\Users\J
2018-08-22 17:50 - 2009-07-14 06:33 - 000267432 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-22 17:29 - 2017-03-15 16:23 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-22 17:29 - 2017-03-15 16:23 - 000002154 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-08 19:51 - 2018-07-26 14:36 - 000000000 ____D C:\Users\J\AppData\Roaming\DPFXR
2018-08-08 15:04 - 2018-07-26 15:49 - 000000000 ____D C:\Users\J\AppData\Roaming\KeyCreator
2018-08-06 08:36 - 2017-03-15 14:01 - 000000000 ____D C:\Program Files\STMicroelectronics
2018-08-06 08:36 - 2009-07-14 06:52 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-08-06 08:35 - 2017-04-07 16:15 - 000003130 __RSH C:\ProgramData\ntuser.pol
2018-08-06 08:35 - 2009-07-14 04:37 - 000000000 ___HD C:\Windows\system32\GroupPolicy
==================== Files in the root of some directories =======
2018-08-06 08:37 - 2018-08-06 08:37 - 000140800 _____ () C:\Users\J\AppData\Local\installer.dat
2018-08-06 08:37 - 2018-08-06 08:37 - 001413120 _____ () C:\Users\J\AppData\Local\sham.db
Some files in TEMP:
====================
2018-08-08 14:54 - 2018-08-08 14:54 - 000375522 _____ ( ) C:\Users\J\AppData\Local\Temp\cda5blikhrf.exe
2018-08-06 08:36 - 2018-08-06 08:36 - 006519109 _____ (ScreenRecorder ) C:\Users\J\AppData\Local\Temp\screenrecorderscreenrecorder.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-09-01 07:59
==================== End of FRST.txt ============================
- Přílohy
-
- Addition (2).zip
- (6.71 KiB) Staženo 72 x
-
Rudy
- Site Admin
- Příspěvky: 119427
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: v Chrome sa automaticky otvaraju okna
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [MCzUYa#7JR.exe] => C:\Program Files\STMicroelectronics\SR24EB8W0YK6ODCZR4I1E7RB44OLQBS\MCzUYa#7JR.exe
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [d8Pahqx.exe] => C:\Users\J\AppData\Local\Temp\8f2738c26a9a42aa92217eb95818c453\d8Pahqx.exe <==== ATTENTION
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [8r9OJftt.exe] => C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e\8r9OJftt.exe
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [5kO0UQkxapP.exe] => C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21\5kO0UQkxapP.exe
C:\Program Files\STMicroelectronics\SR24EB8W0YK6ODCZR4I1E7RB44OLQBS\MCzUYa#7JR.exe
C:\Users\J\AppData\Local\Temp
C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e\8r9OJftt.exe
C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\Program Files\Bonjour
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e
C:\Users\J\AppData\Local\07b30a6f67f542c5be91c6606b540aab
C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21
C:\Program Files\LDRIRJvSptwQC
C:\Users\J\AppData\Roaming\2a8deef5c96d48db95f683b9225c6454
C:\Users\J\AppData\Local\7ad965c9b1e64d9dbc54f82c9d3994a5
C:\ProgramData\bdfc3936540148e9a6e8a1e7dd0175f5
C:\Program Files\zDUkwTwaYIE
C:\ProgramData\bzLvYYFFZmFknGVB
C:\Program Files\xpZXRwYFlIWU2
C:\Program Files\VHbWajSWU
C:\Program Files\ELCdlNcAzQmJaXxTcwR
C:\Program Files\IBeJrDHLZIUn
C:\Users\J\AppData\LocalLow\YcbZTHxVCdjoC
C:\ProgramData\f1223d26-924b-4f5b-8457-8cd296ae280d
C:\ProgramData\033263c4-979d-4ee6-9fc8-d45499817fa8
C:\Users\J\AppData\Local\Temp
ShellIconOverlayIdentifiers: [ !!!smico] -> {C6E713CA-A7FD-4C73-9E34-AD7676CB957F} => -> No File
ContextMenuHandlers1: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers1: [SMShellExts] -> {3871F95B-BF7A-4c17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers2: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers4: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {36384E52-3C33-4AFC-AAA8-D3EC100D5601} - System32\Tasks\vnKUActWDSalGNfrR2 => rundll32 "C:\Program Files\ELCdlNcAzQmJaXxTcwR\PZPnAMV.dll",#1
Task: {47936F5D-2F1F-4446-9BAE-5EB16F88100B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-03-15] (Google Inc.)
