v správcovi úloh mám spustený COM SURROGATE.
Poprosím o pomoc, ďakujem.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Pavol (administrator) on PALI-ACER (20-03-2016 19:46:08)
Running from C:\Users\Pavol\Desktop
Loaded Profiles: Pavol (Available Profiles: Pavol)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Slovak Telekom a.s.) C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
(forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13675736 2014-08-14] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4431848 2015-12-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [TMCC] => C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe [843776 2012-05-03] (Slovak Telekom a.s.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-11-25] (Spotify Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [Dropbox Update] => "C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-21] (SUPERAntiSpyware)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {59931f99-c0a0-11e5-8301-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d2615ce-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d26172b-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {8843f144-3778-11e5-82d0-2c600c1acd8d} - "G:\LG_PC_Programs.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {aba2b923-f22d-11e4-829a-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {b402b1f3-34ff-11e5-82d0-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-09-10] (Autodesk, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{00933D18-C1E4-41B7-9C98-C0663A318C6A}: [NameServer] 195.146.132.58 195.146.128.62
Tcpip\..\Interfaces\{0D52E7DB-E46F-4020-9DA5-388AF04E76C1}: [NameServer] 195.146.128.62 195.146.132.58
Tcpip\..\Interfaces\{33A4E3D6-2CF8-4DB2-B9F0-DE4B4FDBFA9B}: [NameServer] 195.146.128.62 195.146.132.58
Tcpip\..\Interfaces\{B0D27767-2405-45D4-82F1-424187A397B4}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{CDD77214-C583-403D-BD0D-F9DACE3EAA2F}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.katasterportal.sk/
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> DefaultScope {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-02-26] (Sun Microsystems, Inc.)
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\dk88he9i.default
FF Homepage: hxxp://www.zoznam.sk/
FF Session Restore: -> is enabled.
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-01] (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin HKU\S-1-5-21-626006024-4099096605-4270097203-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll [2015-02-26] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-05-25] (Apple Inc.)
FF Extension: Quick Translator - C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\dk88he9i.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2015-05-29]
Opera:
=======
OPR Extension: (Google™ Translator) - C:\Users\Pavol\AppData\Roaming\Opera Software\Opera Stable\Extensions\jgnebchahhepphmokjeohhoebakpfggp [2016-03-15]
OPR Extension: (Google Translate) - C:\Users\Pavol\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2016-03-15]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1442344 2015-12-15] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4948456 2015-10-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-09-10] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2013-08-22] (HP) [File not signed]
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-08-12] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [157344 2015-12-03] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [486048 2015-12-03] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-08-19] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-09] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-10-17] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3817168 2014-08-19] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20912 2012-10-26] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [73688 2015-06-03] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [158160 2015-05-21] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [209720 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360400 2015-05-21] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [204704 2015-07-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [265688 2015-06-01] (AVG Technologies CZ, s.r.o.)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2016-02-26] (DT Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-20] ()
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [110824 2014-06-11] (GenesysLogic)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [212992 2015-03-26] (Huawei Technologies Co., Ltd.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-11] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [220104 2014-08-07] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3479528 2014-08-21] (Intel Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-20] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-20 19:46 - 2016-03-20 19:46 - 00025033 _____ C:\Users\Pavol\Desktop\FRST.txt
2016-03-20 19:44 - 2016-03-20 19:44 - 00112640 _____ (forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe
2016-03-20 19:43 - 2016-03-20 19:43 - 02374144 _____ (Farbar) C:\Users\Pavol\Desktop\FRST64.exe
2016-03-20 19:40 - 2016-03-20 19:40 - 01222144 _____ C:\Users\Pavol\Desktop\RSITx64.exe
2016-03-20 19:10 - 2016-03-20 19:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-20 19:09 - 2016-03-20 19:09 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2016-03-20 19:09 - 2016-03-20 19:09 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-20 19:09 - 2016-03-20 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-20 19:08 - 2016-03-20 19:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-20 19:08 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-20 19:08 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-20 19:08 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-20 18:06 - 2016-03-20 18:54 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-20 18:05 - 2016-03-20 18:05 - 01527296 _____ C:\Users\Pavol\Desktop\adwcleaner_5.102.exe
2016-03-20 18:02 - 2016-03-20 18:02 - 22851472 _____ (Malwarebytes ) C:\Users\Pavol\Desktop\mbam-setup-2.2.1.1043.exe
2016-03-20 16:39 - 2016-03-20 17:54 - 00000530 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f.job
2016-03-20 16:39 - 2016-03-20 17:54 - 00000530 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab.job
2016-03-20 16:39 - 2016-03-20 16:39 - 00003586 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f
2016-03-20 16:39 - 2016-03-20 16:39 - 00003504 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab
2016-03-20 16:39 - 2016-03-20 16:39 - 00001824 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\SUPERAntiSpyware.com
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-20 16:36 - 2016-03-20 16:37 - 24461672 _____ (SUPERAntiSpyware) C:\Users\Pavol\Downloads\SUPERAntiSpyware.exe
2016-03-20 15:13 - 2016-03-20 15:13 - 00000000 _____ C:\autoexec.bat
2016-03-20 15:11 - 2016-03-20 15:11 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-03-20 15:10 - 2016-03-20 15:10 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Pavol\Downloads\SpyHunter-Installer.exe
2016-03-20 12:15 - 2016-03-20 12:36 - 1561986587 _____ C:\Users\Pavol\Downloads\Hodný dinosaurus (2015).1080p.mkv
2016-03-20 12:12 - 2016-03-20 12:25 - 1640143080 _____ C:\Users\Pavol\Downloads\Andilek na nervy (2015).avi
2016-03-18 21:29 - 2016-03-18 21:44 - 00000000 ____D C:\Users\Pavol\Desktop\pneu
2016-03-18 21:29 - 2016-03-18 21:29 - 00000000 ____D C:\Users\Pavol\Desktop\FOTO HB1,3 vady a nedorobky
2016-03-14 22:29 - 2016-03-16 08:36 - 00000000 ____D C:\Users\Pavol\Desktop\ARS 1018
2016-03-14 15:43 - 2016-03-14 15:43 - 00000000 ____D C:\Users\Pavol\Desktop\HMG NEW
2016-03-14 14:10 - 2016-03-14 14:10 - 00529585 _____ C:\Users\Pavol\Desktop\SITUACIA ROZKOPAVKA.pdf
2016-03-11 14:11 - 2016-03-14 18:59 - 00000000 ____D C:\Windows\system32\MpEngineStore
2016-03-09 19:51 - 2016-02-20 16:45 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 19:51 - 2016-02-06 17:58 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 19:51 - 2016-02-06 17:32 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 19:51 - 2016-02-05 20:06 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 19:51 - 2016-01-24 19:19 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-03-09 19:51 - 2016-01-24 19:19 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-09 19:51 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-03-09 19:51 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-03-09 19:51 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-03-09 19:51 - 2016-01-15 17:56 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-09 19:51 - 2016-01-15 17:45 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-09 19:51 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-03-09 19:51 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-03-09 19:51 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-03-09 19:51 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-03-09 19:51 - 2016-01-09 02:38 - 00091992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-03-09 19:51 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-03-09 19:51 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-03-09 19:51 - 2016-01-06 19:25 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-03-09 19:51 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-03-09 19:51 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-03-09 19:51 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 19:51 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-03-09 19:51 - 2015-12-20 15:57 - 00839168 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-03-09 19:51 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2016-03-09 19:51 - 2015-12-20 15:43 - 00696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-03-09 19:51 