VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Poprosím o pomoc s COM SURROGATE

https://forum.viry.cz:443/viewtopic.php?t=148425

Stránka 1 z 3

Poprosím o pomoc s COM SURROGATE

Napsal: 20 bře 2016 19:52
od paulus33
v správcovi úloh mám spustený COM SURROGATE.

Poprosím o pomoc, ďakujem.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Pavol (administrator) on PALI-ACER (20-03-2016 19:46:08)
Running from C:\Users\Pavol\Desktop
Loaded Profiles: Pavol (Available Profiles: Pavol)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Slovak Telekom a.s.) C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
(forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13675736 2014-08-14] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4431848 2015-12-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [TMCC] => C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe [843776 2012-05-03] (Slovak Telekom a.s.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-11-25] (Spotify Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [Dropbox Update] => "C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-21] (SUPERAntiSpyware)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {59931f99-c0a0-11e5-8301-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d2615ce-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d26172b-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {8843f144-3778-11e5-82d0-2c600c1acd8d} - "G:\LG_PC_Programs.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {aba2b923-f22d-11e4-829a-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {b402b1f3-34ff-11e5-82d0-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-09-10] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{00933D18-C1E4-41B7-9C98-C0663A318C6A}: [NameServer] 195.146.132.58 195.146.128.62
Tcpip\..\Interfaces\{0D52E7DB-E46F-4020-9DA5-388AF04E76C1}: [NameServer] 195.146.128.62 195.146.132.58
Tcpip\..\Interfaces\{33A4E3D6-2CF8-4DB2-B9F0-DE4B4FDBFA9B}: [NameServer] 195.146.128.62 195.146.132.58
Tcpip\..\Interfaces\{B0D27767-2405-45D4-82F1-424187A397B4}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{CDD77214-C583-403D-BD0D-F9DACE3EAA2F}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.katasterportal.sk/
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> DefaultScope {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-02-26] (Sun Microsystems, Inc.)
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\dk88he9i.default
FF Homepage: hxxp://www.zoznam.sk/
FF Session Restore: -> is enabled.
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-01] (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin HKU\S-1-5-21-626006024-4099096605-4270097203-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll [2015-02-26] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-05-25] (Apple Inc.)
FF Extension: Quick Translator - C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\dk88he9i.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2015-05-29]