Task: {972CECB8-2B09-45C7-ACE9-C13C4CC0BA16} - System32\Tasks\WAOtgPBGflHZLCaeTGs2 => rundll32 "C:\Program Files\LDRIRJvSptwQC\ZHxlvkk.dll",#1
Task: {B0D46DF5-62D3-4961-8AEE-B0EF0DE3FE74} - System32\Tasks\reQGtPgibmNDB2 => C:\Windows\system32\wscript.exe "C:\ProgramData\bzLvYYFFZmFknGVB\ckaAQFC.wsf"
Task: {B12D9CAA-6B2B-41AB-940F-FF7EF95E1CF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-03-15] (Google Inc.)
Task: {C3246B80-A3B8-434B-97B9-82D0A0B04F9E} - System32\Tasks\cvyVeCGCBGMaCol2 => rundll32 "C:\Program Files\VHbWajSWU\HzYqKm.dll",#1
Task: {D129490B-D413-47E5-84E7-EC9377DF081E} - System32\Tasks\zleDohIUJuBRcb => rundll32 "C:\Program Files\xpZXRwYFlIWU2\iHazFYLqhKDmo.dll",#1
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: v Chrome sa automaticky otvaraju okna
Fix result of Farbar Recovery Scan Tool (x86) Version: 22.08.2018
Ran by J (02-09-2018 11:09:41) Run:1
Running from C:\Users\J\Desktop
Loaded Profiles: J (Available Profiles: J)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [MCzUYa#7JR.exe] => C:\Program Files\STMicroelectronics\SR24EB8W0YK6ODCZR4I1E7RB44OLQBS\MCzUYa#7JR.exe
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [d8Pahqx.exe] => C:\Users\J\AppData\Local\Temp\8f2738c26a9a42aa92217eb95818c453\d8Pahqx.exe <==== ATTENTION
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [8r9OJftt.exe] => C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e\8r9OJftt.exe
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [5kO0UQkxapP.exe] => C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21\5kO0UQkxapP.exe
C:\Program Files\STMicroelectronics\SR24EB8W0YK6ODCZR4I1E7RB44OLQBS\MCzUYa#7JR.exe
C:\Users\J\AppData\Local\Temp
C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e\8r9OJftt.exe
C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\Program Files\Bonjour
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e
C:\Users\J\AppData\Local\07b30a6f67f542c5be91c6606b540aab
C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21
C:\Program Files\LDRIRJvSptwQC
C:\Users\J\AppData\Roaming\2a8deef5c96d48db95f683b9225c6454
C:\Users\J\AppData\Local\7ad965c9b1e64d9dbc54f82c9d3994a5
C:\ProgramData\bdfc3936540148e9a6e8a1e7dd0175f5
C:\Program Files\zDUkwTwaYIE
C:\ProgramData\bzLvYYFFZmFknGVB
C:\Program Files\xpZXRwYFlIWU2
C:\Program Files\VHbWajSWU
C:\Program Files\ELCdlNcAzQmJaXxTcwR
C:\Program Files\IBeJrDHLZIUn
C:\Users\J\AppData\LocalLow\YcbZTHxVCdjoC
C:\ProgramData\f1223d26-924b-4f5b-8457-8cd296ae280d
C:\ProgramData\033263c4-979d-4ee6-9fc8-d45499817fa8
C:\Users\J\AppData\Local\Temp
ShellIconOverlayIdentifiers: [ !!!smico] -> {C6E713CA-A7FD-4C73-9E34-AD7676CB957F} => -> No File
ContextMenuHandlers1: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers1: [SMShellExts] -> {3871F95B-BF7A-4c17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers2: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers4: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {36384E52-3C33-4AFC-AAA8-D3EC100D5601} - System32\Tasks\vnKUActWDSalGNfrR2 => rundll32 "C:\Program Files\ELCdlNcAzQmJaXxTcwR\PZPnAMV.dll",#1
Task: {47936F5D-2F1F-4446-9BAE-5EB16F88100B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-03-15] (Google Inc.)