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 19:51 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 16:13 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 16:13 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 16:13 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 16:13 - 2016-02-08 21:29 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-03-09 16:13 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 16:13 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 16:13 - 2016-02-08 21:07 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-03-09 16:13 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 16:13 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 16:13 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 16:13 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 16:13 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 16:13 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 16:13 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 16:13 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 16:13 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 16:13 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 16:13 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 16:13 - 2016-02-08 19:14 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-03-09 16:13 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 16:13 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 16:13 - 2016-02-08 18:42 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-03-09 16:13 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 16:13 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 16:13 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 16:13 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 16:13 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 16:13 - 2016-02-08 18:15 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-03-09 16:13 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 16:13 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 16:12 - 2016-02-05 15:59 - 07784960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-09 16:12 - 2016-02-05 15:55 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 16:12 - 2016-02-05 15:48 - 07075840 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-03-09 16:12 - 2016-02-05 15:47 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-03-09 16:12 - 2016-02-03 21:37 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-09 16:12 - 2016-02-03 21:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-09 16:12 - 2016-02-03 16:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-09 16:12 - 2016-02-03 16:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 16:12 - 2016-02-03 16:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 16:11 - 2016-02-12 20:14 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 16:11 - 2016-02-12 16:14 - 03708416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 16:11 - 2016-02-12 15:55 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 16:11 - 2016-02-12 15:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 16:11 - 2016-02-12 15:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 16:11 - 2016-02-12 15:51 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 16:11 - 2016-02-12 15:48 - 02244096 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 16:11 - 2016-02-12 15:47 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 16:11 - 2016-02-12 15:46 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 16:11 - 2016-02-11 15:21 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:21 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:20 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:20 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-03-09 16:11 - 2016-02-06 19:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 16:11 - 2016-02-05 20:07 - 00292696 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-03-09 16:11 - 2016-02-05 20:07 - 00243032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-03-09 16:11 - 2016-02-05 16:03 - 15432704 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 16:11 - 2016-02-05 16:00 - 13318144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 16:11 - 2016-02-04 19:18 - 04174336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 16:11 - 2016-02-04 19:18 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 16:11 - 2016-02-04 19:12 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 16:11 - 2016-02-04 18:44 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 16:11 - 2016-02-04 18:39 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 16:11 - 2016-02-04 18:24 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 16:11 - 2016-02-04 18:02 - 00483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 16:11 - 2016-01-31 20:16 - 00148832 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-08 21:52 - 2016-03-10 17:55 - 00000000 ____D C:\Users\Pavol\Documents\00 HTC WF S
2016-03-08 14:01 - 2016-03-08 14:04 - 02030254 _____ C:\Users\Pavol\Desktop\ISOFLOOR_300.pdf
2016-02-29 10:19 - 2016-02-29 11:07 - 00000000 ____D C:\Users\Pavol\Desktop\FOTO krizovania podlaha
2016-02-29 09:47 - 2016-02-29 11:26 - 00000000 ____D C:\Users\Pavol\Desktop\FOTO HB2-dilatacia
2016-02-28 21:55 - 2016-02-28 21:56 - 00000000 ____D C:\Users\Pavol\Desktop\KIA VAHA VZDUCHU
2016-02-27 07:48 - 2016-02-27 08:12 - 00000000 ____D C:\Users\Pavol\Downloads\XBMC
2016-02-26 20:51 - 2016-02-26 20:51 - 00001079 _____ C:\Users\Public\Desktop\Win32DiskImager.lnk
2016-02-26 20:51 - 2016-02-26 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2016-02-26 20:51 - 2016-02-26 20:51 - 00000000 ____D C:\Program Files (x86)\ImageWriter
2016-02-26 20:48 - 2016-02-26 20:49 - 12290974 _____ (ImageWriter Developers ) C:\Users\Pavol\Downloads\Win32DiskImager-0.9.5-install.exe
2016-02-26 20:47 - 2016-02-26 21:19 - 00000000 ____D C:\Users\Pavol\Downloads\OpenELEC
2016-02-26 20:15 - 2016-02-26 20:15 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2016-02-26 20:15 - 2016-02-26 20:15 - 00001966 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-02-26 20:15 - 2016-02-26 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-02-26 20:15 - 2016-02-26 20:15 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2016-02-25 12:04 - 2016-02-25 12:04 - 00001113 _____ C:\Users\Pavol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ViewPlayCap.lnk
2016-02-25 12:04 - 2016-02-25 12:04 - 00001083 _____ C:\Users\Pavol\Desktop\ViewPlayCap.lnk
2016-02-25 11:25 - 2016-02-25 12:04 - 00000000 ____D C:\Users\Pavol\Desktop\ENDO CAMERA APK
2016-02-24 13:42 - 2016-02-24 14:42 - 00000000 ____D C:\Users\Pavol\Desktop\Pena
2016-02-22 10:21 - 2016-02-22 10:21 - 00355979 _____ C:\Users\Pavol\Desktop\ALLIANZ krescanko.pdf
2016-02-21 22:03 - 2016-02-21 22:04 - 00002828 _____ C:\Users\Pavol\AppData\Local\config.dat
2016-02-21 22:03 - 2016-02-21 22:04 - 00000000 ____D C:\Users\Pavol\AppData\Local\AntikVirtualSTB
2016-02-21 22:03 - 2016-02-21 22:03 - 07929091 _____ (Antik ) C:\Users\Pavol\Downloads\AntikVSTB.exe
2016-02-21 22:03 - 2016-02-21 22:03 - 00001029 _____ C:\Users\Public\Desktop\AntikVirtualSTB.lnk
2016-02-21 22:03 - 2016-02-21 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntikVirtualSTB
2016-02-21 22:03 - 2016-02-21 22:03 - 00000000 ____D C:\Program Files (x86)\AntikVirtualSTB
2016-02-21 14:33 - 2016-02-21 14:33 - 03021515 _____ C:\Users\Pavol\Downloads\anm2.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-20 19:46 - 2015-03-16 17:36 - 00000000 ____D C:\FRST
2016-03-20 19:39 - 2015-02-21 10:46 - 00000000 ____D C:\ProgramData\MFAData
2016-03-20 19:35 - 2015-02-16 20:22 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-626006024-4099096605-4270097203-1001
2016-03-20 19:23 - 2015-06-19 05:12 - 00000938 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA.job
2016-03-20 19:08 - 2015-02-16 20:18 - 00000000 ____D C:\Users\Pavol\AppData\Local\clear.fi
2016-03-20 19:08 - 2014-08-29 19:53 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-03-20 19:06 - 2015-02-16 20:21 - 00000000 ___DO C:\Users\Pavol\OneDrive
2016-03-20 19:04 - 2015-03-18 09:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-20 18:59 - 2014-03-18 11:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-20 18:59 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-03-20 18:55 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-20 18:54 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-20 18:24 - 2015-02-17 15:11 - 00003830 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FB204E27-27EB-46EC-9B9D-4902DCB17F93}
2016-03-20 18:13 - 2015-02-17 15:13 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-03-20 18:13 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-20 17:54 - 2015-06-19 05:12 - 00000886 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core.job
2016-03-20 15:33 - 2015-02-21 11:38 - 00000000 ____D C:\Users\Pavol\Documents\Súbory programu Outlook
2016-03-20 15:17 - 2015-07-20 15:54 - 00002132 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2016-03-20 15:17 - 2015-06-19 05:12 - 00003176 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA
2016-03-20 15:17 - 2015-06-19 05:12 - 00002796 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core
2016-03-20 15:17 - 2015-05-04 09:46 - 00001972 _____ C:\Windows\System32\Tasks\HPLJCustParticipation
2016-03-20 15:17 - 2015-03-21 10:35 - 00002786 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1426437199
2016-03-20 15:17 - 2015-02-23 08:14 - 00002530 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-03-20 15:17 - 2015-02-23 08:14 - 00002152 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2016-03-20 15:17 - 2015-02-17 15:17 - 00002466 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-626006024-4099096605-4270097203-1001
2016-03-20 15:17 - 2014-11-25 22:23 - 00002784 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-626006024-4099096605-4270097203-500