Opera:
=======
OPR Extension: (Google™ Translator) - C:\Users\Pavol\AppData\Roaming\Opera Software\Opera Stable\Extensions\jgnebchahhepphmokjeohhoebakpfggp [2016-03-15]
OPR Extension: (Google Translate) - C:\Users\Pavol\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2016-03-15]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1442344 2015-12-15] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4948456 2015-10-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-09-10] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2013-08-22] (HP) [File not signed]
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-08-12] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [157344 2015-12-03] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [486048 2015-12-03] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-08-19] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-09] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-10-17] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3817168 2014-08-19] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20912 2012-10-26] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [73688 2015-06-03] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [158160 2015-05-21] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [209720 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360400 2015-05-21] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [204704 2015-07-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [265688 2015-06-01] (AVG Technologies CZ, s.r.o.)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2016-02-26] (DT Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-20] ()
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [110824 2014-06-11] (GenesysLogic)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [212992 2015-03-26] (Huawei Technologies Co., Ltd.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-11] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [220104 2014-08-07] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3479528 2014-08-21] (Intel Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-20] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-20 19:46 - 2016-03-20 19:46 - 00025033 _____ C:\Users\Pavol\Desktop\FRST.txt
2016-03-20 19:44 - 2016-03-20 19:44 - 00112640 _____ (forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe
2016-03-20 19:43 - 2016-03-20 19:43 - 02374144 _____ (Farbar) C:\Users\Pavol\Desktop\FRST64.exe
2016-03-20 19:40 - 2016-03-20 19:40 - 01222144 _____ C:\Users\Pavol\Desktop\RSITx64.exe
2016-03-20 19:10 - 2016-03-20 19:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-20 19:09 - 2016-03-20 19:09 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2016-03-20 19:09 - 2016-03-20 19:09 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-20 19:09 - 2016-03-20 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-20 19:08 - 2016-03-20 19:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-20 19:08 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-20 19:08 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-20 19:08 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-20 18:06 - 2016-03-20 18:54 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-20 18:05 - 2016-03-20 18:05 - 01527296 _____ C:\Users\Pavol\Desktop\adwcleaner_5.102.exe
2016-03-20 18:02 - 2016-03-20 18:02 - 22851472 _____ (Malwarebytes ) C:\Users\Pavol\Desktop\mbam-setup-2.2.1.1043.exe
2016-03-20 16:39 - 2016-03-20 17:54 - 00000530 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f.job
2016-03-20 16:39 - 2016-03-20 17:54 - 00000530 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab.job
2016-03-20 16:39 - 2016-03-20 16:39 - 00003586 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f
2016-03-20 16:39 - 2016-03-20 16:39 - 00003504 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab
2016-03-20 16:39 - 2016-03-20 16:39 - 00001824 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\SUPERAntiSpyware.com
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-20 16:36 - 2016-03-20 16:37 - 24461672 _____ (SUPERAntiSpyware) C:\Users\Pavol\Downloads\SUPERAntiSpyware.exe
2016-03-20 15:13 - 2016-03-20 15:13 - 00000000 _____ C:\autoexec.bat
2016-03-20 15:11 - 2016-03-20 15:11 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-03-20 15:10 - 2016-03-20 15:10 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Pavol\Downloads\SpyHunter-Installer.exe
2016-03-20 12:15 - 2016-03-20 12:36 - 1561986587 _____ C:\Users\Pavol\Downloads\Hodný dinosaurus (2015).1080p.mkv
2016-03-20 12:12 - 2016-03-20 12:25 - 1640143080 _____ C:\Users\Pavol\Downloads\Andilek na nervy (2015).avi
2016-03-18 21:29 - 2016-03-18 21:44 - 00000000 ____D C:\Users\Pavol\Desktop\pneu
2016-03-18 21:29 - 2016-03-18 21:29 - 00000000 ____D C:\Users\Pavol\Desktop\FOTO HB1,3 vady a nedorobky
2016-03-14 22:29 - 2016-03-16 08:36 - 00000000 ____D C:\Users\Pavol\Desktop\ARS 1018
2016-03-14 15:43 - 2016-03-14 15:43 - 00000000 ____D C:\Users\Pavol\Desktop\HMG NEW
2016-03-14 14:10 - 2016-03-14 14:10 - 00529585 _____ C:\Users\Pavol\Desktop\SITUACIA ROZKOPAVKA.pdf
2016-03-11 14:11 - 2016-03-14 18:59 - 00000000 ____D C:\Windows\system32\MpEngineStore
2016-03-09 19:51 - 2016-02-20 16:45 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 19:51 - 2016-02-06 17:58 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 19:51 - 2016-02-06 17:32 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 19:51 - 2016-02-05 20:06 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 19:51 - 2016-01-24 19:19 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-03-09 19:51 - 2016-01-24 19:19 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-09 19:51 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-03-09 19:51 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-03-09 19:51 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-03-09 19:51 - 2016-01-15 17:56 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-09 19:51 - 2016-01-15 17:45 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-09 19:51 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-03-09 19:51 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-03-09 19:51 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-03-09 19:51 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-03-09 19:51 - 2016-01-09 02:38 - 00091992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-03-09 19:51 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-03-09 19:51 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-03-09 19:51 - 2016-01-06 19:25 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-03-09 19:51 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-03-09 19:51 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-03-09 19:51 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 19:51 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-03-09 19:51 - 2015-12-20 15:57 - 00839168 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-03-09 19:51 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2016-03-09 19:51 - 2015-12-20 15:43 - 00696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-03-09 19:51 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 19:51 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 16:13 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 16:13 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 16:13 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 16:13 - 2016-02-08 21:29 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-03-09 16:13 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 16:13 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 16:13 - 2016-02-08 21:07 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-03-09 16:13 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 16:13 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 16:13 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 16:13 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 16:13 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 16:13 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 16:13 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 16:13 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 16:13 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 16:13 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 16:13 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 16:13 - 2016-02-08 19:14 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-03-09 16:13 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 16:13 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 16:13 - 2016-02-08 18:42 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-03-09 16:13 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 16:13 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 16:13 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 16:13 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 16:13 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 16:13 - 2016-02-08 18:15 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-03-09 16:13 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 16:13 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 16:12 - 2016-02-05 15:59 - 07784960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-09 16:12 - 2016-02-05 15:55 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 16:12 - 2016-02-05 15:48 - 07075840 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-03-09 16:12 - 2016-02-05 15:47 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-03-09 16:12 - 2016-02-03 21:37 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-09 16:12 - 2016-02-03 21:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-09 16:12 - 2016-02-03 16:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-09 16:12 - 2016-02-03 16:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 16:12 - 2016-02-03 16:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 16:11 - 2016-02-12 20:14 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 16:11 - 2016-02-12 16:14 - 03708416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 16:11 - 2016-02-12 15:55 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 16:11 - 2016-02-12 15:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 16:11 - 2016-02-12 15:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 