Task: {972CECB8-2B09-45C7-ACE9-C13C4CC0BA16} - System32\Tasks\WAOtgPBGflHZLCaeTGs2 => rundll32 "C:\Program Files\LDRIRJvSptwQC\ZHxlvkk.dll",#1
Task: {B0D46DF5-62D3-4961-8AEE-B0EF0DE3FE74} - System32\Tasks\reQGtPgibmNDB2 => C:\Windows\system32\wscript.exe "C:\ProgramData\bzLvYYFFZmFknGVB\ckaAQFC.wsf"
Task: {B12D9CAA-6B2B-41AB-940F-FF7EF95E1CF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-03-15] (Google Inc.)
Task: {C3246B80-A3B8-434B-97B9-82D0A0B04F9E} - System32\Tasks\cvyVeCGCBGMaCol2 => rundll32 "C:\Program Files\VHbWajSWU\HzYqKm.dll",#1
Task: {D129490B-D413-47E5-84E7-EC9377DF081E} - System32\Tasks\zleDohIUJuBRcb => rundll32 "C:\Program Files\xpZXRwYFlIWU2\iHazFYLqhKDmo.dll",#1
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully.
"HKU\S-1-5-21-2127791031-234448068-1237163194-1000\Software\Microsoft\Windows\CurrentVersion\Run\\MCzUYa#7JR.exe" => removed successfully.
"HKU\S-1-5-21-2127791031-234448068-1237163194-1000\Software\Microsoft\Windows\CurrentVersion\Run\\d8Pahqx.exe" => removed successfully.
"HKU\S-1-5-21-2127791031-234448068-1237163194-1000\Software\Microsoft\Windows\CurrentVersion\Run\\8r9OJftt.exe" => removed successfully.
"HKU\S-1-5-21-2127791031-234448068-1237163194-1000\Software\Microsoft\Windows\CurrentVersion\Run\\5kO0UQkxapP.exe" => removed successfully.
"C:\Program Files\STMicroelectronics\SR24EB8W0YK6ODCZR4I1E7RB44OLQBS\MCzUYa#7JR.exe" => not found
"C:\Users\J\AppData\Local\Temp" folder move:
Could not move "C:\Users\J\AppData\Local\Temp" => Scheduled to move on reboot.
"C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e\8r9OJftt.exe" => not found
C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21 => moved successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => removed successfully.
C:\Program Files\Bonjour => moved successfully
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat => moved successfully
C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e => moved successfully
C:\Users\J\AppData\Local\07b30a6f67f542c5be91c6606b540aab => moved successfully
"C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21" => not found
C:\Program Files\LDRIRJvSptwQC => moved successfully
C:\Users\J\AppData\Roaming\2a8deef5c96d48db95f683b9225c6454 => moved successfully
C:\Users\J\AppData\Local\7ad965c9b1e64d9dbc54f82c9d3994a5 => moved successfully
C:\ProgramData\bdfc3936540148e9a6e8a1e7dd0175f5 => moved successfully
C:\Program Files\zDUkwTwaYIE => moved successfully
C:\ProgramData\bzLvYYFFZmFknGVB => moved successfully
C:\Program Files\xpZXRwYFlIWU2 => moved successfully
C:\Program Files\VHbWajSWU => moved successfully
C:\Program Files\ELCdlNcAzQmJaXxTcwR => moved successfully
C:\Program Files\IBeJrDHLZIUn => moved successfully
C:\Users\J\AppData\LocalLow\YcbZTHxVCdjoC => moved successfully
C:\ProgramData\f1223d26-924b-4f5b-8457-8cd296ae280d => moved successfully
C:\ProgramData\033263c4-979d-4ee6-9fc8-d45499817fa8 => moved successfully
"C:\Users\J\AppData\Local\Temp" folder move:
Could not move "C:\Users\J\AppData\Local\Temp" => Scheduled to move on reboot.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ !!!smico" => removed successfully.
HKLM\Software\Classes\CLSID\{C6E713CA-A7FD-4C73-9E34-AD7676CB957F} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartMountShlExt" => removed successfully.
HKLM\Software\Classes\CLSID\{3871F95B-BF7A-4C17-950B-3ECBCA765A45} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SMShellExts" => removed successfully.