2016-03-20 15:17 - 2014-11-25 21:52 - 00001940 _____ C:\Windows\System32\Tasks\Quick Access Quick Launcher
2016-03-20 15:17 - 2014-11-25 21:52 - 00001828 _____ C:\Windows\System32\Tasks\Launch Manager
2016-03-20 15:17 - 2014-11-25 21:52 - 00001820 _____ C:\Windows\System32\Tasks\Quick Access
2016-03-20 15:17 - 2014-11-25 21:47 - 00001854 _____ C:\Windows\System32\Tasks\Power Management
2016-03-20 15:17 - 2014-11-25 21:26 - 00001854 _____ C:\Windows\System32\Tasks\UMonitor Task
2016-03-20 15:17 - 2014-08-29 19:53 - 00004050 _____ C:\Windows\System32\Tasks\Software Update Application
2016-03-20 15:17 - 2014-08-29 19:53 - 00003568 _____ C:\Windows\System32\Tasks\ACCAgent
2016-03-20 15:17 - 2014-08-29 19:53 - 00002594 _____ C:\Windows\System32\Tasks\ACC
2016-03-20 15:12 - 2015-02-16 20:16 - 00000000 ____D C:\Users\Pavol
2016-03-20 14:58 - 2015-03-11 09:34 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\vlc
2016-03-20 13:08 - 2015-09-16 12:18 - 00598016 ___SH C:\Users\Pavol\Downloads\Thumbs.db
2016-03-20 12:08 - 2015-02-22 16:23 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\AIMP3
2016-03-20 12:06 - 2015-08-19 12:52 - 04306432 ___SH C:\Users\Pavol\Desktop\Thumbs.db
2016-03-18 20:25 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-03-18 09:55 - 2015-02-16 20:17 - 00000000 ____D C:\Users\Pavol\AppData\Local\Packages
2016-03-17 10:36 - 2016-01-17 21:02 - 00003850 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1453060889
2016-03-17 10:36 - 2016-01-17 21:01 - 00001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-17 10:36 - 2015-03-15 17:33 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-16 09:27 - 2016-02-04 15:55 - 00813208 _____ C:\Users\Pavol\Desktop\SITUACIA plochy.pdf
2016-03-16 08:52 - 2015-02-16 20:24 - 00000000 ____D C:\Users\Pavol\AppData\Local\CrashDumps
2016-03-14 08:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-03-14 08:39 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-03-11 16:04 - 2015-03-18 09:07 - 00003582 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-11 15:13 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-03-11 14:17 - 2015-02-16 23:29 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-11 14:11 - 2015-02-16 22:10 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-11 14:11 - 2015-02-16 22:10 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 18:01 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-09 17:06 - 2013-08-22 15:44 - 00567432 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-09 16:09 - 2015-12-09 13:59 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 16:09 - 2015-12-09 13:59 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 16:09 - 2015-12-09 13:59 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-08 08:00 - 2015-02-16 23:37 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:00 - 2015-02-16 23:37 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-04 19:35 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-03-04 07:41 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\ModemLogs
2016-02-29 08:48 - 2015-04-23 17:42 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-29 08:48 - 2015-04-23 17:42 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-26 20:16 - 2015-05-04 13:54 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\DAEMON Tools Lite
2016-02-25 18:09 - 2015-02-26 18:06 - 00000000 ____D C:\Users\Pavol\Graphisoft
2016-02-20 22:40 - 2015-03-02 12:54 - 00000000 ____D C:\Users\Pavol\AppData\Local\ElevatedDiagnostics
==================== Files in the root of some directories =======
2016-02-21 22:03 - 2016-02-21 22:04 - 0002828 _____ () C:\Users\Pavol\AppData\Local\config.dat
2015-02-26 17:21 - 2015-02-26 17:28 - 0004608 _____ () C:\Users\Pavol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-13 15:07 - 2015-03-13 15:07 - 0007597 _____ () C:\Users\Pavol\AppData\Local\Resmon.ResmonCfg
2014-11-25 21:39 - 2014-11-25 21:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Pavol\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
Reduce PDF Size (HKLM-x32\...\{32BD8FD9-8990-46A0-B86B-857F11014DF6}_is1) (Version: - reducepdfsize.com)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core.job => C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA.job => C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: AVG Internet Security Business Edition (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG update module (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG update module (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: AVG Internet Security Business Edition (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
FW: AVG Internet Security Business Edition (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Pavol\Desktop" je 535 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Poprosím o pomoc s COM SURROGATE
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Poprosím o pomoc s COM SURROGATE
- Přílohy
-
- Addition.zip
- (8.78 KiB) Staženo 116 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Poprosím o pomoc s COM SURROGATE
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Poprosím o pomoc s COM SURROGATE
adwcleaner neviem stiahnut z tohto odkazu. Vypisuje mi to:
K tomuto webu sa nedá pripojiť
Web general-changelog-team.fr zamietol pripojenie.
K tomuto webu sa nedá pripojiť
Web general-changelog-team.fr zamietol pripojenie.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Poprosím o pomoc s COM SURROGATE
Tak odjinud: http://www.bleepingcomputer.com/download/adwcleaner/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Poprosím o pomoc s COM SURROGATE
# AdwCleaner v5.102 - Logfile created 20/03/2016 at 20:54:14
# Updated 13/03/2016 by Xplode
# Database : 2016-03-20.7 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Pavol - PALI-ACER
# Running from : C:\Users\Pavol\Desktop\adwcleaner_5.102.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Booking.com
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3679CA35668772304D30A5FB873B0FA77BB70D54
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1130 bytes] - [20/03/2016 18:54:24]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C2].txt - [953 bytes] - [20/03/2016 20:54:14]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [936 bytes] - [20/03/2016 18:07:07]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S2].txt - [1135 bytes] - [20/03/2016 20:48:05]
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C2].txt - [1230 bytes] ##########
# Updated 13/03/2016 by Xplode
# Database : 2016-03-20.7 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Pavol - PALI-ACER
# Running from : C:\Users\Pavol\Desktop\adwcleaner_5.102.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Booking.com
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3679CA35668772304D30A5FB873B0FA77BB70D54
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1130 bytes] - [20/03/2016 18:54:24]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C2].txt - [953 bytes] - [20/03/2016 20:54:14]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [936 bytes] - [20/03/2016 18:07:07]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S2].txt - [1135 bytes] - [20/03/2016 20:48:05]
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C2].txt - [1230 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Poprosím o pomoc s COM SURROGATE
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Poprosím o pomoc s COM SURROGATE
com surrogate je stále v správcovi úloh...
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Pavol (administrator) on PALI-ACER (20-03-2016 21:26:07)
Running from C:\Users\Pavol\Desktop
Loaded Profiles: Pavol (Available Profiles: Pavol)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
(forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13675736 2014-08-14] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4431848 2015-12-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [TMCC] => C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe [843776 2012-05-03] (Slovak Telekom a.s.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-11-25] (Spotify Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [Dropbox Update] => "C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-21] (SUPERAntiSpyware)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {59931f99-c0a0-11e5-8301-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d2615ce-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d26172b-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {8843f144-3778-11e5-82d0-2c600c1acd8d} - "G:\LG_PC_Programs.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {aba2b923-f22d-11e4-829a-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {b402b1f3-34ff-11e5-82d0-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-09-10] (Autodesk, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{00933D18-C1E4-41B7-9C98-C0663A318C6A}: [NameServer] 195.146.132.58 195.146.128.62
Tcpip\..\Interfaces\{0D52E7DB-E46F-4020-9DA5-388AF04E76C1}: [NameServer] 195.146.128.62 195.146.132.58
Tcpip\..\Interfaces\{33A4E3D6-2CF8-4DB2-B9F0-DE4B4FDBFA9B}: [NameServer] 195.146.128.62 195.146.132.58
Tcpip\..\Interfaces\{B0D27767-2405-45D4-82F1-424187A397B4}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{CDD77214-C583-403D-BD0D-F9DACE3EAA2F}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.katasterportal.sk/
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> DefaultScope {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-02-26] (Sun Microsystems, Inc.)
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\dk88he9i.default
FF Homepage: hxxp://www.zoznam.sk/
FF Session Restore: -> is enabled.
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-01] (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin HKU\S-1-5-21-626006024-4099096605-4270097203-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll [2015-02-26] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-05-25] (Apple Inc.)
FF Extension: Quick Translator - C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\dk88he9i.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2015-05-29]
Opera:
=======
OPR Extension: (Google™ Translator) - C:\Users\Pavol\AppData\Roaming\Opera Software\Opera Stable\Extensions\jgnebchahhepphmokjeohhoebakpfggp [2016-03-15]
OPR Extension: (Google Translate) - C:\Users\Pavol\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2016-03-15]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1442344 2015-12-15] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4948456 2015-10-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-09-10] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2013-08-22] (HP) [File not signed]
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-08-12] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [157344 2015-12-03] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [486048 2015-12-03] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-08-19] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-09] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-10-17] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3817168 2014-08-19] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20912 2012-10-26] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [73688 2015-06-03] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [158160 2015-05-21] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [209720 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360400 2015-05-21] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [204704 2015-07-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [265688 2015-06-01] (AVG Technologies CZ, s.r.o.)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2016-02-26] (DT Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-20] ()
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [110824 2014-06-11] (GenesysLogic)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [212992 2015-03-26] (Huawei Technologies Co., Ltd.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-11] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [220104 2014-08-07] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3479528 2014-08-21] (Intel Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-20] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-20 20:58 - 2016-03-20 20:58 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2016-03-20 19:51 - 2016-03-20 19:51 - 00008989 _____ C:\Users\Pavol\Desktop\Addition.zip
2016-03-20 19:46 - 2016-03-20 21:26 - 00024802 _____ C:\Users\Pavol\Desktop\FRST.txt
2016-03-20 19:44 - 2016-03-20 19:44 - 00112640 _____ (forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe
2016-03-20 19:43 - 2016-03-20 19:43 - 02374144 _____ (Farbar) C:\Users\Pavol\Desktop\FRST64.exe
2016-03-20 19:40 - 2016-03-20 19:40 - 01222144 _____ C:\Users\Pavol\Desktop\RSITx64.exe
2016-03-20 19:10 - 2016-03-20 19:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-20 19:09 - 2016-03-20 19:09 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-20 19:09 - 2016-03-20 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-20 19:08 - 2016-03-20 19:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-20 19:08 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-20 19:08 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-20 19:08 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-20 18:06 - 2016-03-20 20:54 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-20 18:05 - 2016-03-20 18:05 - 01527296 _____ C:\Users\Pavol\Desktop\adwcleaner_5.102.exe
2016-03-20 18:02 - 2016-03-20 18:02 - 22851472 _____ (Malwarebytes ) C:\Users\Pavol\Desktop\mbam-setup-2.2.1.1043.exe
2016-03-20 16:39 - 2016-03-20 17:54 - 00000530 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f.job
2016-03-20 16:39 - 2016-03-20 17:54 - 00000530 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab.job
2016-03-20 16:39 - 2016-03-20 16:39 - 00003586 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f
2016-03-20 16:39 - 2016-03-20 16:39 - 00003504 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab
2016-03-20 16:39 - 2016-03-20 16:39 - 00001824 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\SUPERAntiSpyware.com
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-20 16:36 - 2016-03-20 16:37 - 24461672 _____ (SUPERAntiSpyware) C:\Users\Pavol\Downloads\SUPERAntiSpyware.exe
2016-03-20 15:13 - 2016-03-20 15:13 - 00000000 _____ C:\autoexec.bat
2016-03-20 15:11 - 2016-03-20 15:11 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-03-20 15:10 - 2016-03-20 15:10 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Pavol\Downloads\SpyHunter-Installer.exe
2016-03-20 12:15 - 2016-03-20 12:36 - 1561986587 _____ C:\Users\Pavol\Downloads\Hodný dinosaurus (2015).1080p.mkv
2016-03-20 12:12 - 2016-03-20 12:25 - 1640143080 _____ C:\Users\Pavol\Downloads\Andilek na nervy (2015).avi
2016-03-18 21:29 - 2016-03-18 21:44 - 00000000 ____D C:\Users\Pavol\Desktop\pneu
2016-03-14 15:43 - 2016-03-14 15:43 - 00000000 ____D C:\Users\Pavol\Desktop\HMG NEW
2016-03-11 14:11 - 2016-03-14 18:59 - 00000000 ____D C:\Windows\system32\MpEngineStore
2016-03-09 19:51 - 2016-02-20 16:45 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 19:51 - 2016-02-06 17:58 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 19:51 - 2016-02-06 17:32 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 19:51 - 2016-02-05 20:06 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 19:51 - 2016-01-24 19:19 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-03-09 19:51 - 2016-01-24 19:19 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-09 19:51 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-03-09 19:51 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-03-09 19:51 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-03-09 19:51 - 2016-01-15 17:56 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-09 19:51 - 2016-01-15 17:45 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-09 19:51 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-03-09 19:51 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-03-09 19:51 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-03-09 19:51 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-03-09 19:51 - 2016-01-09 02:38 - 00091992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-03-09 19:51 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-03-09 19:51 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-03-09 19:51 - 2016-01-06 19:25 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-03-09 19:51 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-03-09 19:51 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-03-09 19:51 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 19:51 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-03-09 19:51 - 2015-12-20 15:57 - 00839168 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-03-09 19:51 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2016-03-09 19:51 - 2015-12-20 15:43 - 00696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-03-09 19:51 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 19:51 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 16:13 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 16:13 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 16:13 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 16:13 - 2016-02-08 21:29 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-03-09 16:13 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 16:13 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 16:13 - 2016-02-08 21:07 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-03-09 16:13 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 16:13 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 16:13 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 16:13 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 16:13 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 16:13 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 16:13 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 16:13 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 16:13 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 16:13 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 16:13 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 16:13 - 2016-02-08 19:14 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-03-09 16:13 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 16:13 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 16:13 - 2016-02-08 18:42 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-03-09 16:13 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 16:13 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 16:13 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 16:13 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 16:13 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 16:13 - 2016-02-08 18:15 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-03-09 16:13 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 16:13 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 16:12 - 2016-02-05 15:59 - 07784960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-09 16:12 - 2016-02-05 15:55 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 16:12 - 2016-02-05 15:48 - 07075840 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-03-09 16:12 - 2016-02-05 15:47 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-03-09 16:12 - 2016-02-03 21:37 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-09 16:12 - 2016-02-03 21:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-09 16:12 - 2016-02-03 16:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-09 16:12 - 2016-02-03 16:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 16:12 - 2016-02-03 16:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 16:11 - 2016-02-12 20:14 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 16:11 - 2016-02-12 16:14 - 03708416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 16:11 - 2016-02-12 15:55 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 16:11 - 2016-02-12 15:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 16:11 - 2016-02-12 15:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 16:11 - 2016-02-12 15:51 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 16:11 - 2016-02-12 15:48 - 02244096 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 16:11 - 2016-02-12 15:47 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 16:11 - 2016-02-12 15:46 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 16:11 - 2016-02-11 15:21 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:21 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:20 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:20 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-03-09 16:11 - 2016-02-06 19:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 16:11 - 2016-02-05 20:07 - 00292696 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-03-09 16:11 - 2016-02-05 20:07 - 00243032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-03-09 16:11 - 2016-02-05 16:03 - 15432704 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 16:11 - 2016-02-05 16:00 - 13318144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 16:11 - 2016-02-04 19:18 - 04174336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 16:11 - 2016-02-04 19:18 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 16:11 - 2016-02-04 19:12 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 16:11 - 2016-02-04 18:44 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 16:11 - 2016-02-04 18:39 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 16:11 - 2016-02-04 18:24 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 16:11 - 2016-02-04 18:02 - 00483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 16:11 - 2016-01-31 20:16 - 00148832 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-08 21:52 - 2016-03-10 17:55 - 00000000 ____D C:\Users\Pavol\Documents\00 HTC WF S
2016-03-08 14:01 - 2016-03-08 14:04 - 02030254 _____ C:\Users\Pavol\Desktop\ISOFLOOR_300.pdf
2016-02-29 10:19 - 2016-02-29 11:07 - 00000000 ____D C:\Users\Pavol\Desktop\FOTO krizovania podlaha
2016-02-29 09:47 - 2016-02-29 11:26 - 00000000 ____D C:\Users\Pavol\Desktop\FOTO HB2-dilatacia
2016-02-27 07:48 - 2016-02-27 08:12 - 00000000 ____D C:\Users\Pavol\Downloads\XBMC
2016-02-26 20:51 - 2016-02-26 20:51 - 00001079 _____ C:\Users\Public\Desktop\Win32DiskImager.lnk
2016-02-26 20:51 - 2016-02-26 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2016-02-26 20:51 - 2016-02-26 20:51 - 00000000 ____D C:\Program Files (x86)\ImageWriter
2016-02-26 20:48 - 2016-02-26 20:49 - 12290974 _____ (ImageWriter Developers ) C:\Users\Pavol\Downloads\Win32DiskImager-0.9.5-install.exe
2016-02-26 20:47 - 2016-02-26 21:19 - 00000000 ____D C:\Users\Pavol\Downloads\OpenELEC
2016-02-26 20:15 - 2016-02-26 20:15 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2016-02-26 20:15 - 2016-02-26 20:15 - 00001966 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-02-26 20:15 - 2016-02-26 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-02-26 20:15 - 2016-02-26 20:15 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2016-02-25 12:04 - 2016-02-25 12:04 - 00001113 _____ C:\Users\Pavol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ViewPlayCap.lnk
2016-02-25 12:04 - 2016-02-25 12:04 - 00001083 _____ C:\Users\Pavol\Desktop\ViewPlayCap.lnk
2016-02-25 11:25 - 2016-02-25 12:04 - 00000000 ____D C:\Users\Pavol\Desktop\ENDO CAMERA APK
2016-02-24 13:42 - 2016-02-24 14:42 - 00000000 ____D C:\Users\Pavol\Desktop\Pena
2016-02-22 10:21 - 2016-02-22 10:21 - 00355979 _____ C:\Users\Pavol\Desktop\ALLIANZ krescanko.pdf
2016-02-21 22:03 - 2016-02-21 22:04 - 00002828 _____ C:\Users\Pavol\AppData\Local\config.dat
2016-02-21 22:03 - 2016-02-21 22:04 - 00000000 ____D C:\Users\Pavol\AppData\Local\AntikVirtualSTB
2016-02-21 22:03 - 2016-02-21 22:03 - 07929091 _____ (Antik ) C:\Users\Pavol\Downloads\AntikVSTB.exe
2016-02-21 22:03 - 2016-02-21 22:03 - 00001029 _____ C:\Users\Public\Desktop\AntikVirtualSTB.lnk
2016-02-21 22:03 - 2016-02-21 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntikVirtualSTB
2016-02-21 22:03 - 2016-02-21 22:03 - 00000000 ____D C:\Program Files (x86)\AntikVirtualSTB
2016-02-21 14:33 - 2016-02-21 14:33 - 03021515 _____ C:\Users\Pavol\Downloads\anm2.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-20 21:23 - 2015-06-19 05:12 - 00000938 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA.job
2016-03-20 21:06 - 2015-02-16 20:22 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-626006024-4099096605-4270097203-1001
2016-03-20 21:04 - 2015-03-18 09:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-20 21:01 - 2015-02-21 10:46 - 00000000 ____D C:\ProgramData\MFAData
2016-03-20 20:59 - 2014-03-18 11:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-20 20:59 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-03-20 20:58 - 2014-08-29 19:53 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-03-20 20:57 - 2015-02-16 20:18 - 00000000 ____D C:\Users\Pavol\AppData\Local\clear.fi
2016-03-20 20:56 - 2015-02-16 20:21 - 00000000 ___DO C:\Users\Pavol\OneDrive
2016-03-20 20:55 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-20 19:54 - 2015-02-21 11:38 - 00000000 ____D C:\Users\Pavol\Documents\Súbory programu Outlook
2016-03-20 19:46 - 2015-03-16 17:36 - 00000000 ____D C:\FRST
2016-03-20 18:54 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-20 18:24 - 2015-02-17 15:11 - 00003830 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FB204E27-27EB-46EC-9B9D-4902DCB17F93}
2016-03-20 18:13 - 2015-02-17 15:13 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-03-20 18:13 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-20 17:54 - 2015-06-19 05:12 - 00000886 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core.job
2016-03-20 15:17 - 2015-07-20 15:54 - 00002132 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2016-03-20 15:17 - 2015-06-19 05:12 - 00003176 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA
2016-03-20 15:17 - 2015-06-19 05:12 - 00002796 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core
2016-03-20 15:17 - 2015-05-04 09:46 - 00001972 _____ C:\Windows\System32\Tasks\HPLJCustParticipation
2016-03-20 15:17 - 2015-03-21 10:35 - 00002786 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1426437199
2016-03-20 15:17 - 2015-02-23 08:14 - 00002530 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-03-20 15:17 - 2015-02-23 08:14 - 00002152 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2016-03-20 15:17 - 2015-02-17 15:17 - 00002466 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-626006024-4099096605-4270097203-1001
2016-03-20 15:17 - 2014-11-25 22:23 - 00002784 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-626006024-4099096605-4270097203-500
2016-03-20 15:17 - 2014-11-25 21:52 - 00001940 _____ C:\Windows\System32\Tasks\Quick Access Quick Launcher
2016-03-20 15:17 - 2014-11-25 21:52 - 00001828 _____ C:\Windows\System32\Tasks\Launch Manager
2016-03-20 15:17 - 2014-11-25 21:52 - 00001820 _____ C:\Windows\System32\Tasks\Quick Access
2016-03-20 15:17 - 2014-11-25 21:47 - 00001854 _____ C:\Windows\System32\Tasks\Power Management
2016-03-20 15:17 - 2014-11-25 21:26 - 00001854 _____ C:\Windows\System32\Tasks\UMonitor Task
2016-03-20 15:17 - 2014-08-29 19:53 - 00004050 _____ C:\Windows\System32\Tasks\Software Update Application
2016-03-20 15:17 - 2014-08-29 19:53 - 00003568 _____ C:\Windows\System32\Tasks\ACCAgent
2016-03-20 15:17 - 2014-08-29 19:53 - 00002594 _____ C:\Windows\System32\Tasks\ACC
2016-03-20 15:12 - 2015-02-16 20:16 - 00000000 ____D C:\Users\Pavol
2016-03-20 14:58 - 2015-03-11 09:34 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\vlc
2016-03-20 13:08 - 2015-09-16 12:18 - 00598016 ___SH C:\Users\Pavol\Downloads\Thumbs.db
2016-03-20 12:08 - 2015-02-22 16:23 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\AIMP3
2016-03-20 12:06 - 2015-08-19 12:52 - 04306432 ___SH C:\Users\Pavol\Desktop\Thumbs.db
2016-03-18 20:25 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-03-18 09:55 - 2015-02-16 20:17 - 00000000 ____D C:\Users\Pavol\AppData\Local\Packages
2016-03-17 10:36 - 2016-01-17 21:02 - 00003850 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1453060889
2016-03-17 10:36 - 2016-01-17 21:01 - 00001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-17 10:36 - 2015-03-15 17:33 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-16 09:27 - 2016-02-04 15:55 - 00813208 _____ C:\Users\Pavol\Desktop\SITUACIA plochy.pdf
2016-03-16 08:52 - 2015-02-16 20:24 - 00000000 ____D C:\Users\Pavol\AppData\Local\CrashDumps
2016-03-14 08:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-03-14 08:39 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-03-11 16:04 - 2015-03-18 09:07 - 00003582 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-11 15:13 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-03-11 14:17 - 2015-02-16 23:29 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-11 14:11 - 2015-02-16 22:10 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-11 14:11 - 2015-02-16 22:10 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 18:01 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-09 17:06 - 2013-08-22 15:44 - 00567432 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-09 16:09 - 2015-12-09 13:59 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 16:09 - 2015-12-09 13:59 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 16:09 - 2015-12-09 13:59 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-08 08:00 - 2015-02-16 23:37 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:00 - 2015-02-16 23:37 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-04 19:35 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-03-04 07:41 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\ModemLogs
2016-02-29 08:48 - 2015-04-23 17:42 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-29 08:48 - 2015-04-23 17:42 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-26 20:16 - 2015-05-04 13:54 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\DAEMON Tools Lite
2016-02-25 18:09 - 2015-02-26 18:06 - 00000000 ____D C:\Users\Pavol\Graphisoft
2016-02-20 22:40 - 2015-03-02 12:54 - 00000000 ____D C:\Users\Pavol\AppData\Local\ElevatedDiagnostics
==================== Files in the root of some directories =======
2016-02-21 22:03 - 2016-02-21 22:04 - 0002828 _____ () C:\Users\Pavol\AppData\Local\config.dat
2015-02-26 17:21 - 2015-02-26 17:28 - 0004608 _____ () C:\Users\Pavol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-13 15:07 - 2015-03-13 15:07 - 0007597 _____ () C:\Users\Pavol\AppData\Local\Resmon.ResmonCfg
2014-11-25 21:39 - 2014-11-25 21:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Pavol\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
Reduce PDF Size (HKLM-x32\...\{32BD8FD9-8990-46A0-B86B-857F11014DF6}_is1) (Version: - reducepdfsize.com)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core.job => C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA.job => C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: AVG Internet Security Business Edition (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG update module (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG update module (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: AVG Internet Security Business Edition (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
FW: AVG Internet Security Business Edition (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Pavol\Desktop" je 489 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Pavol (administrator) on PALI-ACER (20-03-2016 21:26:07)
Running from C:\Users\Pavol\Desktop
Loaded Profiles: Pavol (Available Profiles: Pavol)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
(forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13675736 2014-08-14] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4431848 2015-12-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [TMCC] => C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe [843776 2012-05-03] (Slovak Telekom a.s.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-11-25] (Spotify Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [Dropbox Update] => "C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-21] (SUPERAntiSpyware)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {59931f99-c0a0-11e5-8301-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d2615ce-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d26172b-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {8843f144-3778-11e5-82d0-2c600c1acd8d} - "G:\LG_PC_Programs.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {aba2b923-f22d-11e4-829a-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {b402b1f3-34ff-11e5-82d0-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-09-10] (Autodesk, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{00933D18-C1E4-41B7-9C98-C0663A318C6A}: [NameServer] 195.146.132.58 195.146.128.62
Tcpip\..\Interfaces\{0D52E7DB-E46F-4020-9DA5-388AF04E76C1}: [NameServer] 195.146.128.62 195.146.132.58
Tcpip\..\Interfaces\{33A4E3D6-2CF8-4DB2-B9F0-DE4B4FDBFA9B}: [NameServer] 195.146.128.62 195.146.132.58
Tcpip\..\Interfaces\{B0D27767-2405-45D4-82F1-424187A397B4}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{CDD77214-C583-403D-BD0D-F9DACE3EAA2F}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.katasterportal.sk/
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> DefaultScope {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-02-26] (Sun Microsystems, Inc.)
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\dk88he9i.default
FF Homepage: hxxp://www.zoznam.sk/
FF Session Restore: -> is enabled.
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-01] (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin HKU\S-1-5-21-626006024-4099096605-4270097203-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll [2015-02-26] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-05-25] (Apple Inc.)
FF Extension: Quick Translator - C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\dk88he9i.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2015-05-29]
Opera:
=======
OPR Extension: (Google™ Translator) - C:\Users\Pavol\AppData\Roaming\Opera Software\Opera Stable\Extensions\jgnebchahhepphmokjeohhoebakpfggp [2016-03-15]
OPR Extension: (Google Translate) - C:\Users\Pavol\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2016-03-15]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1442344 2015-12-15] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4948456 2015-10-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-09-10] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2013-08-22] (HP) [File not signed]
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-08-12] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [157344 2015-12-03] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [486048 2015-12-03] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-08-19] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-09] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-10-17] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3817168 2014-08-19] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20912 2012-10-26] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [73688 2015-06-03] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [158160 2015-05-21] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [209720 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360400 2015-05-21] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [204704 2015-07-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [265688 2015-06-01] (AVG Technologies CZ, s.r.o.)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2016-02-26] (DT Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-20] ()
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [110824 2014-06-11] (GenesysLogic)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [212992 2015-03-26] (Huawei Technologies Co., Ltd.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-11] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [220104 2014-08-07] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3479528 2014-08-21] (Intel Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-20] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-20 20:58 - 2016-03-20 20:58 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2016-03-20 19:51 - 2016-03-20 19:51 - 00008989 _____ C:\Users\Pavol\Desktop\Addition.zip
2016-03-20 19:46 - 2016-03-20 21:26 - 00024802 _____ C:\Users\Pavol\Desktop\FRST.txt
2016-03-20 19:44 - 2016-03-20 19:44 - 00112640 _____ (forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe
2016-03-20 19:43 - 2016-03-20 19:43 - 02374144 _____ (Farbar) C:\Users\Pavol\Desktop\FRST64.exe
2016-03-20 19:40 - 2016-03-20 19:40 - 01222144 _____ C:\Users\Pavol\Desktop\RSITx64.exe
2016-03-20 19:10 - 2016-03-20 19:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-20 19:09 - 2016-03-20 19:09 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-20 19:09 - 2016-03-20 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-20 19:08 - 2016-03-20 19:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-20 19:08 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-20 19:08 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-20 19:08 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-20 18:06 - 2016-03-20 20:54 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-20 18:05 - 2016-03-20 18:05 - 01527296 _____ C:\Users\Pavol\Desktop\adwcleaner_5.102.exe
2016-03-20 18:02 - 2016-03-20 18:02 - 22851472 _____ (Malwarebytes ) C:\Users\Pavol\Desktop\mbam-setup-2.2.1.1043.exe
2016-03-20 16:39 - 2016-03-20 17:54 - 00000530 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f.job
2016-03-20 16:39 - 2016-03-20 17:54 - 00000530 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab.job
2016-03-20 16:39 - 2016-03-20 16:39 - 00003586 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f
2016-03-20 16:39 - 2016-03-20 16:39 - 00003504 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab
2016-03-20 16:39 - 2016-03-20 16:39 - 00001824 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\SUPERAntiSpyware.com
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-20 16:36 - 2016-03-20 16:37 - 24461672 _____ (SUPERAntiSpyware) C:\Users\Pavol\Downloads\SUPERAntiSpyware.exe
2016-03-20 15:13 - 2016-03-20 15:13 - 00000000 _____ C:\autoexec.bat
2016-03-20 15:11 - 2016-03-20 15:11 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-03-20 15:10 - 2016-03-20 15:10 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Pavol\Downloads\SpyHunter-Installer.exe
2016-03-20 12:15 - 2016-03-20 12:36 - 1561986587 _____ C:\Users\Pavol\Downloads\Hodný dinosaurus (2015).1080p.mkv
2016-03-20 12:12 - 2016-03-20 12:25 - 1640143080 _____ C:\Users\Pavol\Downloads\Andilek na nervy (2015).avi
2016-03-18 21:29 - 2016-03-18 21:44 - 00000000 ____D C:\Users\Pavol\Desktop\pneu
2016-03-14 15:43 - 2016-03-14 15:43 - 00000000 ____D C:\Users\Pavol\Desktop\HMG NEW
2016-03-11 14:11 - 2016-03-14 18:59 - 00000000 ____D C:\Windows\system32\MpEngineStore
2016-03-09 19:51 - 2016-02-20 16:45 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 19:51 - 2016-02-06 17:58 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 19:51 - 2016-02-06 17:32 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 19:51 - 2016-02-05 20:06 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 19:51 - 2016-01-24 19:19 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-03-09 19:51 - 2016-01-24 19:19 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-09 19:51 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-03-09 19:51 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-03-09 19:51 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-03-09 19:51 - 2016-01-15 17:56 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-09 19:51 - 2016-01-15 17:45 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-09 19:51 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-03-09 19:51 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-03-09 19:51 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-03-09 19:51 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-03-09 19:51 - 2016-01-09 02:38 - 00091992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-03-09 19:51 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-03-09 19:51 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-03-09 19:51 - 2016-01-06 19:25 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-03-09 19:51 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-03-09 19:51 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-03-09 19:51 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 19:51 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-03-09 19:51 - 2015-12-20 15:57 - 00839168 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-03-09 19:51 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2016-03-09 19:51 - 2015-12-20 15:43 - 00696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-03-09 19:51 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 19:51 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 16:13 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 16:13 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 16:13 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 16:13 - 2016-02-08 21:29 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-03-09 16:13 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 16:13 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 16:13 - 2016-02-08 21:07 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-03-09 16:13 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 16:13 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 16:13 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 16:13 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 16:13 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 16:13 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 16:13 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 16:13 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 16:13 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 16:13 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 16:13 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 16:13 - 2016-02-08 19:14 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-03-09 16:13 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 16:13 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 16:13 - 2016-02-08 18:42 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-03-09 16:13 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 16:13 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 16:13 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 16:13 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 16:13 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 16:13 - 2016-02-08 18:15 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-03-09 16:13 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 16:13 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 16:12 - 2016-02-05 15:59 - 07784960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-09 16:12 - 2016-02-05 15:55 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 16:12 - 2016-02-05 15:48 - 07075840 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-03-09 16:12 - 2016-02-05 15:47 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-03-09 16:12 - 2016-02-03 21:37 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-09 16:12 - 2016-02-03 21:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-09 16:12 - 2016-02-03 16:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-09 16:12 - 2016-02-03 16:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 16:12 - 2016-02-03 16:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 16:11 - 2016-02-12 20:14 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 16:11 - 2016-02-12 16:14 - 03708416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 16:11 - 2016-02-12 15:55 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 16:11 - 2016-02-12 15:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 16:11 - 2016-02-12 15:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 16:11 - 2016-02-12 15:51 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 16:11 - 2016-02-12 15:48 - 02244096 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 16:11 - 2016-02-12 15:47 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 16:11 - 2016-02-12 15:46 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 16:11 - 2016-02-11 15:21 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:21 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:20 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:20 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-03-09 16:11 - 2016-02-06 19:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 16:11 - 2016-02-05 20:07 - 00292696 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-03-09 16:11 - 2016-02-05 20:07 - 00243032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-03-09 16:11 - 2016-02-05 16:03 - 15432704 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 16:11 - 2016-02-05 16:00 - 13318144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 16:11 - 2016-02-04 19:18 - 04174336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 16:11 - 2016-02-04 19:18 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 16:11 - 2016-02-04 19:12 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 16:11 - 2016-02-04 18:44 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 16:11 - 2016-02-04 18:39 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 16:11 - 2016-02-04 18:24 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 16:11 - 2016-02-04 18:02 - 00483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 16:11 - 2016-01-31 20:16 - 00148832 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-08 21:52 - 2016-03-10 17:55 - 00000000 ____D C:\Users\Pavol\Documents\00 HTC WF S
2016-03-08 14:01 - 2016-03-08 14:04 - 02030254 _____ C:\Users\Pavol\Desktop\ISOFLOOR_300.pdf
2016-02-29 10:19 - 2016-02-29 11:07 - 00000000 ____D C:\Users\Pavol\Desktop\FOTO krizovania podlaha
2016-02-29 09:47 - 2016-02-29 11:26 - 00000000 ____D C:\Users\Pavol\Desktop\FOTO HB2-dilatacia
2016-02-27 07:48 - 2016-02-27 08:12 - 00000000 ____D C:\Users\Pavol\Downloads\XBMC
2016-02-26 20:51 - 2016-02-26 20:51 - 00001079 _____ C:\Users\Public\Desktop\Win32DiskImager.lnk
2016-02-26 20:51 - 2016-02-26 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2016-02-26 20:51 - 2016-02-26 20:51 - 00000000 ____D C:\Program Files (x86)\ImageWriter
2016-02-26 20:48 - 2016-02-26 20:49 - 12290974 _____ (ImageWriter Developers ) C:\Users\Pavol\Downloads\Win32DiskImager-0.9.5-install.exe
2016-02-26 20:47 - 2016-02-26 21:19 - 00000000 ____D C:\Users\Pavol\Downloads\OpenELEC
2016-02-26 20:15 - 2016-02-26 20:15 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2016-02-26 20:15 - 2016-02-26 20:15 - 00001966 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-02-26 20:15 - 2016-02-26 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-02-26 20:15 - 2016-02-26 20:15 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2016-02-25 12:04 - 2016-02-25 12:04 - 00001113 _____ C:\Users\Pavol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ViewPlayCap.lnk
2016-02-25 12:04 - 2016-02-25 12:04 - 00001083 _____ C:\Users\Pavol\Desktop\ViewPlayCap.lnk
2016-02-25 11:25 - 2016-02-25 12:04 - 00000000 ____D C:\Users\Pavol\Desktop\ENDO CAMERA APK
2016-02-24 13:42 - 2016-02-24 14:42 - 00000000 ____D C:\Users\Pavol\Desktop\Pena
2016-02-22 10:21 - 2016-02-22 10:21 - 00355979 _____ C:\Users\Pavol\Desktop\ALLIANZ krescanko.pdf
2016-02-21 22:03 - 2016-02-21 22:04 - 00002828 _____ C:\Users\Pavol\AppData\Local\config.dat
2016-02-21 22:03 - 2016-02-21 22:04 - 00000000 ____D C:\Users\Pavol\AppData\Local\AntikVirtualSTB
2016-02-21 22:03 - 2016-02-21 22:03 - 07929091 _____ (Antik ) C:\Users\Pavol\Downloads\AntikVSTB.exe
2016-02-21 22:03 - 2016-02-21 22:03 - 00001029 _____ C:\Users\Public\Desktop\AntikVirtualSTB.lnk
2016-02-21 22:03 - 2016-02-21 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntikVirtualSTB
2016-02-21 22:03 - 2016-02-21 22:03 - 00000000 ____D C:\Program Files (x86)\AntikVirtualSTB
2016-02-21 14:33 - 2016-02-21 14:33 - 03021515 _____ C:\Users\Pavol\Downloads\anm2.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-20 21:23 - 2015-06-19 05:12 - 00000938 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA.job
2016-03-20 21:06 - 2015-02-16 20:22 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-626006024-4099096605-4270097203-1001
2016-03-20 21:04 - 2015-03-18 09:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-20 21:01 - 2015-02-21 10:46 - 00000000 ____D C:\ProgramData\MFAData
2016-03-20 20:59 - 2014-03-18 11:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-20 20:59 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-03-20 20:58 - 2014-08-29 19:53 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-03-20 20:57 - 2015-02-16 20:18 - 00000000 ____D C:\Users\Pavol\AppData\Local\clear.fi
2016-03-20 20:56 - 2015-02-16 20:21 - 00000000 ___DO C:\Users\Pavol\OneDrive
2016-03-20 20:55 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-20 19:54 - 2015-02-21 11:38 - 00000000 ____D C:\Users\Pavol\Documents\Súbory programu Outlook
2016-03-20 19:46 - 2015-03-16 17:36 - 00000000 ____D C:\FRST
2016-03-20 18:54 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-20 18:24 - 2015-02-17 15:11 - 00003830 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FB204E27-27EB-46EC-9B9D-4902DCB17F93}
2016-03-20 18:13 - 2015-02-17 15:13 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-03-20 18:13 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-20 17:54 - 2015-06-19 05:12 - 00000886 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core.job
2016-03-20 15:17 - 2015-07-20 15:54 - 00002132 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2016-03-20 15:17 - 2015-06-19 05:12 - 00003176 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA
2016-03-20 15:17 - 2015-06-19 05:12 - 00002796 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core
2016-03-20 15:17 - 2015-05-04 09:46 - 00001972 _____ C:\Windows\System32\Tasks\HPLJCustParticipation
2016-03-20 15:17 - 2015-03-21 10:35 - 00002786 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1426437199
2016-03-20 15:17 - 2015-02-23 08:14 - 00002530 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-03-20 15:17 - 2015-02-23 08:14 - 00002152 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2016-03-20 15:17 - 2015-02-17 15:17 - 00002466 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-626006024-4099096605-4270097203-1001
2016-03-20 15:17 - 2014-11-25 22:23 - 00002784 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-626006024-4099096605-4270097203-500
2016-03-20 15:17 - 2014-11-25 21:52 - 00001940 _____ C:\Windows\System32\Tasks\Quick Access Quick Launcher
2016-03-20 15:17 - 2014-11-25 21:52 - 00001828 _____ C:\Windows\System32\Tasks\Launch Manager
2016-03-20 15:17 - 2014-11-25 21:52 - 00001820 _____ C:\Windows\System32\Tasks\Quick Access
2016-03-20 15:17 - 2014-11-25 21:47 - 00001854 _____ C:\Windows\System32\Tasks\Power Management
2016-03-20 15:17 - 2014-11-25 21:26 - 00001854 _____ C:\Windows\System32\Tasks\UMonitor Task
2016-03-20 15:17 - 2014-08-29 19:53 - 00004050 _____ C:\Windows\System32\Tasks\Software Update Application
2016-03-20 15:17 - 2014-08-29 19:53 - 00003568 _____ C:\Windows\System32\Tasks\ACCAgent
2016-03-20 15:17 - 2014-08-29 19:53 - 00002594 _____ C:\Windows\System32\Tasks\ACC
2016-03-20 15:12 - 2015-02-16 20:16 - 00000000 ____D C:\Users\Pavol
2016-03-20 14:58 - 2015-03-11 09:34 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\vlc
2016-03-20 13:08 - 2015-09-16 12:18 - 00598016 ___SH C:\Users\Pavol\Downloads\Thumbs.db
2016-03-20 12:08 - 2015-02-22 16:23 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\AIMP3
2016-03-20 12:06 - 2015-08-19 12:52 - 04306432 ___SH C:\Users\Pavol\Desktop\Thumbs.db
2016-03-18 20:25 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-03-18 09:55 - 2015-02-16 20:17 - 00000000 ____D C:\Users\Pavol\AppData\Local\Packages
2016-03-17 10:36 - 2016-01-17 21:02 - 00003850 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1453060889
2016-03-17 10:36 - 2016-01-17 21:01 - 00001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-17 10:36 - 2015-03-15 17:33 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-16 09:27 - 2016-02-04 15:55 - 00813208 _____ C:\Users\Pavol\Desktop\SITUACIA plochy.pdf
2016-03-16 08:52 - 2015-02-16 20:24 - 00000000 ____D C:\Users\Pavol\AppData\Local\CrashDumps
2016-03-14 08:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-03-14 08:39 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-03-11 16:04 - 2015-03-18 09:07 - 00003582 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-11 15:13 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-03-11 14:17 - 2015-02-16 23:29 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-11 14:11 - 2015-02-16 22:10 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-11 14:11 - 2015-02-16 22:10 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 18:01 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-09 17:06 - 2013-08-22 15:44 - 00567432 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-09 16:09 - 2015-12-09 13:59 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 16:09 - 2015-12-09 13:59 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 16:09 - 2015-12-09 13:59 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-08 08:00 - 2015-02-16 23:37 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:00 - 2015-02-16 23:37 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-04 19:35 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-03-04 07:41 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\ModemLogs
2016-02-29 08:48 - 2015-04-23 17:42 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-29 08:48 - 2015-04-23 17:42 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-26 20:16 - 2015-05-04 13:54 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\DAEMON Tools Lite
2016-02-25 18:09 - 2015-02-26 18:06 - 00000000 ____D C:\Users\Pavol\Graphisoft
2016-02-20 22:40 - 2015-03-02 12:54 - 00000000 ____D C:\Users\Pavol\AppData\Local\ElevatedDiagnostics
==================== Files in the root of some directories =======
2016-02-21 22:03 - 2016-02-21 22:04 - 0002828 _____ () C:\Users\Pavol\AppData\Local\config.dat
2015-02-26 17:21 - 2015-02-26 17:28 - 0004608 _____ () C:\Users\Pavol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-13 15:07 - 2015-03-13 15:07 - 0007597 _____ () C:\Users\Pavol\AppData\Local\Resmon.ResmonCfg
2014-11-25 21:39 - 2014-11-25 21:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Pavol\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
Reduce PDF Size (HKLM-x32\...\{32BD8FD9-8990-46A0-B86B-857F11014DF6}_is1) (Version: - reducepdfsize.com)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core.job => C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA.job => C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: AVG Internet Security Business Edition (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG update module (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG update module (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: AVG Internet Security Business Edition (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
FW: AVG Internet Security Business Edition (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Pavol\Desktop" je 489 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Poprosím o pomoc s COM SURROGATE
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {59931f99-c0a0-11e5-8301-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d2615ce-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d26172b-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {8843f144-3778-11e5-82d0-2c600c1acd8d} - "G:\LG_PC_Programs.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {aba2b923-f22d-11e4-829a-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {b402b1f3-34ff-11e5-82d0-2c600c1acd8d} - "F:\RunSetup.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> DefaultScope {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
C:\Users\Pavol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Pavol\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Poprosím o pomoc s COM SURROGATE
Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Pavol (2016-03-20 22:56:35) Run:2
Running from C:\Users\Pavol\Desktop
Loaded Profiles: Pavol (Available Profiles: Pavol)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {59931f99-c0a0-11e5-8301-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d2615ce-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d26172b-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {8843f144-3778-11e5-82d0-2c600c1acd8d} - "G:\LG_PC_Programs.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {aba2b923-f22d-11e4-829a-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {b402b1f3-34ff-11e5-82d0-2c600c1acd8d} - "F:\RunSetup.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> DefaultScope {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
C:\Users\Pavol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Pavol\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59931f99-c0a0-11e5-8301-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{59931f99-c0a0-11e5-8301-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d2615ce-d381-11e4-8287-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{5d2615ce-d381-11e4-8287-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d26172b-d381-11e4-8287-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{5d26172b-d381-11e4-8287-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8843f144-3778-11e5-82d0-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{8843f144-3778-11e5-82d0-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aba2b923-f22d-11e4-829a-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{aba2b923-f22d-11e4-829a-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b402b1f3-34ff-11e5-82d0-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{b402b1f3-34ff-11e5-82d0-2c600c1acd8d} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CEAB4B51-FD6C-476E-B105-BA9215352FE6}" => key removed successfully
HKCR\CLSID\{CEAB4B51-FD6C-476E-B105-BA9215352FE6} => key not found.
C:\Users\Pavol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"C:\Users\Pavol\AppData\Local\Temp" folder move:
Could not move "C:\Users\Pavol\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-20 22:57:53)
C:\Users\Pavol\AppData\Local\Temp => moved successfully
==== End of Fixlog 22:57:54 ====
Ran by Pavol (2016-03-20 22:56:35) Run:2
Running from C:\Users\Pavol\Desktop
Loaded Profiles: Pavol (Available Profiles: Pavol)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {59931f99-c0a0-11e5-8301-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d2615ce-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d26172b-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {8843f144-3778-11e5-82d0-2c600c1acd8d} - "G:\LG_PC_Programs.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {aba2b923-f22d-11e4-829a-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {b402b1f3-34ff-11e5-82d0-2c600c1acd8d} - "F:\RunSetup.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> DefaultScope {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
C:\Users\Pavol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Pavol\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59931f99-c0a0-11e5-8301-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{59931f99-c0a0-11e5-8301-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d2615ce-d381-11e4-8287-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{5d2615ce-d381-11e4-8287-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d26172b-d381-11e4-8287-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{5d26172b-d381-11e4-8287-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8843f144-3778-11e5-82d0-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{8843f144-3778-11e5-82d0-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aba2b923-f22d-11e4-829a-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{aba2b923-f22d-11e4-829a-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b402b1f3-34ff-11e5-82d0-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{b402b1f3-34ff-11e5-82d0-2c600c1acd8d} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CEAB4B51-FD6C-476E-B105-BA9215352FE6}" => key removed successfully
HKCR\CLSID\{CEAB4B51-FD6C-476E-B105-BA9215352FE6} => key not found.
C:\Users\Pavol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"C:\Users\Pavol\AppData\Local\Temp" folder move:
Could not move "C:\Users\Pavol\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-20 22:57:53)
C:\Users\Pavol\AppData\Local\Temp => moved successfully
==== End of Fixlog 22:57:54 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Poprosím o pomoc s COM SURROGATE
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Poprosím o pomoc s COM SURROGATE
nie, rovnaké problémy ako predtým a com surrogate je medzi spustenými procesmi v správcovi úloh...
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Poprosím o pomoc s COM SURROGATE
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Poprosím o pomoc s COM SURROGATE
Mal som zapnuty AVG, nevadi?
A problemy sa prejavu nemoznostou zapisovat na USB. Dalej nemoznostou kopirovat, premenovat, zmazat (stale je vraj subor otvoreny... a vcera som si vsimol, ze v hlaseni o otvoreni suboru bolo citovane COM SURROGATE).
Malwarebytes Anti-Malware
www.malwarebytes.org
Dátum kontroly: 21.3.2016
Čas kontroly: 18:20
Protokol:
Správca: Áno
Verzia: 2.2.1.1043
Dazabáza malware: v2016.03.21.04
Databáza rootkitov: v2016.03.12.01
Licencia: Bezplatná verzia
Ochrana pred škodlivým softvérom: Vypnuté
Ochrana pred škodlivými webstránkami: Vypnuté
Vlastná ochrana: Vypnuté
OS: Windows 8.1
CPU: x64
Súborový systém: NTFS
Používateľ: Pavol
Typ kontroly: Kontrola hrozieb
Výsledok: Dokončená
Skontrolovaných objektov: 364505
Uplynulý čas: 11 min, 52 s
Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Vypnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté
Procesy: 0
(Žiadne škodlivé položky neboli zistené)
Moduly: 0
(Žiadne škodlivé položky neboli zistené)
Kľúče databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Priečinky: 0
(Žiadne škodlivé položky neboli zistené)
Súbory: 0
(Žiadne škodlivé položky neboli zistené)
Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)
(end)
A problemy sa prejavu nemoznostou zapisovat na USB. Dalej nemoznostou kopirovat, premenovat, zmazat (stale je vraj subor otvoreny... a vcera som si vsimol, ze v hlaseni o otvoreni suboru bolo citovane COM SURROGATE).
Malwarebytes Anti-Malware
www.malwarebytes.org
Dátum kontroly: 21.3.2016
Čas kontroly: 18:20
Protokol:
Správca: Áno
Verzia: 2.2.1.1043
Dazabáza malware: v2016.03.21.04
Databáza rootkitov: v2016.03.12.01
Licencia: Bezplatná verzia
Ochrana pred škodlivým softvérom: Vypnuté
Ochrana pred škodlivými webstránkami: Vypnuté
Vlastná ochrana: Vypnuté
OS: Windows 8.1
CPU: x64
Súborový systém: NTFS
Používateľ: Pavol
Typ kontroly: Kontrola hrozieb
Výsledok: Dokončená
Skontrolovaných objektov: 364505
Uplynulý čas: 11 min, 52 s
Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Vypnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté
Procesy: 0
(Žiadne škodlivé položky neboli zistené)
Moduly: 0
(Žiadne škodlivé položky neboli zistené)
Kľúče databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Priečinky: 0
(Žiadne škodlivé položky neboli zistené)
Súbory: 0
(Žiadne škodlivé položky neboli zistené)
Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Poprosím o pomoc s COM SURROGATE
Nevadí, to je jen skener (nemá rezident). Nic nenašel. Zkuste to ještě SpyHunterem: https://odstranitvirus.cz/spyhunter/sta ... surrogate/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Poprosím o pomoc s COM SURROGATE
neviem vygenerovat log, prikladam obrazok
- Přílohy
-
- spyhunter 2.jpg (42.36 KiB) Zobrazeno 2443 x
Přispějete na provoz fóra?