16:11 - 2016-02-12 15:51 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 16:11 - 2016-02-12 15:48 - 02244096 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 16:11 - 2016-02-12 15:47 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 16:11 - 2016-02-12 15:46 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 16:11 - 2016-02-11 15:21 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:21 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:20 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:20 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-03-09 16:11 - 2016-02-06 19:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 16:11 - 2016-02-05 20:07 - 00292696 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-03-09 16:11 - 2016-02-05 20:07 - 00243032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-03-09 16:11 - 2016-02-05 16:03 - 15432704 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 16:11 - 2016-02-05 16:00 - 13318144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 16:11 - 2016-02-04 19:18 - 04174336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 16:11 - 2016-02-04 19:18 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 16:11 - 2016-02-04 19:12 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 16:11 - 2016-02-04 18:44 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 16:11 - 2016-02-04 18:39 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 16:11 - 2016-02-04 18:24 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 16:11 - 2016-02-04 18:02 - 00483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 16:11 - 2016-01-31 20:16 - 00148832 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-08 21:52 - 2016-03-10 17:55 - 00000000 ____D C:\Users\Pavol\Documents\00 HTC WF S
2016-03-08 14:01 - 2016-03-08 14:04 - 02030254 _____ C:\Users\Pavol\Desktop\ISOFLOOR_300.pdf
2016-02-29 10:19 - 2016-02-29 11:07 - 00000000 ____D C:\Users\Pavol\Desktop\FOTO krizovania podlaha
2016-02-29 09:47 - 2016-02-29 11:26 - 00000000 ____D C:\Users\Pavol\Desktop\FOTO HB2-dilatacia
2016-02-28 21:55 - 2016-02-28 21:56 - 00000000 ____D C:\Users\Pavol\Desktop\KIA VAHA VZDUCHU
2016-02-27 07:48 - 2016-02-27 08:12 - 00000000 ____D C:\Users\Pavol\Downloads\XBMC
2016-02-26 20:51 - 2016-02-26 20:51 - 00001079 _____ C:\Users\Public\Desktop\Win32DiskImager.lnk
2016-02-26 20:51 - 2016-02-26 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2016-02-26 20:51 - 2016-02-26 20:51 - 00000000 ____D C:\Program Files (x86)\ImageWriter
2016-02-26 20:48 - 2016-02-26 20:49 - 12290974 _____ (ImageWriter Developers ) C:\Users\Pavol\Downloads\Win32DiskImager-0.9.5-install.exe
2016-02-26 20:47 - 2016-02-26 21:19 - 00000000 ____D C:\Users\Pavol\Downloads\OpenELEC
2016-02-26 20:15 - 2016-02-26 20:15 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2016-02-26 20:15 - 2016-02-26 20:15 - 00001966 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-02-26 20:15 - 2016-02-26 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-02-26 20:15 - 2016-02-26 20:15 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2016-02-25 12:04 - 2016-02-25 12:04 - 00001113 _____ C:\Users\Pavol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ViewPlayCap.lnk
2016-02-25 12:04 - 2016-02-25 12:04 - 00001083 _____ C:\Users\Pavol\Desktop\ViewPlayCap.lnk
2016-02-25 11:25 - 2016-02-25 12:04 - 00000000 ____D C:\Users\Pavol\Desktop\ENDO CAMERA APK
2016-02-24 13:42 - 2016-02-24 14:42 - 00000000 ____D C:\Users\Pavol\Desktop\Pena
2016-02-22 10:21 - 2016-02-22 10:21 - 00355979 _____ C:\Users\Pavol\Desktop\ALLIANZ krescanko.pdf
2016-02-21 22:03 - 2016-02-21 22:04 - 00002828 _____ C:\Users\Pavol\AppData\Local\config.dat
2016-02-21 22:03 - 2016-02-21 22:04 - 00000000 ____D C:\Users\Pavol\AppData\Local\AntikVirtualSTB
2016-02-21 22:03 - 2016-02-21 22:03 - 07929091 _____ (Antik ) C:\Users\Pavol\Downloads\AntikVSTB.exe
2016-02-21 22:03 - 2016-02-21 22:03 - 00001029 _____ C:\Users\Public\Desktop\AntikVirtualSTB.lnk
2016-02-21 22:03 - 2016-02-21 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntikVirtualSTB
2016-02-21 22:03 - 2016-02-21 22:03 - 00000000 ____D C:\Program Files (x86)\AntikVirtualSTB
2016-02-21 14:33 - 2016-02-21 14:33 - 03021515 _____ C:\Users\Pavol\Downloads\anm2.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-20 19:46 - 2015-03-16 17:36 - 00000000 ____D C:\FRST
2016-03-20 19:39 - 2015-02-21 10:46 - 00000000 ____D C:\ProgramData\MFAData
2016-03-20 19:35 - 2015-02-16 20:22 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-626006024-4099096605-4270097203-1001
2016-03-20 19:23 - 2015-06-19 05:12 - 00000938 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA.job
2016-03-20 19:08 - 2015-02-16 20:18 - 00000000 ____D C:\Users\Pavol\AppData\Local\clear.fi
2016-03-20 19:08 - 2014-08-29 19:53 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-03-20 19:06 - 2015-02-16 20:21 - 00000000 ___DO C:\Users\Pavol\OneDrive
2016-03-20 19:04 - 2015-03-18 09:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-20 18:59 - 2014-03-18 11:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-20 18:59 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-03-20 18:55 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-20 18:54 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-20 18:24 - 2015-02-17 15:11 - 00003830 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FB204E27-27EB-46EC-9B9D-4902DCB17F93}
2016-03-20 18:13 - 2015-02-17 15:13 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-03-20 18:13 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-20 17:54 - 2015-06-19 05:12 - 00000886 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core.job
2016-03-20 15:33 - 2015-02-21 11:38 - 00000000 ____D C:\Users\Pavol\Documents\Súbory programu Outlook
2016-03-20 15:17 - 2015-07-20 15:54 - 00002132 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2016-03-20 15:17 - 2015-06-19 05:12 - 00003176 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA
2016-03-20 15:17 - 2015-06-19 05:12 - 00002796 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core
2016-03-20 15:17 - 2015-05-04 09:46 - 00001972 _____ C:\Windows\System32\Tasks\HPLJCustParticipation
2016-03-20 15:17 - 2015-03-21 10:35 - 00002786 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1426437199
2016-03-20 15:17 - 2015-02-23 08:14 - 00002530 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-03-20 15:17 - 2015-02-23 08:14 - 00002152 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2016-03-20 15:17 - 2015-02-17 15:17 - 00002466 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-626006024-4099096605-4270097203-1001
2016-03-20 15:17 - 2014-11-25 22:23 - 00002784 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-626006024-4099096605-4270097203-500
2016-03-20 15:17 - 2014-11-25 21:52 - 00001940 _____ C:\Windows\System32\Tasks\Quick Access Quick Launcher
2016-03-20 15:17 - 2014-11-25 21:52 - 00001828 _____ C:\Windows\System32\Tasks\Launch Manager
2016-03-20 15:17 - 2014-11-25 21:52 - 00001820 _____ C:\Windows\System32\Tasks\Quick Access
2016-03-20 15:17 - 2014-11-25 21:47 - 00001854 _____ C:\Windows\System32\Tasks\Power Management
2016-03-20 15:17 - 2014-11-25 21:26 - 00001854 _____ C:\Windows\System32\Tasks\UMonitor Task
2016-03-20 15:17 - 2014-08-29 19:53 - 00004050 _____ C:\Windows\System32\Tasks\Software Update Application
2016-03-20 15:17 - 2014-08-29 19:53 - 00003568 _____ C:\Windows\System32\Tasks\ACCAgent
2016-03-20 15:17 - 2014-08-29 19:53 - 00002594 _____ C:\Windows\System32\Tasks\ACC
2016-03-20 15:12 - 2015-02-16 20:16 - 00000000 ____D C:\Users\Pavol
2016-03-20 14:58 - 2015-03-11 09:34 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\vlc
2016-03-20 13:08 - 2015-09-16 12:18 - 00598016 ___SH C:\Users\Pavol\Downloads\Thumbs.db
2016-03-20 12:08 - 2015-02-22 16:23 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\AIMP3
2016-03-20 12:06 - 2015-08-19 12:52 - 04306432 ___SH C:\Users\Pavol\Desktop\Thumbs.db
2016-03-18 20:25 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-03-18 09:55 - 2015-02-16 20:17 - 00000000 ____D C:\Users\Pavol\AppData\Local\Packages
2016-03-17 10:36 - 2016-01-17 21:02 - 00003850 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1453060889
2016-03-17 10:36 - 2016-01-17 21:01 - 00001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-17 10:36 - 2015-03-15 17:33 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-16 09:27 - 2016-02-04 15:55 - 00813208 _____ C:\Users\Pavol\Desktop\SITUACIA plochy.pdf
2016-03-16 08:52 - 2015-02-16 20:24 - 00000000 ____D C:\Users\Pavol\AppData\Local\CrashDumps
2016-03-14 08:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-03-14 08:39 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-03-11 16:04 - 2015-03-18 09:07 - 00003582 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-11 15:13 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-03-11 14:17 - 2015-02-16 23:29 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-11 14:11 - 2015-02-16 22:10 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-11 14:11 - 2015-02-16 22:10 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 18:01 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-09 17:06 - 2013-08-22 15:44 - 00567432 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-09 16:09 - 2015-12-09 13:59 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 16:09 - 2015-12-09 13:59 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 16:09 - 2015-12-09 13:59 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-08 08:00 - 2015-02-16 23:37 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:00 - 2015-02-16 23:37 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-04 19:35 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-03-04 07:41 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\ModemLogs
2016-02-29 08:48 - 2015-04-23 17:42 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-29 08:48 - 2015-04-23 17:42 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-26 20:16 - 2015-05-04 13:54 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\DAEMON Tools Lite
2016-02-25 18:09 - 2015-02-26 18:06 - 00000000 ____D C:\Users\Pavol\Graphisoft
2016-02-20 22:40 - 2015-03-02 12:54 - 00000000 ____D C:\Users\Pavol\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories =======