HKLM\Software\Classes\CLSID\{3871F95B-BF7A-4c17-950B-3ECBCA765A45} => not found
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SmartMountShlExt" => removed successfully.
HKLM\Software\Classes\CLSID\{3871F95B-BF7A-4C17-950B-3ECBCA765A45} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SmartMountShlExt" => removed successfully.
HKLM\Software\Classes\CLSID\{3871F95B-BF7A-4C17-950B-3ECBCA765A45} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36384E52-3C33-4AFC-AAA8-D3EC100D5601}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36384E52-3C33-4AFC-AAA8-D3EC100D5601}" => removed successfully.
C:\Windows\System32\Tasks\vnKUActWDSalGNfrR2 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\vnKUActWDSalGNfrR2" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{47936F5D-2F1F-4446-9BAE-5EB16F88100B}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47936F5D-2F1F-4446-9BAE-5EB16F88100B}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{972CECB8-2B09-45C7-ACE9-C13C4CC0BA16}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{972CECB8-2B09-45C7-ACE9-C13C4CC0BA16}" => removed successfully.
C:\Windows\System32\Tasks\WAOtgPBGflHZLCaeTGs2 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WAOtgPBGflHZLCaeTGs2" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B0D46DF5-62D3-4961-8AEE-B0EF0DE3FE74}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0D46DF5-62D3-4961-8AEE-B0EF0DE3FE74}" => removed successfully.
C:\Windows\System32\Tasks\reQGtPgibmNDB2 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\reQGtPgibmNDB2" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B12D9CAA-6B2B-41AB-940F-FF7EF95E1CF7}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B12D9CAA-6B2B-41AB-940F-FF7EF95E1CF7}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C3246B80-A3B8-434B-97B9-82D0A0B04F9E}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3246B80-A3B8-434B-97B9-82D0A0B04F9E}" => removed successfully.
C:\Windows\System32\Tasks\cvyVeCGCBGMaCol2 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cvyVeCGCBGMaCol2" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D129490B-D413-47E5-84E7-EC9377DF081E}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D129490B-D413-47E5-84E7-EC9377DF081E}" => removed successfully.
C:\Windows\System32\Tasks\zleDohIUJuBRcb => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\zleDohIUJuBRcb" => removed successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22015580 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 101284123 B
Edge => 0 B
Chrome => 844821873 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 29572173 B
LocalService => 132244 B
NetworkService => 97116 B
J => 95514411 B
RecycleBin => 7437981 B
EmptyTemp: => 1 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 02-09-2018 11:13:19)
C:\Users\J\AppData\Local\Temp => moved successfully
C:\Users\J\AppData\Local\Temp => is moved successfully
==== End of Fixlog 11:13:19 ====
Ran by J (02-09-2018 11:09:41) Run:1
Running from C:\Users\J\Desktop
Loaded Profiles: J (Available Profiles: J)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [MCzUYa#7JR.exe] => C:\Program Files\STMicroelectronics\SR24EB8W0YK6ODCZR4I1E7RB44OLQBS\MCzUYa#7JR.exe
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [d8Pahqx.exe] => C:\Users\J\AppData\Local\Temp\8f2738c26a9a42aa92217eb95818c453\d8Pahqx.exe <==== ATTENTION
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [8r9OJftt.exe] => C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e\8r9OJftt.exe