2016-02-21 22:03 - 2016-02-21 22:04 - 0002828 _____ () C:\Users\Pavol\AppData\Local\config.dat
2015-02-26 17:21 - 2015-02-26 17:28 - 0004608 _____ () C:\Users\Pavol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-13 15:07 - 2015-03-13 15:07 - 0007597 _____ () C:\Users\Pavol\AppData\Local\Resmon.ResmonCfg
2014-11-25 21:39 - 2014-11-25 21:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Pavol\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================

Reduce PDF Size (HKLM-x32\...\{32BD8FD9-8990-46A0-B86B-857F11014DF6}_is1) (Version: - reducepdfsize.com)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core.job => C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA.job => C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: AVG Internet Security Business Edition (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG update module (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG update module (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: AVG Internet Security Business Edition (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
FW: AVG Internet Security Business Edition (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Pavol\Desktop" je 535 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Poprosím o pomoc s COM SURROGATE

Napsal: 20 bře 2016 20:26
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Poprosím o pomoc s COM SURROGATE

Napsal: 20 bře 2016 20:34
od paulus33
adwcleaner neviem stiahnut z tohto odkazu. Vypisuje mi to:


K tomuto webu sa nedá pripojiť

Web general-changelog-team.fr zamietol pripojenie.

Re: Poprosím o pomoc s COM SURROGATE

Napsal: 20 bře 2016 20:42
od Rudy
Tak odjinud: http://www.bleepingcomputer.com/download/adwcleaner/ .

Re: Poprosím o pomoc s COM SURROGATE

Napsal: 20 bře 2016 20:56
od paulus33
# AdwCleaner v5.102 - Logfile created 20/03/2016 at 20:54:14
# Updated 13/03/2016 by Xplode
# Database : 2016-03-20.7 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Pavol - PALI-ACER
# Running from : C:\Users\Pavol\Desktop\adwcleaner_5.102.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\Booking.com

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3679CA35668772304D30A5FB873B0FA77BB70D54

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1130 bytes] - [20/03/2016 18:54:24]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C2].txt - [953 bytes] - [20/03/2016 20:54:14]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [936 bytes] - [20/03/2016 18:07:07]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S2].txt - [1135 bytes] - [20/03/2016 20:48:05]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C2].txt - [1230 bytes] ##########

Re: Poprosím o pomoc s COM SURROGATE

Napsal: 20 bře 2016 21:14
od Rudy
Dejte nový log FRST.

Re: Poprosím o pomoc s COM SURROGATE

Napsal: 20 bře 2016 21:34
od paulus33
com surrogate je stále v správcovi úloh...


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Pavol (administrator) on PALI-ACER (20-03-2016 21:26:07)
Running from C:\Users\Pavol\Desktop
Loaded Profiles: Pavol (Available Profiles: Pavol)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
(forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13675736 2014-08-14] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4431848 2015-12-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [TMCC] => C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe [843776 2012-05-03] (Slovak Telekom a.s.)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-11-25] (Spotify Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [Dropbox Update] => "C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-21] (SUPERAntiSpyware)
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {59931f99-c0a0-11e5-8301-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d2615ce-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d26172b-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {8843f144-3778-11e5-82d0-2c600c1acd8d} - "G:\LG_PC_Programs.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {aba2b923-f22d-11e4-829a-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {b402b1f3-34ff-11e5-82d0-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavol\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-09-10] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{00933D18-C1E4-41B7-9C98-C0663A318C6A}: [NameServer] 195.146.132.58 195.146.128.62
Tcpip\..\Interfaces\{0D52E7DB-E46F-4020-9DA5-388AF04E76C1}: [NameServer] 195.146.128.62 195.146.132.58
Tcpip\..\Interfaces\{33A4E3D6-2CF8-4DB2-B9F0-DE4B4FDBFA9B}: [NameServer] 195.146.128.62 195.146.132.58
Tcpip\..\Interfaces\{B0D27767-2405-45D4-82F1-424187A397B4}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{CDD77214-C583-403D-BD0D-F9DACE3EAA2F}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.katasterportal.sk/
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> DefaultScope {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-20] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-02-26] (Sun Microsystems, Inc.)
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\dk88he9i.default
FF Homepage: hxxp://www.zoznam.sk/
FF Session Restore: -> is enabled.
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-01] (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin HKU\S-1-5-21-626006024-4099096605-4270097203-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll [2015-02-26] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-05-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-05-25] (Apple Inc.)
FF Extension: Quick Translator - C:\Users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\dk88he9i.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2015-05-29]

Opera:
=======
OPR Extension: (Google™ Translator) - C:\Users\Pavol\AppData\Roaming\Opera Software\Opera Stable\Extensions\jgnebchahhepphmokjeohhoebakpfggp [2016-03-15]
OPR Extension: (Google Translate) - C:\Users\Pavol\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2016-03-15]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1442344 2015-12-15] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4948456 2015-10-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-09-10] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2013-08-22] (HP) [File not signed]
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-08-12] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [157344 2015-12-03] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [486048 2015-12-03] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-08-19] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-09] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-10-17] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3817168 2014-08-19] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20912 2012-10-26] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [73688 2015-06-03] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [158160 2015-05-21] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [209720 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360400 2015-05-21] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [204704 2015-07-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [265688 2015-06-01] (AVG Technologies CZ, s.r.o.)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2016-02-26] (DT Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-20] ()
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [110824 2014-06-11] (GenesysLogic)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [212992 2015-03-26] (Huawei Technologies Co., Ltd.)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-11] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [220104 2014-08-07] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3479528 2014-08-21] (Intel Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-20] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-20 20:58 - 2016-03-20 20:58 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2016-03-20 19:51 - 2016-03-20 19:51 - 00008989 _____ C:\Users\Pavol\Desktop\Addition.zip
2016-03-20 19:46 - 2016-03-20 21:26 - 00024802 _____ C:\Users\Pavol\Desktop\FRST.txt
2016-03-20 19:44 - 2016-03-20 19:44 - 00112640 _____ (forum.viry.cz) C:\Users\Pavol\Desktop\FRSTLauncher.exe
2016-03-20 19:43 - 2016-03-20 19:43 - 02374144 _____ (Farbar) C:\Users\Pavol\Desktop\FRST64.exe
2016-03-20 19:40 - 2016-03-20 19:40 - 01222144 _____ C:\Users\Pavol\Desktop\RSITx64.exe
2016-03-20 19:10 - 2016-03-20 19:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-20 19:09 - 2016-03-20 19:09 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-20 19:09 - 2016-03-20 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-20 19:08 - 2016-03-20 19:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-20 19:08 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-20 19:08 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-20 19:08 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-20 18:06 - 2016-03-20 20:54 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-20 18:05 - 2016-03-20 18:05 - 01527296 _____ C:\Users\Pavol\Desktop\adwcleaner_5.102.exe
2016-03-20 18:02 - 2016-03-20 18:02 - 22851472 _____ (Malwarebytes ) C:\Users\Pavol\Desktop\mbam-setup-2.2.1.1043.exe
2016-03-20 16:39 - 2016-03-20 17:54 - 00000530 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f.job
2016-03-20 16:39 - 2016-03-20 17:54 - 00000530 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab.job
2016-03-20 16:39 - 2016-03-20 16:39 - 00003586 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f
2016-03-20 16:39 - 2016-03-20 16:39 - 00003504 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab
2016-03-20 16:39 - 2016-03-20 16:39 - 00001824 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\SUPERAntiSpyware.com
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-20 16:36 - 2016-03-20 16:37 - 24461672 _____ (SUPERAntiSpyware) C:\Users\Pavol\Downloads\SUPERAntiSpyware.exe
2016-03-20 15:13 - 2016-03-20 15:13 - 00000000 _____ C:\autoexec.bat
2016-03-20 15:11 - 2016-03-20 15:11 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-03-20 15:10 - 2016-03-20 15:10 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Pavol\Downloads\SpyHunter-Installer.exe
2016-03-20 12:15 - 2016-03-20 12:36 - 1561986587 _____ C:\Users\Pavol\Downloads\Hodný dinosaurus (2015).1080p.mkv
2016-03-20 12:12 - 2016-03-20 12:25 - 1640143080 _____ C:\Users\Pavol\Downloads\Andilek na nervy (2015).avi
2016-03-18 21:29 - 2016-03-18 21:44 - 00000000 ____D C:\Users\Pavol\Desktop\pneu
2016-03-14 15:43 - 2016-03-14 15:43 - 00000000 ____D C:\Users\Pavol\Desktop\HMG NEW
2016-03-11 14:11 - 2016-03-14 18:59 - 00000000 ____D C:\Windows\system32\MpEngineStore
2016-03-09 19:51 - 2016-02-20 16:45 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 19:51 - 2016-02-20 16:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 19:51 - 2016-02-06 17:58 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 19:51 - 2016-02-06 17:32 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 19:51 - 2016-02-05 20:06 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 19:51 - 2016-01-24 19:19 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-03-09 19:51 - 2016-01-24 19:19 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-09 19:51 - 2016-01-24 19:19 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-03-09 19:51 - 2016-01-24 12:57 - 01335296 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-03-09 19:51 - 2016-01-24 12:45 - 01063424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-03-09 19:51 - 2016-01-15 17:56 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-09 19:51 - 2016-01-15 17:45 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-09 19:51 - 2016-01-10 17:41 - 01707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-03-09 19:51 - 2016-01-10 17:31 - 01344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-03-09 19:51 - 2016-01-09 02:49 - 00218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-03-09 19:51 - 2016-01-09 02:49 - 00192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-03-09 19:51 - 2016-01-09 02:38 - 00091992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-03-09 19:51 - 2016-01-07 00:46 - 00148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-03-09 19:51 - 2016-01-07 00:45 - 00177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-03-09 19:51 - 2016-01-06 19:25 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-03-09 19:51 - 2016-01-06 17:47 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-03-09 19:51 - 2016-01-05 16:00 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-03-09 19:51 - 2015-12-30 22:53 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 