HKU\S-1-5-21-2127791031-234448068-1237163194-1000\...\Run: [5kO0UQkxapP.exe] => C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21\5kO0UQkxapP.exe
C:\Program Files\STMicroelectronics\SR24EB8W0YK6ODCZR4I1E7RB44OLQBS\MCzUYa#7JR.exe
C:\Users\J\AppData\Local\Temp
C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e\8r9OJftt.exe
C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\Program Files\Bonjour
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e
C:\Users\J\AppData\Local\07b30a6f67f542c5be91c6606b540aab
C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21
C:\Program Files\LDRIRJvSptwQC
C:\Users\J\AppData\Roaming\2a8deef5c96d48db95f683b9225c6454
C:\Users\J\AppData\Local\7ad965c9b1e64d9dbc54f82c9d3994a5
C:\ProgramData\bdfc3936540148e9a6e8a1e7dd0175f5
C:\Program Files\zDUkwTwaYIE
C:\ProgramData\bzLvYYFFZmFknGVB
C:\Program Files\xpZXRwYFlIWU2
C:\Program Files\VHbWajSWU
C:\Program Files\ELCdlNcAzQmJaXxTcwR
C:\Program Files\IBeJrDHLZIUn
C:\Users\J\AppData\LocalLow\YcbZTHxVCdjoC
C:\ProgramData\f1223d26-924b-4f5b-8457-8cd296ae280d
C:\ProgramData\033263c4-979d-4ee6-9fc8-d45499817fa8
C:\Users\J\AppData\Local\Temp
ShellIconOverlayIdentifiers: [ !!!smico] -> {C6E713CA-A7FD-4C73-9E34-AD7676CB957F} => -> No File
ContextMenuHandlers1: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers1: [SMShellExts] -> {3871F95B-BF7A-4c17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers2: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers4: [SmartMountShlExt] -> {3871F95B-BF7A-4C17-950B-3ECBCA765A45} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {36384E52-3C33-4AFC-AAA8-D3EC100D5601} - System32\Tasks\vnKUActWDSalGNfrR2 => rundll32 "C:\Program Files\ELCdlNcAzQmJaXxTcwR\PZPnAMV.dll",#1
Task: {47936F5D-2F1F-4446-9BAE-5EB16F88100B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-03-15] (Google Inc.)
Task: {972CECB8-2B09-45C7-ACE9-C13C4CC0BA16} - System32\Tasks\WAOtgPBGflHZLCaeTGs2 => rundll32 "C:\Program Files\LDRIRJvSptwQC\ZHxlvkk.dll",#1
Task: {B0D46DF5-62D3-4961-8AEE-B0EF0DE3FE74} - System32\Tasks\reQGtPgibmNDB2 => C:\Windows\system32\wscript.exe "C:\ProgramData\bzLvYYFFZmFknGVB\ckaAQFC.wsf"
Task: {B12D9CAA-6B2B-41AB-940F-FF7EF95E1CF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-03-15] (Google Inc.)
Task: {C3246B80-A3B8-434B-97B9-82D0A0B04F9E} - System32\Tasks\cvyVeCGCBGMaCol2 => rundll32 "C:\Program Files\VHbWajSWU\HzYqKm.dll",#1
Task: {D129490B-D413-47E5-84E7-EC9377DF081E} - System32\Tasks\zleDohIUJuBRcb => rundll32 "C:\Program Files\xpZXRwYFlIWU2\iHazFYLqhKDmo.dll",#1
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully.
"HKU\S-1-5-21-2127791031-234448068-1237163194-1000\Software\Microsoft\Windows\CurrentVersion\Run\\MCzUYa#7JR.exe" => removed successfully.
"HKU\S-1-5-21-2127791031-234448068-1237163194-1000\Software\Microsoft\Windows\CurrentVersion\Run\\d8Pahqx.exe" => removed successfully.
"HKU\S-1-5-21-2127791031-234448068-1237163194-1000\Software\Microsoft\Windows\CurrentVersion\Run\\8r9OJftt.exe" => removed successfully.
"HKU\S-1-5-21-2127791031-234448068-1237163194-1000\Software\Microsoft\Windows\CurrentVersion\Run\\5kO0UQkxapP.exe" => removed successfully.
"C:\Program Files\STMicroelectronics\SR24EB8W0YK6ODCZR4I1E7RB44OLQBS\MCzUYa#7JR.exe" => not found
"C:\Users\J\AppData\Local\Temp" folder move:
Could not move "C:\Users\J\AppData\Local\Temp" => Scheduled to move on reboot.
"C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e\8r9OJftt.exe" => not found
C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21 => moved successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => removed successfully.