19:51 - 2015-12-30 21:49 - 00470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-03-09 19:51 - 2015-12-20 15:57 - 00839168 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-03-09 19:51 - 2015-12-20 15:56 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2016-03-09 19:51 - 2015-12-20 15:43 - 00696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-03-09 19:51 - 2015-11-19 15:33 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 19:51 - 2015-11-19 15:26 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 16:13 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 16:13 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 16:13 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 16:13 - 2016-02-08 21:29 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-03-09 16:13 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 16:13 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 16:13 - 2016-02-08 21:07 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-03-09 16:13 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 16:13 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 16:13 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 16:13 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 16:13 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 16:13 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 16:13 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 16:13 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 16:13 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 16:13 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 16:13 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 16:13 - 2016-02-08 19:14 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-03-09 16:13 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 16:13 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 16:13 - 2016-02-08 18:42 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-03-09 16:13 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 16:13 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 16:13 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 16:13 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 16:13 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 16:13 - 2016-02-08 18:15 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-03-09 16:13 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 16:13 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 16:12 - 2016-02-05 15:59 - 07784960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-03-09 16:12 - 2016-02-05 15:55 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 16:12 - 2016-02-05 15:48 - 07075840 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-03-09 16:12 - 2016-02-05 15:47 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-03-09 16:12 - 2016-02-03 21:37 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-03-09 16:12 - 2016-02-03 21:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-03-09 16:12 - 2016-02-03 16:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-03-09 16:12 - 2016-02-03 16:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 16:12 - 2016-02-03 16:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 16:11 - 2016-02-12 20:14 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 16:11 - 2016-02-12 16:14 - 03708416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 16:11 - 2016-02-12 15:55 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 16:11 - 2016-02-12 15:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 16:11 - 2016-02-12 15:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 16:11 - 2016-02-12 15:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 16:11 - 2016-02-12 15:51 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 16:11 - 2016-02-12 15:48 - 02244096 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 16:11 - 2016-02-12 15:47 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 16:11 - 2016-02-12 15:46 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 16:11 - 2016-02-11 15:21 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:21 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:20 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-03-09 16:11 - 2016-02-11 15:20 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-03-09 16:11 - 2016-02-06 19:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 16:11 - 2016-02-05 20:07 - 00292696 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2016-03-09 16:11 - 2016-02-05 20:07 - 00243032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL
2016-03-09 16:11 - 2016-02-05 16:03 - 15432704 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 16:11 - 2016-02-05 16:00 - 13318144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 16:11 - 2016-02-04 19:18 - 04174336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 16:11 - 2016-02-04 19:18 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 16:11 - 2016-02-04 19:12 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 16:11 - 2016-02-04 18:44 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 16:11 - 2016-02-04 18:39 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 16:11 - 2016-02-04 18:24 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 16:11 - 2016-02-04 18:02 - 00483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 16:11 - 2016-01-31 20:16 - 00148832 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-08 21:52 - 2016-03-10 17:55 - 00000000 ____D C:\Users\Pavol\Documents\00 HTC WF S
2016-03-08 14:01 - 2016-03-08 14:04 - 02030254 _____ C:\Users\Pavol\Desktop\ISOFLOOR_300.pdf
2016-02-29 10:19 - 2016-02-29 11:07 - 00000000 ____D C:\Users\Pavol\Desktop\FOTO krizovania podlaha
2016-02-29 09:47 - 2016-02-29 11:26 - 00000000 ____D C:\Users\Pavol\Desktop\FOTO HB2-dilatacia
2016-02-27 07:48 - 2016-02-27 08:12 - 00000000 ____D C:\Users\Pavol\Downloads\XBMC
2016-02-26 20:51 - 2016-02-26 20:51 - 00001079 _____ C:\Users\Public\Desktop\Win32DiskImager.lnk
2016-02-26 20:51 - 2016-02-26 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2016-02-26 20:51 - 2016-02-26 20:51 - 00000000 ____D C:\Program Files (x86)\ImageWriter
2016-02-26 20:48 - 2016-02-26 20:49 - 12290974 _____ (ImageWriter Developers ) C:\Users\Pavol\Downloads\Win32DiskImager-0.9.5-install.exe
2016-02-26 20:47 - 2016-02-26 21:19 - 00000000 ____D C:\Users\Pavol\Downloads\OpenELEC
2016-02-26 20:15 - 2016-02-26 20:15 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2016-02-26 20:15 - 2016-02-26 20:15 - 00001966 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-02-26 20:15 - 2016-02-26 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-02-26 20:15 - 2016-02-26 20:15 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2016-02-25 12:04 - 2016-02-25 12:04 - 00001113 _____ C:\Users\Pavol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ViewPlayCap.lnk
2016-02-25 12:04 - 2016-02-25 12:04 - 00001083 _____ C:\Users\Pavol\Desktop\ViewPlayCap.lnk
2016-02-25 11:25 - 2016-02-25 12:04 - 00000000 ____D C:\Users\Pavol\Desktop\ENDO CAMERA APK
2016-02-24 13:42 - 2016-02-24 14:42 - 00000000 ____D C:\Users\Pavol\Desktop\Pena
2016-02-22 10:21 - 2016-02-22 10:21 - 00355979 _____ C:\Users\Pavol\Desktop\ALLIANZ krescanko.pdf
2016-02-21 22:03 - 2016-02-21 22:04 - 00002828 _____ C:\Users\Pavol\AppData\Local\config.dat
2016-02-21 22:03 - 2016-02-21 22:04 - 00000000 ____D C:\Users\Pavol\AppData\Local\AntikVirtualSTB
2016-02-21 22:03 - 2016-02-21 22:03 - 07929091 _____ (Antik ) C:\Users\Pavol\Downloads\AntikVSTB.exe
2016-02-21 22:03 - 2016-02-21 22:03 - 00001029 _____ C:\Users\Public\Desktop\AntikVirtualSTB.lnk
2016-02-21 22:03 - 2016-02-21 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntikVirtualSTB
2016-02-21 22:03 - 2016-02-21 22:03 - 00000000 ____D C:\Program Files (x86)\AntikVirtualSTB
2016-02-21 14:33 - 2016-02-21 14:33 - 03021515 _____ C:\Users\Pavol\Downloads\anm2.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-20 21:23 - 2015-06-19 05:12 - 00000938 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA.job
2016-03-20 21:06 - 2015-02-16 20:22 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-626006024-4099096605-4270097203-1001
2016-03-20 21:04 - 2015-03-18 09:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-20 21:01 - 2015-02-21 10:46 - 00000000 ____D C:\ProgramData\MFAData
2016-03-20 20:59 - 2014-03-18 11:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-20 20:59 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-03-20 20:58 - 2014-08-29 19:53 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-03-20 20:57 - 2015-02-16 20:18 - 00000000 ____D C:\Users\Pavol\AppData\Local\clear.fi
2016-03-20 20:56 - 2015-02-16 20:21 - 00000000 ___DO C:\Users\Pavol\OneDrive
2016-03-20 20:55 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-20 19:54 - 2015-02-21 11:38 - 00000000 ____D C:\Users\Pavol\Documents\Súbory programu Outlook
2016-03-20 19:46 - 2015-03-16 17:36 - 00000000 ____D C:\FRST
2016-03-20 18:54 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-20 18:24 - 2015-02-17 15:11 - 00003830 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FB204E27-27EB-46EC-9B9D-4902DCB17F93}
2016-03-20 18:13 - 2015-02-17 15:13 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-03-20 18:13 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-20 17:54 - 2015-06-19 05:12 - 00000886 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core.job
2016-03-20 15:17 - 2015-07-20 15:54 - 00002132 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2016-03-20 15:17 - 2015-06-19 05:12 - 00003176 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA
2016-03-20 15:17 - 2015-06-19 05:12 - 00002796 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core
2016-03-20 15:17 - 2015-05-04 09:46 - 00001972 _____ C:\Windows\System32\Tasks\HPLJCustParticipation
2016-03-20 15:17 - 2015-03-21 10:35 - 00002786 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1426437199
2016-03-20 15:17 - 2015-02-23 08:14 - 00002530 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-03-20 15:17 - 2015-02-23 08:14 - 00002152 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2016-03-20 15:17 - 2015-02-17 15:17 - 00002466 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-626006024-4099096605-4270097203-1001
2016-03-20 15:17 - 2014-11-25 22:23 - 00002784 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-626006024-4099096605-4270097203-500
2016-03-20 15:17 - 2014-11-25 21:52 - 00001940 _____ C:\Windows\System32\Tasks\Quick Access Quick Launcher
2016-03-20 15:17 - 2014-11-25 21:52 - 00001828 _____ C:\Windows\System32\Tasks\Launch Manager
2016-03-20 15:17 - 2014-11-25 21:52 - 00001820 _____ C:\Windows\System32\Tasks\Quick Access
2016-03-20 15:17 - 2014-11-25 21:47 - 00001854 _____ C:\Windows\System32\Tasks\Power Management
2016-03-20 15:17 - 2014-11-25 21:26 - 00001854 _____ C:\Windows\System32\Tasks\UMonitor Task
2016-03-20 15:17 - 2014-08-29 19:53 - 00004050 _____ C:\Windows\System32\Tasks\Software Update Application
2016-03-20 15:17 - 2014-08-29 19:53 - 00003568 _____ C:\Windows\System32\Tasks\ACCAgent
2016-03-20 15:17 - 2014-08-29 19:53 - 00002594 _____ C:\Windows\System32\Tasks\ACC
2016-03-20 15:12 - 2015-02-16 20:16 - 00000000 ____D C:\Users\Pavol
2016-03-20 14:58 - 2015-03-11 09:34 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\vlc
2016-03-20 13:08 - 2015-09-16 12:18 - 00598016 ___SH C:\Users\Pavol\Downloads\Thumbs.db
2016-03-20 12:08 - 2015-02-22 16:23 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\AIMP3
2016-03-20 12:06 - 2015-08-19 12:52 - 04306432 ___SH C:\Users\Pavol\Desktop\Thumbs.db
2016-03-18 20:25 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-03-18 09:55 - 2015-02-16 20:17 - 00000000 ____D C:\Users\Pavol\AppData\Local\Packages
2016-03-17 10:36 - 2016-01-17 21:02 - 00003850 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1453060889
2016-03-17 10:36 - 2016-01-17 21:01 - 00001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-17 10:36 - 2015-03-15 17:33 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-16 09:27 - 2016-02-04 15:55 - 00813208 _____ C:\Users\Pavol\Desktop\SITUACIA plochy.pdf
2016-03-16 08:52 - 2015-02-16 20:24 - 00000000 ____D C:\Users\Pavol\AppData\Local\CrashDumps
2016-03-14 08:45 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-03-14 08:39 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-03-11 16:04 - 2015-03-18 09:07 - 00003582 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-11 15:13 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-03-11 14:17 - 2015-02-16 23:29 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-11 14:11 - 2015-02-16 22:10 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-11 14:11 - 2015-02-16 22:10 - 00000000 ____D C:\Windows\system32\MRT
2016-03-10 18:01 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-09 17:06 - 2013-08-22 15:44 - 00567432 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-09 16:09 - 2015-12-09 13:59 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 16:09 - 2015-12-09 13:59 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 16:09 - 2015-12-09 13:59 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-08 08:00 - 2015-02-16 23:37 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:00 - 2015-02-16 23:37 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-04 19:35 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-03-04 07:41 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\ModemLogs
2016-02-29 08:48 - 2015-04-23 17:42 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-29 08:48 - 2015-04-23 17:42 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-26 20:16 - 2015-05-04 13:54 - 00000000 ____D C:\Users\Pavol\AppData\Roaming\DAEMON Tools Lite
2016-02-25 18:09 - 2015-02-26 18:06 - 00000000 ____D C:\Users\Pavol\Graphisoft
2016-02-20 22:40 - 2015-03-02 12:54 - 00000000 ____D C:\Users\Pavol\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories =======