C:\Program Files\Bonjour => moved successfully
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat => moved successfully
C:\Users\J\AppData\Roaming\87e83872e7724f88b0c313613579981e => moved successfully
C:\Users\J\AppData\Local\07b30a6f67f542c5be91c6606b540aab => moved successfully
"C:\ProgramData\74b1dc59b2e848f7a49d968e8abaea21" => not found
C:\Program Files\LDRIRJvSptwQC => moved successfully
C:\Users\J\AppData\Roaming\2a8deef5c96d48db95f683b9225c6454 => moved successfully
C:\Users\J\AppData\Local\7ad965c9b1e64d9dbc54f82c9d3994a5 => moved successfully
C:\ProgramData\bdfc3936540148e9a6e8a1e7dd0175f5 => moved successfully
C:\Program Files\zDUkwTwaYIE => moved successfully
C:\ProgramData\bzLvYYFFZmFknGVB => moved successfully
C:\Program Files\xpZXRwYFlIWU2 => moved successfully
C:\Program Files\VHbWajSWU => moved successfully
C:\Program Files\ELCdlNcAzQmJaXxTcwR => moved successfully
C:\Program Files\IBeJrDHLZIUn => moved successfully
C:\Users\J\AppData\LocalLow\YcbZTHxVCdjoC => moved successfully
C:\ProgramData\f1223d26-924b-4f5b-8457-8cd296ae280d => moved successfully
C:\ProgramData\033263c4-979d-4ee6-9fc8-d45499817fa8 => moved successfully
"C:\Users\J\AppData\Local\Temp" folder move:
Could not move "C:\Users\J\AppData\Local\Temp" => Scheduled to move on reboot.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ !!!smico" => removed successfully.
HKLM\Software\Classes\CLSID\{C6E713CA-A7FD-4C73-9E34-AD7676CB957F} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartMountShlExt" => removed successfully.
HKLM\Software\Classes\CLSID\{3871F95B-BF7A-4C17-950B-3ECBCA765A45} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SMShellExts" => removed successfully.
HKLM\Software\Classes\CLSID\{3871F95B-BF7A-4c17-950B-3ECBCA765A45} => not found
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SmartMountShlExt" => removed successfully.
HKLM\Software\Classes\CLSID\{3871F95B-BF7A-4C17-950B-3ECBCA765A45} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SmartMountShlExt" => removed successfully.
HKLM\Software\Classes\CLSID\{3871F95B-BF7A-4C17-950B-3ECBCA765A45} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36384E52-3C33-4AFC-AAA8-D3EC100D5601}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36384E52-3C33-4AFC-AAA8-D3EC100D5601}" => removed successfully.
C:\Windows\System32\Tasks\vnKUActWDSalGNfrR2 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\vnKUActWDSalGNfrR2" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{47936F5D-2F1F-4446-9BAE-5EB16F88100B}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47936F5D-2F1F-4446-9BAE-5EB16F88100B}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{972CECB8-2B09-45C7-ACE9-C13C4CC0BA16}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{972CECB8-2B09-45C7-ACE9-C13C4CC0BA16}" => removed successfully.
C:\Windows\System32\Tasks\WAOtgPBGflHZLCaeTGs2 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WAOtgPBGflHZLCaeTGs2" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B0D46DF5-62D3-4961-8AEE-B0EF0DE3FE74}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0D46DF5-62D3-4961-8AEE-B0EF0DE3FE74}" => removed successfully.
C:\Windows\System32\Tasks\reQGtPgibmNDB2 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\reQGtPgibmNDB2" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B12D9CAA-6B2B-41AB-940F-FF7EF95E1CF7}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B12D9CAA-6B2B-41AB-940F-FF7EF95E1CF7}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C3246B80-A3B8-434B-97B9-82D0A0B04F9E}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3246B80-A3B8-434B-97B9-82D0A0B04F9E}" => removed successfully.
C:\Windows\System32\Tasks\cvyVeCGCBGMaCol2 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cvyVeCGCBGMaCol2" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D129490B-D413-47E5-84E7-EC9377DF081E}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D129490B-D413-47E5-84E7-EC9377DF081E}" => removed successfully.
C:\Windows\System32\Tasks\zleDohIUJuBRcb => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\zleDohIUJuBRcb" => removed successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22015580 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 101284123 B
Edge => 0 B
Chrome => 844821873 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 29572173 B
LocalService => 132244 B
NetworkService => 97116 B
J => 95514411 B
RecycleBin => 7437981 B
EmptyTemp: => 1 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 02-09-2018 11:13:19)
C:\Users\J\AppData\Local\Temp => moved successfully
C:\Users\J\AppData\Local\Temp => is moved successfully
==== End of Fixlog 11:13:19 ====
-
Rudy
- Site Admin
- Příspěvky: 119427
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: v Chrome sa automaticky otvaraju okna
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?