2016-02-21 22:03 - 2016-02-21 22:04 - 0002828 _____ () C:\Users\Pavol\AppData\Local\config.dat
2015-02-26 17:21 - 2015-02-26 17:28 - 0004608 _____ () C:\Users\Pavol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-13 15:07 - 2015-03-13 15:07 - 0007597 _____ () C:\Users\Pavol\AppData\Local\Resmon.ResmonCfg
2014-11-25 21:39 - 2014-11-25 21:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Pavol\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================

Reduce PDF Size (HKLM-x32\...\{32BD8FD9-8990-46A0-B86B-857F11014DF6}_is1) (Version: - reducepdfsize.com)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001Core.job => C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-626006024-4099096605-4270097203-1001UA.job => C:\Users\Pavol\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 8a2fbe0c-51c5-4001-82a0-3e9fc741c7ab.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b2c613dc-e507-4c31-b248-89e41ed3e83f.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: AVG Internet Security Business Edition (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG update module (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG update module (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: AVG Internet Security Business Edition (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
FW: AVG Internet Security Business Edition (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Pavol\Desktop" je 489 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Poprosím o pomoc s COM SURROGATE

Napsal: 20 bře 2016 22:25
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {59931f99-c0a0-11e5-8301-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d2615ce-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d26172b-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {8843f144-3778-11e5-82d0-2c600c1acd8d} - "G:\LG_PC_Programs.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {aba2b923-f22d-11e4-829a-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {b402b1f3-34ff-11e5-82d0-2c600c1acd8d} - "F:\RunSetup.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> DefaultScope {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
C:\Users\Pavol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Pavol\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Poprosím o pomoc s COM SURROGATE

Napsal: 20 bře 2016 23:00
od paulus33
Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Pavol (2016-03-20 22:56:35) Run:2
Running from C:\Users\Pavol\Desktop
Loaded Profiles: Pavol (Available Profiles: Pavol)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {59931f99-c0a0-11e5-8301-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d2615ce-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {5d26172b-d381-11e4-8287-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {8843f144-3778-11e5-82d0-2c600c1acd8d} - "G:\LG_PC_Programs.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {aba2b923-f22d-11e4-829a-2c600c1acd8d} - "F:\RunSetup.exe"
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\...\MountPoints2: {b402b1f3-34ff-11e5-82d0-2c600c1acd8d} - "F:\RunSetup.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> DefaultScope {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
SearchScopes: HKU\S-1-5-21-626006024-4099096605-4270097203-1001 -> {CEAB4B51-FD6C-476E-B105-BA9215352FE6} URL =
C:\Users\Pavol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Pavol\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59931f99-c0a0-11e5-8301-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{59931f99-c0a0-11e5-8301-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d2615ce-d381-11e4-8287-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{5d2615ce-d381-11e4-8287-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5d26172b-d381-11e4-8287-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{5d26172b-d381-11e4-8287-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8843f144-3778-11e5-82d0-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{8843f144-3778-11e5-82d0-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aba2b923-f22d-11e4-829a-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{aba2b923-f22d-11e4-829a-2c600c1acd8d} => key not found.
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b402b1f3-34ff-11e5-82d0-2c600c1acd8d}" => key removed successfully
HKCR\CLSID\{b402b1f3-34ff-11e5-82d0-2c600c1acd8d} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-626006024-4099096605-4270097203-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CEAB4B51-FD6C-476E-B105-BA9215352FE6}" => key removed successfully
HKCR\CLSID\{CEAB4B51-FD6C-476E-B105-BA9215352FE6} => key not found.
C:\Users\Pavol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

"C:\Users\Pavol\AppData\Local\Temp" folder move:

Could not move "C:\Users\Pavol\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-20 22:57:53)

C:\Users\Pavol\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:57:54 ====

Re: Poprosím o pomoc s COM SURROGATE

Napsal: 21 bře 2016 17:31
od Rudy
Smazáno. Nastala nějaká změna?

Re: Poprosím o pomoc s COM SURROGATE

Napsal: 21 bře 2016 18:01
od paulus33
nie, rovnaké problémy ako predtým a com surrogate je medzi spustenými procesmi v správcovi úloh...

Re: Poprosím o pomoc s COM SURROGATE

Napsal: 21 bře 2016 18:12
od Rudy
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Re: Poprosím o pomoc s COM SURROGATE

Napsal: 21 bře 2016 18:38
od paulus33
Mal som zapnuty AVG, nevadi?

A problemy sa prejavu nemoznostou zapisovat na USB. Dalej nemoznostou kopirovat, premenovat, zmazat (stale je vraj subor otvoreny... a vcera som si vsimol, ze v hlaseni o otvoreni suboru bolo citovane COM SURROGATE).

Malwarebytes Anti-Malware
www.malwarebytes.org

Dátum kontroly: 21.3.2016
Čas kontroly: 18:20
Protokol:
Správca: Áno

Verzia: 2.2.1.1043
Dazabáza malware: v2016.03.21.04
Databáza rootkitov: v2016.03.12.01
Licencia: Bezplatná verzia
Ochrana pred škodlivým softvérom: Vypnuté
Ochrana pred škodlivými webstránkami: Vypnuté
Vlastná ochrana: Vypnuté

OS: Windows 8.1
CPU: x64
Súborový systém: NTFS
Používateľ: Pavol

Typ kontroly: Kontrola hrozieb
Výsledok: Dokončená
Skontrolovaných objektov: 364505
Uplynulý čas: 11 min, 52 s

Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Vypnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté

Procesy: 0
(Žiadne škodlivé položky neboli zistené)

Moduly: 0
(Žiadne škodlivé položky neboli zistené)

Kľúče databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)

Priečinky: 0
(Žiadne škodlivé položky neboli zistené)

Súbory: 0
(Žiadne škodlivé položky neboli zistené)

Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)


(end)

Re: Poprosím o pomoc s COM SURROGATE

Napsal: 21 bře 2016 19:36
od Rudy
Nevadí, to je jen skener (nemá rezident). Nic nenašel. Zkuste to ještě SpyHunterem: https://odstranitvirus.cz/spyhunter/sta ... surrogate/ .

Re: Poprosím o pomoc s COM SURROGATE

Napsal: 21 bře 2016 21:12
od paulus33
neviem vygenerovat log, prikladam obrazok
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz