Prosím o pomoc, mamina proklikne co se jí pod myší objeví a ted na to doplatila, už si nevím rady tak prosím o kontrolu logu a pomoc při odstranění blbostí. Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jitka at 2016-05-15 16:24:44
Microsoft Windows 10 Pro
System drive C: has 390 GB (86%) free of 453 GB
Total RAM: 3326 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:24:53, on 15.5.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Users\Jitka\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files\Canon\Quick Menu\CNQMSWCS.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Jitka\Desktop\RSIT.exe
C:\Program Files\trend micro\Jitka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE01DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\Notebook Software\NotebookPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jitka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Jitka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Jitka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Jitka\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @oem44.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\viakaraokesrv.exe
--
End of file - 7959 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 176736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object - C:\Program Files\SMART Technologies\Notebook Software\NotebookPlugin.dll [2008-07-31 558376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 4439128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2012-02-09 3824640]
"CanonQuickMenu"=C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [2013-05-02 1282120]
"IJNetworkScannerSelectorEX"=C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2013-02-19 453736]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]
"OneDrive"=C:\Users\Jitka\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-04-21 554176]
"cz.seznam.software.autoupdate"=C:\Users\Jitka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Jitka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Jitka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Jitka\AppData\Roaming\Dropbox\bin\Dropbox.exe
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"VIDC.FMVC"=fmcodec.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-05-15 16:24:44 ----D---- C:\rsit
2016-05-15 16:24:44 ----D---- C:\Program Files\trend micro
2016-05-15 15:50:47 ----D---- C:\AdwCleaner
2016-05-11 20:42:10 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 20:41:56 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 20:41:56 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 20:41:56 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 20:41:55 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-05-11 20:41:55 ----A---- C:\WINDOWS\system32\moshost.dll
2016-05-11 20:41:55 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 20:41:54 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-05-11 20:41:53 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 20:41:50 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-05-11 20:41:50 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-05-11 20:41:47 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 20:41:46 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-05-11 20:41:43 ----A---- C:\WINDOWS\system32\mos.dll
2016-05-11 20:41:40 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-05-11 20:41:32 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-05-11 20:41:28 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-05-11 20:41:22 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 20:41:18 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 20:41:13 ----A---- C:\WINDOWS\system32\twinui.dll
2016-05-11 20:40:52 ----A---- C:\WINDOWS\system32\shell32.dll
2016-05-11 20:40:47 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-05-11 20:40:43 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-05-11 20:40:38 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-05-11 20:40:36 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-05-11 20:40:30 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 20:40:25 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-05-11 20:40:15 ----A---- C:\WINDOWS\system32\d2d1.dll
2016-05-11 20:40:14 ----A---- C:\WINDOWS\explorer.exe
2016-05-11 20:40:07 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-05-11 20:40:05 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 20:40:04 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 20:40:01 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 20:39:58 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-05-11 20:39:58 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 20:39:57 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-05-11 20:39:51 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 20:39:49 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 20:39:47 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-05-11 20:39:46 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-05-11 20:39:45 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 20:39:44 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-05-11 20:39:39 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 20:39:32 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-05-11 20:39:31 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 20:39:29 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 20:39:27 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-05-11 20:39:26 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 20:39:24 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 20:39:24 ----A---- C:\WINDOWS\system32\dxgi.dll
2016-05-11 20:39:24 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-05-11 20:39:24 ----A---- C:\WINDOWS\system32\devinv.dll
2016-05-11 20:39:23 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-05-11 20:39:23 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-05-11 20:39:21 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-05-11 20:39:19 ----A---- C:\WINDOWS\system32\LogonController.dll
2016-05-11 20:39:18 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 20:39:18 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 20:39:17 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 20:39:17 ----A---- C:\WINDOWS\system32\invagent.dll
2016-05-11 20:39:13 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-05-11 20:39:13 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 20:39:13 ----A---- C:\WINDOWS\system32\jscript.dll
2016-05-11 20:39:13 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-05-11 20:39:11 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 20:39:10 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-05-11 20:39:09 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 20:39:08 ----A---- C:\WINDOWS\system32\user32.dll
2016-05-11 20:39:06 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 20:39:05 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 20:39:04 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-05-11 20:39:01 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-05-11 20:39:01 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-05-11 20:39:00 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-05-11 20:39:00 ----A---- C:\WINDOWS\system32\schannel.dll
2016-05-11 20:38:59 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-05-11 20:38:59 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-05-11 20:38:59 ----A---- C:\WINDOWS\system32\aepic.dll
2016-05-11 20:38:58 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 20:38:58 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-05-11 20:38:58 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 20:38:57 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 20:38:57 ----A---- C:\WINDOWS\system32\RDXService.dll
2016-05-11 20:38:57 ----A---- C:\WINDOWS\system32\provengine.dll
2016-05-11 20:38:57 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-05-11 20:38:56 ----A---- C:\WINDOWS\system32\SHCore.dll
2016-05-11 20:38:55 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 20:38:55 ----A---- C:\WINDOWS\system32\provhandlers.dll
2016-05-11 20:38:55 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-05-11 20:38:54 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 20:38:54 ----A---- C:\WINDOWS\system32\drivers\sdport.sys
2016-05-11 20:38:54 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 20:38:54 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 20:38:54 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 20:38:53 ----A---- C:\WINDOWS\system32\shacct.dll
2016-05-11 20:38:53 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 20:38:53 ----A---- C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 20:38:52 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-05-11 20:38:52 ----A---- C:\WINDOWS\system32\wininit.exe
2016-05-11 20:38:52 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 20:38:52 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-05-11 20:38:52 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-05-11 20:38:51 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-05-11 20:38:51 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 20:38:51 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 20:38:51 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-05-11 20:38:50 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 20:38:50 ----A---- C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 20:38:50 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 20:38:49 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 20:38:48 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 20:38:48 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 20:38:47 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 20:38:47 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 20:38:47 ----A---- C:\WINDOWS\system32\rsaenh.dll
2016-05-11 20:38:47 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2016-05-11 20:38:47 ----A---- C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 20:38:46 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-05-11 20:38:46 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 20:38:46 ----A---- C:\WINDOWS\system32\dwminit.dll
2016-05-11 20:38:46 ----A---- C:\WINDOWS\system32\drivers\ufxsynopsys.sys
2016-05-11 20:38:46 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2016-05-11 20:38:46 ----A---- C:\WINDOWS\system32\cryptngc.dll
2016-05-11 20:38:45 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 20:38:45 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 20:38:45 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2016-05-11 20:38:45 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2016-05-11 20:38:43 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 20:38:43 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-05-11 20:38:43 ----A---- C:\WINDOWS\system32\hmkd.dll
2016-05-11 20:38:43 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2016-05-11 20:38:43 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-05-11 20:38:43 ----A---- C:\WINDOWS\system32\drivers\filecrypt.sys
2016-05-11 20:38:42 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 20:38:40 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 20:38:39 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 20:38:38 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-05-11 20:38:36 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 20:38:32 ----A---- C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 20:38:29 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 20:38:25 ----A---- C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 20:38:23 ----A---- C:\WINDOWS\system32\wups.dll
2016-05-11 20:38:06 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 20:38:05 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 20:38:02 ----A---- C:\WINDOWS\system32\wshbth.dll
2016-05-11 20:37:55 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 20:37:55 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 20:37:54 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 20:37:54 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 20:37:54 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-05-11 19:47:10 ----D---- C:\Program Files\Common Files\AV
2016-05-11 19:44:59 ----A---- C:\WINDOWS\system32\sdnclean.exe
2016-05-11 19:44:58 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-05-11 19:44:51 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2016-05-11 19:25:56 ----D---- C:\WINDOWS\system32\appmgmt
2016-05-11 18:49:28 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-05-11 18:49:07 ----D---- C:\ProgramData\Malwarebytes
2016-05-11 18:49:07 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2016-05-11 18:49:07 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-05-11 18:49:07 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-05-11 18:49:07 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-04-16 15:48:53 ----D---- C:\Users\Jitka\AppData\Roaming\Opera Software
2016-04-16 15:48:38 ----AD---- C:\Program Files\Opera
2016-04-16 15:48:24 ----D---- C:\Program Files\Seznam.cz
2016-04-16 15:48:07 ----D---- C:\Users\Jitka\AppData\Roaming\Seznam.cz
2016-04-16 15:47:53 ----A---- C:\WINDOWS\system32\fmcodec.DLL
2016-04-16 15:47:43 ----D---- C:\Program Files\DsNET Corp
======List of files/folders modified in the last 1 month======
2016-05-15 16:24:44 ----RD---- C:\Program Files
2016-05-15 16:23:25 ----D---- C:\WINDOWS\Temp
2016-05-15 16:15:49 ----D---- C:\WINDOWS\Prefetch
2016-05-15 16:14:06 ----D---- C:\WINDOWS\system32\Tasks
2016-05-15 16:13:01 ----D---- C:\WINDOWS\System32
2016-05-15 16:13:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-15 16:09:05 ----D---- C:\Users\Jitka\AppData\Roaming\Dropbox
2016-05-15 16:09:03 ----D---- C:\Users\Jitka\AppData\Roaming\DropboxMaster
2016-05-15 16:07:19 ----D---- C:\WINDOWS\system32\sru
2016-05-15 16:04:00 ----D---- C:\WINDOWS\INF
2016-05-15 09:56:35 ----D---- C:\WINDOWS\rescache
2016-05-15 09:55:35 ----D---- C:\WINDOWS\Microsoft.NET
2016-05-15 01:54:09 ----D---- C:\WINDOWS\system32\config
2016-05-14 18:58:22 ----D---- C:\WINDOWS\WinSxS
2016-05-14 18:56:49 ----D---- C:\WINDOWS\CbsTemp
2016-05-13 11:07:41 ----D---- C:\WINDOWS\AppReadiness
2016-05-13 07:57:04 ----D---- C:\WINDOWS\system32\DriverStore
2016-05-13 07:56:20 ----D---- C:\WINDOWS\system32\catroot2
2016-05-13 03:32:57 ----D---- C:\WINDOWS\system32\drivers
2016-05-13 03:31:07 ----D---- C:\WINDOWS\system32\oobe
2016-05-13 03:31:07 ----D---- C:\WINDOWS\system32\migration
2016-05-13 03:31:07 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-05-13 03:31:07 ----D---- C:\WINDOWS\system32\cs-CZ
2016-05-13 03:31:07 ----D---- C:\WINDOWS\system32\appraiser
2016-05-13 03:31:03 ----D---- C:\WINDOWS\Provisioning
2016-05-13 03:31:03 ----D---- C:\WINDOWS\bcastdvr
2016-05-13 03:31:03 ----D---- C:\WINDOWS\apppatch
2016-05-13 03:31:03 ----D---- C:\Windows
2016-05-13 03:31:03 ----D---- C:\Program Files\Windows Journal
2016-05-13 03:31:03 ----D---- C:\Program Files\Internet Explorer
2016-05-12 06:30:12 ----SHD---- C:\WINDOWS\Installer
2016-05-12 06:30:11 ----HD---- C:\Config.Msi
2016-05-12 06:30:11 ----D---- C:\ProgramData\Microsoft Help
2016-05-12 06:28:02 ----D---- C:\WINDOWS\system32\MRT
2016-05-12 06:20:10 ----A---- C:\WINDOWS\system32\MRT.exe
2016-05-12 06:12:17 ----HD---- C:\Program Files\WindowsApps
2016-05-11 21:57:14 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-11 19:47:10 ----D---- C:\Program Files\Common Files
2016-05-11 19:45:07 ----SD---- C:\ProgramData\Microsoft
2016-05-11 19:44:58 ----HD---- C:\ProgramData
2016-05-11 19:30:28 ----D---- C:\WINDOWS\system32\WDI
2016-05-11 19:25:52 ----D---- C:\Program Files\Adobe
2016-05-11 19:25:48 ----AD---- C:\Program Files\Common Files\Adobe
2016-05-11 19:25:08 ----SHD---- C:\System Volume Information
2016-05-11 19:06:57 ----RD---- C:\WINDOWS\PurchaseDialog
2016-05-10 23:38:12 ----D---- C:\WINDOWS\Tasks
2016-05-02 06:37:36 ----D---- C:\ProgramData\CanonIJPLM
2016-04-22 09:57:44 ----N---- C:\WINDOWS\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;@oem57.inf,%ATIPCIE_svcdesc%;AMD PCI Express (3GIO) Filter; C:\WINDOWS\System32\drivers\AtiPcie.sys [2010-06-16 14392]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2011-03-18 25240]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2010-08-23 11456]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 76288]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 7680]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-04-09 48256]
R2 ASInsHelp;ASInsHelp; \??\C:\Windows\system32\drivers\AsInsHelp32.sys [2008-01-04 10216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 36864]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 62464]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-01-13 10070016]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-01-13 290304]
R3 AtiHDAudioService;@oem43.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW73.sys [2012-05-14 86656]
R3 dtsoftbus01;@oem9.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2012-10-26 242240]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2016-03-10 24448]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-05-15 170200]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2016-03-10 53120]
R3 MTsensor;@oem7.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2009-07-16 13216]
R3 rt640x86;@rt640x86.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x86.sys [2015-10-30 494080]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2010-11-28 35968]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 83288]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 51040]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 51552]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 27992]
S2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-04-09 48256]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 8192]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 26624]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-12-17 96768]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2015-10-30 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 38240]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 66048]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2015-10-30 61936]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 23040]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-04-23 46080]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 33792]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 32768]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2016-03-29 203104]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 74080]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-04-23 104800]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-10-30 42840]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 21856]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 21856]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\WINDOWS\System32\drivers\usbser.sys [2016-04-23 48640]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-01-13 217088]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 291840]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2015-10-30 37256]
R2 OneSyncSvc_264c6;Hostitel synchronizace_264c6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2015-10-30 37256]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_62e2357;Hostitel synchronizace_62e2357; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 26112]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_264c6;Služba zasílání zpráv_264c6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_62e2357;Služba zasílání zpráv_62e2357; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_264c6;Data kontaktů_264c6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_62e2357;Data kontaktů_62e2357; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 900096]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 256512]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_264c6;Úložiště uživatelských dat_264c6; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_62e2357;Úložiště uživatelských dat_62e2357; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 UserDataSvc_264c6;Přístup k uživatelským datům_264c6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 UserDataSvc_62e2357;Přístup k uživatelským datům_62e2357; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
facebook účet zablokován, rozesílá kraviny
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
zaloudekmatej
- Návštěvník
- Příspěvky: 35
- Registrován: 19 dub 2016 08:19
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: facebook účet zablokován, rozesílá kraviny
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
zaloudekmatej
- Návštěvník
- Příspěvky: 35
- Registrován: 19 dub 2016 08:19
Re: facebook účet zablokován, rozesílá kraviny
omlouvám se za delší neaktivitu, neměl jsem přístup ke zmiňovanému pc, po celou dobu bylo pc vypnuté a další poznatky jsou že nabídka start nejde otevřít ms edge se po spuštění ihned sám zavře a většina programů bezdůvodně padá
# AdwCleaner v5.117 - Log soubor vytvořen 22/05/2016 o 11:48:49
# Aktualizováno 15/05/2016 by Xplode
# Databáze : 2016-05-15.2 [Server]
# Operační systém : Windows 10 Pro (X86)
# Jméno uživatele : Jitka - STOLNÍ-PC
# Spuštěno z : C:\Users\Jitka\Desktop\adwcleaner_5.117.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
***** [ Webové prohlížeče ] *****
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1844 bytes] - [15/05/2016 15:52:01]
C:\AdwCleaner\AdwCleaner[C2].txt - [844 bytes] - [22/05/2016 11:48:49]
C:\AdwCleaner\AdwCleaner[S1].txt - [1632 bytes] - [15/05/2016 15:50:55]
C:\AdwCleaner\AdwCleaner[S2].txt - [960 bytes] - [22/05/2016 11:42:20]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1061 bytes] ##########
# AdwCleaner v5.117 - Log soubor vytvořen 22/05/2016 o 11:48:49
# Aktualizováno 15/05/2016 by Xplode
# Databáze : 2016-05-15.2 [Server]
# Operační systém : Windows 10 Pro (X86)
# Jméno uživatele : Jitka - STOLNÍ-PC
# Spuštěno z : C:\Users\Jitka\Desktop\adwcleaner_5.117.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
***** [ Webové prohlížeče ] *****
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1844 bytes] - [15/05/2016 15:52:01]
C:\AdwCleaner\AdwCleaner[C2].txt - [844 bytes] - [22/05/2016 11:48:49]
C:\AdwCleaner\AdwCleaner[S1].txt - [1632 bytes] - [15/05/2016 15:50:55]
C:\AdwCleaner\AdwCleaner[S2].txt - [960 bytes] - [22/05/2016 11:42:20]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1061 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: facebook účet zablokován, rozesílá kraviny
Toto je OK. Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
zaloudekmatej
- Návštěvník
- Příspěvky: 35
- Registrován: 19 dub 2016 08:19
Re: facebook účet zablokován, rozesílá kraviny
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-05-2016
Ran by Jitka (administrator) on STOLNÍ-PC (22-05-2016 12:44:17)
Running from C:\Users\Jitka\Desktop
Loaded Profiles: Jitka (Available Profiles: Jitka)
Platform: Microsoft Windows 10 Pro Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMSWCS.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3824640 2012-02-09] (VIA)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-2940639707-4219176008-972982903-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKU\S-1-5-21-2940639707-4219176008-972982903-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2940639707-4219176008-972982903-1000\...\RunOnce: [SeznamInstall-uninstall:a7aa602239e96f88a0450dde9374dd5e] => C:\Users\Jitka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2016-05-22] () <===== ATTENTION
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jitka\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jitka\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jitka\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
Startup: C:\Users\Jitka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-11-03]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jitka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jitka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2013-06-17]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicyScripts: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{1cb193d6-9c6f-49e0-8845-8c8c4b10963f}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d950998a-64e1-4da6-ad53-1b413d018e7b}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-2940639707-4219176008-972982903-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-2940639707-4219176008-972982903-1000 -> {FFE867FF-F4C8-46FA-9167-8ACF77032AE3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: CIEDownload Object -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files\SMART Technologies\Notebook Software\NotebookPlugin.dll [2008-07-31] (SMART Technologies ULC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/domovska-stranka
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-16]
CHR Extension: (Dokumenty Google) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-16]
CHR Extension: (Disk Google) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-16]
CHR Extension: (YouTube) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-16]
CHR Extension: (AdBlock) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-15]
CHR Extension: (Avast Online Security) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-09-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
R2 ASInsHelp; C:\Windows\system32\drivers\AsInsHelp32.sys [10216 2008-01-04] ()
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [11456 2010-08-23] ()
R3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [242240 2012-10-26] (DT Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-05-22] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [575184 2015-06-22] (VIA Technologies, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
U4 aspnet_state; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-22 12:44 - 2016-05-22 12:44 - 00014569 _____ C:\Users\Jitka\Desktop\FRST.txt
2016-05-22 12:44 - 2016-05-22 12:44 - 00000000 ____D C:\FRST
2016-05-22 12:43 - 2016-05-22 12:43 - 01733632 _____ (Farbar) C:\Users\Jitka\Desktop\FRST.exe
2016-05-22 11:42 - 2016-05-22 11:42 - 03651136 _____ C:\Users\Jitka\Desktop\adwcleaner_5.117.exe
2016-05-22 11:00 - 2016-05-22 11:00 - 00000000 ____D C:\Program Files\AdwCleaner
2016-05-15 16:24 - 2016-05-22 12:41 - 00000000 ____D C:\Program Files\trend micro
2016-05-15 16:24 - 2016-05-15 16:24 - 01107968 _____ C:\Users\Jitka\Desktop\RSIT.exe
2016-05-15 16:24 - 2016-05-15 16:24 - 00000000 ____D C:\rsit
2016-05-15 16:17 - 2016-05-15 16:23 - 01222144 _____ C:\Users\Jitka\Desktop\RSITx64.exe
2016-05-15 16:13 - 2016-05-15 16:14 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-05-15 16:13 - 2016-05-15 16:13 - 00001156 _____ C:\Users\Public\Desktop\Opera.lnk
2016-05-15 16:11 - 2016-05-15 16:13 - 28043832 _____ (Opera Software ASA) C:\Users\Jitka\Downloads\Opera_21.0.1432.67_Seznam_Setup.exe
2016-05-15 15:50 - 2016-05-22 11:48 - 00000000 ____D C:\AdwCleaner
2016-05-15 14:28 - 2016-05-15 14:28 - 00712109 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_19.pdf
2016-05-15 14:28 - 2016-05-15 14:28 - 00712109 _____ C:\Users\Jitka\Desktop\Kartoteka_2016_aktualizace_19.pdf
2016-05-14 18:49 - 2016-05-14 18:49 - 00036864 _____ C:\Users\Jitka\Downloads\up_2015_6.xls
2016-05-14 18:46 - 2016-05-14 18:46 - 00550572 _____ C:\Users\Jitka\Downloads\SP_RVPZV_2007.zip
2016-05-14 18:45 - 2016-05-14 18:45 - 00954687 _____ C:\Users\Jitka\Downloads\RVP_zakladni_vzdelavani_postizeni.pdf
2016-05-14 09:13 - 2016-05-14 09:13 - 00488559 _____ C:\Users\Jitka\Downloads\L3.pdf
2016-05-14 09:11 - 2016-05-14 09:11 - 00073054 _____ C:\Users\Jitka\Downloads\MAI00008.PDF
2016-05-14 09:09 - 2016-05-14 09:09 - 00356765 _____ C:\Users\Jitka\Downloads\Scan0853.pdf
2016-05-12 07:22 - 2016-05-12 07:22 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\ESET_T970321343022443T_.exe
2016-05-11 21:07 - 2016-05-11 21:07 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Trendmicro_T970063566381554T_.exe
2016-05-11 20:42 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 20:41 - 2016-04-23 06:35 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 20:41 - 2016-04-23 06:27 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 20:41 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 20:41 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 20:41 - 2016-04-23 06:24 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 20:41 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 20:41 - 2016-04-23 06:22 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 20:41 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 20:41 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 20:41 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 20:41 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 20:41 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 20:41 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 20:41 - 2016-04-23 06:15 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 20:41 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 20:41 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 20:41 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 20:41 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 20:41 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 20:40 - 2016-04-23 08:06 - 00149696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 20:40 - 2016-04-23 07:28 - 01541792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 20:40 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 20:40 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 20:40 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 20:40 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 20:40 - 2016-04-23 06:14 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 20:40 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 20:40 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 20:40 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 20:40 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 20:40 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 20:40 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 20:39 - 2016-05-06 06:23 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 20:39 - 2016-04-30 08:53 - 01152000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 20:39 - 2016-04-30 08:46 - 02974720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 20:39 - 2016-04-23 08:06 - 01232576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 20:39 - 2016-04-23 08:06 - 00973504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 20:39 - 2016-04-23 08:06 - 00576192 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 20:39 - 2016-04-23 08:06 - 00440512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 20:39 - 2016-04-23 08:06 - 00248512 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 20:39 - 2016-04-23 08:06 - 00042688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 20:39 - 2016-04-23 07:28 - 05796704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 20:39 - 2016-04-23 07:28 - 01561392 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 20:39 - 2016-04-23 07:28 - 00545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 20:39 - 2016-04-23 07:14 - 00310112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 20:39 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 20:39 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 20:39 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 20:39 - 2016-04-23 07:01 - 01714520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 20:39 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 20:39 - 2016-04-23 07:01 - 00484704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 20:39 - 2016-04-23 07:00 - 01273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 20:39 - 2016-04-23 06:55 - 00430432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 20:39 - 2016-04-23 06:21 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 20:39 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 20:39 - 2016-04-23 06:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 20:39 - 2016-04-23 06:16 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 20:39 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 20:39 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 20:39 - 2016-04-23 06:14 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 20:39 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 20:39 - 2016-04-23 06:13 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 20:39 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 20:39 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 20:39 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 20:39 - 2016-04-23 06:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 20:39 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 20:39 - 2016-04-23 06:07 - 01793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 20:39 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 20:39 - 2016-04-23 06:05 - 01895936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 20:39 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 20:39 - 2016-04-23 06:04 - 01733632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 20:39 - 2016-04-23 06:03 - 01899520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 20:39 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 20:38 - 2016-05-06 07:20 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 20:38 - 2016-05-06 06:13 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 20:38 - 2016-05-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 20:38 - 2016-05-06 06:05 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 20:38 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 20:38 - 2016-05-06 05:49 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 20:38 - 2016-04-23 08:06 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 20:38 - 2016-04-23 07:28 - 00550240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 20:38 - 2016-04-23 07:28 - 00278368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 20:38 - 2016-04-23 07:28 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 20:38 - 2016-04-23 07:26 - 00792328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 20:38 - 2016-04-23 07:21 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 20:38 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 20:38 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 20:38 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 20:38 - 2016-04-23 07:12 - 00104800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 20:38 - 2016-04-23 07:11 - 00259424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 20:38 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 20:38 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 20:38 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 20:38 - 2016-04-23 07:07 - 00192704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 20:38 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 20:38 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 20:38 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 20:38 - 2016-04-23 07:01 - 00336224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 20:38 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 20:38 - 2016-04-23 07:00 - 01396584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 20:38 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 20:38 - 2016-04-23 07:00 - 00049504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 20:38 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 20:38 - 2016-04-23 06:29 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 20:38 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 20:38 - 2016-04-23 06:29 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 20:38 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 20:38 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 20:38 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 20:38 - 2016-04-23 06:27 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 20:38 - 2016-04-23 06:25 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 20:38 - 2016-04-23 06:24 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 20:38 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 20:38 - 2016-04-23 06:24 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 20:38 - 2016-04-23 06:23 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 20:38 - 2016-04-23 06:23 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 20:38 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 20:38 - 2016-04-23 06:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 20:38 - 2016-04-23 06:21 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 20:38 - 2016-04-23 06:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 20:38 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 20:38 - 2016-04-23 06:20 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 20:38 - 2016-04-23 06:20 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 20:38 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 20:38 - 2016-04-23 06:20 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 20:38 - 2016-04-23 06:19 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 20:38 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 20:38 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 20:38 - 2016-04-23 06:17 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 20:38 - 2016-04-23 06:16 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 20:38 - 2016-04-23 06:16 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 20:38 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 20:38 - 2016-04-23 06:14 - 00739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 20:38 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 20:38 - 2016-04-23 06:13 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 20:38 - 2016-04-23 06:12 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 20:38 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 20:38 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 20:38 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 20:38 - 2016-04-23 06:03 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 20:38 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 20:38 - 2016-04-23 06:01 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 20:38 - 2016-04-23 04:10 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 20:37 - 2016-04-23 06:28 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 20:37 - 2016-04-23 06:27 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 20:37 - 2016-04-23 06:23 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 20:37 - 2016-04-23 06:21 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 20:37 - 2016-04-23 06:19 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 20:37 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 19:47 - 2016-05-11 19:47 - 00000000 ____D C:\Program Files\Common Files\AV
2016-05-11 19:47 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-05-11 19:45 - 2016-05-15 19:45 - 00002200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-05-11 19:45 - 2016-05-15 19:45 - 00002188 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-05-11 19:45 - 2016-05-15 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-05-11 19:44 - 2016-05-15 19:46 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2016-05-11 19:44 - 2016-05-15 19:45 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-05-11 19:44 - 2015-06-16 17:19 - 00018688 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean.exe
2016-05-11 19:42 - 2016-05-11 19:44 - 53962248 _____ C:\Users\Jitka\Downloads\spybot-2.4.exe
2016-05-11 19:25 - 2016-05-11 19:25 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-05-11 18:49 - 2016-05-22 12:18 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-11 18:49 - 2016-05-11 18:49 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-11 18:49 - 2016-05-11 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-11 18:49 - 2016-05-11 18:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-11 18:49 - 2016-05-11 18:49 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-05-11 18:49 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-11 18:49 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-11 18:49 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-11 18:48 - 2016-05-11 18:48 - 22851472 _____ (Malwarebytes ) C:\Users\Jitka\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-11 06:12 - 2016-05-11 06:13 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Trendmicro_T969813393073238T_.exe
2016-05-10 20:17 - 2016-05-10 20:17 - 00417624 _____ C:\Users\Jitka\Downloads\EDUin_konkurzy_tematicke_okruhy (2).pdf
2016-05-10 20:17 - 2016-05-10 20:17 - 00086784 _____ C:\Users\Jitka\Downloads\TZ_120329_EDUin_nabidka_starostum (1).pdf
2016-05-10 18:30 - 2016-05-10 18:30 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Fsecure_T969554829765761T_ (3).exe
2016-05-10 18:17 - 2016-05-10 18:22 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Fsecure_T969554829765761T_ (2).exe
2016-05-10 18:15 - 2016-05-10 18:15 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Fsecure_T969554829765761T_ (1).exe
2016-05-10 18:14 - 2016-05-10 18:14 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Fsecure_T969554829765761T_.exe
2016-05-10 06:11 - 2016-05-10 06:11 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Trendmicro_T969236249797619T_ (2).exe
2016-05-10 06:09 - 2016-05-10 06:09 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Trendmicro_T969236249797619T_ (1).exe
2016-05-10 06:01 - 2016-05-10 06:01 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Trendmicro_T969236249797619T_.exe
2016-05-09 19:44 - 2016-05-09 19:44 - 00004404 _____ C:\Users\Jitka\Downloads\video.jse
2016-05-08 08:14 - 2016-05-08 08:14 - 00012875 _____ C:\Users\Jitka\Downloads\VZOR pro školy zúčto - MŠMT 2016 - kraje- OPVK.xlsx
2016-05-05 20:09 - 2016-05-05 20:09 - 00170937 _____ C:\Users\Jitka\Downloads\Vyrocni zprava o cinnosti skoly 2014-2015 (2).pdf
2016-05-04 20:04 - 2016-05-04 20:04 - 00623518 _____ C:\Users\Jitka\Downloads\Zakon_561-2004Sb_01092015.pdf
2016-05-02 20:22 - 2016-05-02 20:22 - 02483225 _____ C:\Users\Jitka\Downloads\ŠVP KOS KOMUNIKACE - OSOBNOST - VZDĚLÁVÁNÍ (2).zip
2016-05-01 21:58 - 2016-05-01 21:58 - 00574975 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_17.pdf
2016-05-01 21:58 - 2016-05-01 21:58 - 00574975 _____ C:\Users\Jitka\Desktop\Kartoteka_2016_aktualizace_17.pdf
2016-05-01 21:57 - 2016-05-01 21:57 - 00567069 _____ C:\Users\Jitka\Downloads\mv_reditel_jako_zamestnavatel_vuci_sve_osobe.pdf
2016-05-01 15:55 - 2016-05-01 15:55 - 02483225 _____ C:\Users\Jitka\Downloads\ŠVP KOS KOMUNIKACE - OSOBNOST - VZDĚLÁVÁNÍ (1).zip
2016-05-01 15:54 - 2016-05-01 15:54 - 02483225 _____ C:\Users\Jitka\Downloads\ŠVP KOS KOMUNIKACE - OSOBNOST - VZDĚLÁVÁNÍ.zip
2016-04-30 07:15 - 2016-04-30 07:15 - 00548408 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_11 (1).pdf
2016-04-30 07:14 - 2016-04-30 07:14 - 00611204 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_12 (1).pdf
2016-04-30 07:13 - 2016-04-30 07:13 - 00871809 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_13 (1).pdf
2016-04-30 07:13 - 2016-04-30 07:13 - 00504160 _____ C:\Users\Jitka\Downloads\csi_individualni_vzdelavani_2016 (1).pdf
2016-04-30 07:12 - 2016-04-30 07:12 - 00622849 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_15.pdf
2016-04-30 07:12 - 2016-04-30 07:12 - 00570100 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_apríl_2016.pdf
2016-04-30 07:11 - 2016-04-30 07:11 - 00580887 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_16.pdf
2016-04-24 19:22 - 2016-04-24 19:22 - 00094148 _____ C:\Users\Jitka\Downloads\Životopis Eliška Petáková.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-22 12:43 - 2012-10-25 21:12 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-22 12:23 - 2015-10-31 20:45 - 01736848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-22 12:23 - 2015-10-30 17:08 - 00733226 _____ C:\WINDOWS\system32\perfh005.dat
2016-05-22 12:23 - 2015-10-30 17:08 - 00151654 _____ C:\WINDOWS\system32\perfc005.dat
2016-05-22 12:20 - 2016-04-16 15:48 - 00000000 ____D C:\Users\Jitka\AppData\Roaming\Seznam.cz
2016-05-22 12:20 - 2016-04-16 15:48 - 00000000 ____D C:\Program Files\Seznam.cz
2016-05-22 12:19 - 2014-04-20 09:34 - 00000000 ____D C:\Users\Jitka\AppData\Roaming\DropboxMaster
2016-05-22 12:19 - 2014-03-29 22:41 - 00000000 ____D C:\Users\Jitka\AppData\Roaming\Dropbox
2016-05-22 12:18 - 2015-12-17 05:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-22 12:18 - 2012-10-25 21:12 - 00000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-22 12:17 - 2012-10-28 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-05-22 12:14 - 2015-12-17 04:51 - 00366520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-22 12:13 - 2012-10-28 13:54 - 00000000 ____D C:\Program Files\HP
2016-05-22 12:13 - 2012-10-28 13:53 - 00000000 ____D C:\ProgramData\HP
2016-05-22 11:55 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-05-22 11:49 - 2015-10-30 07:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-22 11:11 - 2014-08-08 15:12 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-05-22 11:10 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-22 11:10 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-22 10:58 - 2015-10-31 20:54 - 00002426 _____ C:\Users\Jitka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-22 10:58 - 2015-10-31 20:54 - 00000000 ___RD C:\Users\Jitka\OneDrive
2016-05-15 16:14 - 2016-04-16 15:48 - 00000000 ____D C:\Program Files\Opera
2016-05-15 09:56 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-05-14 18:56 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-13 03:34 - 2015-09-10 06:39 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-13 03:31 - 2015-10-30 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-13 03:31 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-13 03:31 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-13 03:31 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-13 03:31 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-13 03:30 - 2015-10-30 07:48 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-13 02:45 - 2012-10-25 21:13 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-12 06:28 - 2013-08-16 03:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-12 06:20 - 2012-10-27 08:24 - 136686448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 21:57 - 2015-10-30 07:49 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 07:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-05-11 19:25 - 2015-11-08 08:05 - 00000000 ____D C:\Program Files\Adobe
2016-05-11 19:25 - 2012-12-03 16:40 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-05-11 19:24 - 2015-03-03 19:11 - 00000000 __SHD C:\Users\Jitka\AppData\Local\EmieUserList
2016-05-11 19:24 - 2015-03-03 19:11 - 00000000 __SHD C:\Users\Jitka\AppData\Local\EmieSiteList
2016-05-11 19:06 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-05-05 20:19 - 2015-12-06 22:15 - 00000000 ____D C:\Users\Jitka\Desktop\2015-2016
2016-05-03 01:52 - 2015-10-31 20:49 - 00000000 ____D C:\Users\Jitka\AppData\Local\Packages
2016-05-01 15:53 - 2013-08-27 18:34 - 00000000 ____D C:\Users\Jitka\Desktop\školní rok 2013-2014
2016-04-30 10:34 - 2015-12-17 04:56 - 00000000 ____D C:\Users\Jitka
2016-04-29 18:13 - 2013-05-25 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-25 16:43 - 2014-10-10 08:20 - 00000000 ____D C:\Users\Jitka\Desktop\fleška bílá
2016-04-22 09:57 - 2012-10-25 21:00 - 00374944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2012-10-28 13:53 - 2016-05-22 12:17 - 0008044 _____ () C:\ProgramData\hpzinstall.log
Files to move or delete:
====================
C:\Users\Jitka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
Some files in TEMP:
====================
C:\Users\Jitka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8pnn5r.dll
C:\Users\Jitka\AppData\Local\Temp\libeay32.dll
C:\Users\Jitka\AppData\Local\Temp\msvcr120.dll
C:\Users\Jitka\AppData\Local\Temp\sqlite3.dll
C:\Users\Jitka\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-22 11:32
==================== End of FRST.txt ============================
Ran by Jitka (administrator) on STOLNÍ-PC (22-05-2016 12:44:17)
Running from C:\Users\Jitka\Desktop
Loaded Profiles: Jitka (Available Profiles: Jitka)
Platform: Microsoft Windows 10 Pro Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMSWCS.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3824640 2012-02-09] (VIA)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-2940639707-4219176008-972982903-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKU\S-1-5-21-2940639707-4219176008-972982903-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2940639707-4219176008-972982903-1000\...\RunOnce: [SeznamInstall-uninstall:a7aa602239e96f88a0450dde9374dd5e] => C:\Users\Jitka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2016-05-22] () <===== ATTENTION
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jitka\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jitka\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jitka\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
Startup: C:\Users\Jitka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-11-03]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jitka\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jitka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2013-06-17]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicyScripts: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{1cb193d6-9c6f-49e0-8845-8c8c4b10963f}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d950998a-64e1-4da6-ad53-1b413d018e7b}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-2940639707-4219176008-972982903-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-2940639707-4219176008-972982903-1000 -> {FFE867FF-F4C8-46FA-9167-8ACF77032AE3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: CIEDownload Object -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files\SMART Technologies\Notebook Software\NotebookPlugin.dll [2008-07-31] (SMART Technologies ULC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/domovska-stranka
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\50.0.2661.102\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-16]
CHR Extension: (Dokumenty Google) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-16]
CHR Extension: (Disk Google) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-16]
CHR Extension: (YouTube) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-16]
CHR Extension: (AdBlock) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-15]
CHR Extension: (Avast Online Security) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-09-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
R2 ASInsHelp; C:\Windows\system32\drivers\AsInsHelp32.sys [10216 2008-01-04] ()
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [11456 2010-08-23] ()
R3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [242240 2012-10-26] (DT Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-05-22] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [575184 2015-06-22] (VIA Technologies, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
U4 aspnet_state; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-22 12:44 - 2016-05-22 12:44 - 00014569 _____ C:\Users\Jitka\Desktop\FRST.txt
2016-05-22 12:44 - 2016-05-22 12:44 - 00000000 ____D C:\FRST
2016-05-22 12:43 - 2016-05-22 12:43 - 01733632 _____ (Farbar) C:\Users\Jitka\Desktop\FRST.exe
2016-05-22 11:42 - 2016-05-22 11:42 - 03651136 _____ C:\Users\Jitka\Desktop\adwcleaner_5.117.exe
2016-05-22 11:00 - 2016-05-22 11:00 - 00000000 ____D C:\Program Files\AdwCleaner
2016-05-15 16:24 - 2016-05-22 12:41 - 00000000 ____D C:\Program Files\trend micro
2016-05-15 16:24 - 2016-05-15 16:24 - 01107968 _____ C:\Users\Jitka\Desktop\RSIT.exe
2016-05-15 16:24 - 2016-05-15 16:24 - 00000000 ____D C:\rsit
2016-05-15 16:17 - 2016-05-15 16:23 - 01222144 _____ C:\Users\Jitka\Desktop\RSITx64.exe
2016-05-15 16:13 - 2016-05-15 16:14 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-05-15 16:13 - 2016-05-15 16:13 - 00001156 _____ C:\Users\Public\Desktop\Opera.lnk
2016-05-15 16:11 - 2016-05-15 16:13 - 28043832 _____ (Opera Software ASA) C:\Users\Jitka\Downloads\Opera_21.0.1432.67_Seznam_Setup.exe
2016-05-15 15:50 - 2016-05-22 11:48 - 00000000 ____D C:\AdwCleaner
2016-05-15 14:28 - 2016-05-15 14:28 - 00712109 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_19.pdf
2016-05-15 14:28 - 2016-05-15 14:28 - 00712109 _____ C:\Users\Jitka\Desktop\Kartoteka_2016_aktualizace_19.pdf
2016-05-14 18:49 - 2016-05-14 18:49 - 00036864 _____ C:\Users\Jitka\Downloads\up_2015_6.xls
2016-05-14 18:46 - 2016-05-14 18:46 - 00550572 _____ C:\Users\Jitka\Downloads\SP_RVPZV_2007.zip
2016-05-14 18:45 - 2016-05-14 18:45 - 00954687 _____ C:\Users\Jitka\Downloads\RVP_zakladni_vzdelavani_postizeni.pdf
2016-05-14 09:13 - 2016-05-14 09:13 - 00488559 _____ C:\Users\Jitka\Downloads\L3.pdf
2016-05-14 09:11 - 2016-05-14 09:11 - 00073054 _____ C:\Users\Jitka\Downloads\MAI00008.PDF
2016-05-14 09:09 - 2016-05-14 09:09 - 00356765 _____ C:\Users\Jitka\Downloads\Scan0853.pdf
2016-05-12 07:22 - 2016-05-12 07:22 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\ESET_T970321343022443T_.exe
2016-05-11 21:07 - 2016-05-11 21:07 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Trendmicro_T970063566381554T_.exe
2016-05-11 20:42 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 20:41 - 2016-04-23 06:35 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 20:41 - 2016-04-23 06:27 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 20:41 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 20:41 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 20:41 - 2016-04-23 06:24 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 20:41 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 20:41 - 2016-04-23 06:22 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 20:41 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 20:41 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 20:41 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 20:41 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 20:41 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 20:41 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 20:41 - 2016-04-23 06:15 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 20:41 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 20:41 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 20:41 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 20:41 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 20:41 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 20:40 - 2016-04-23 08:06 - 00149696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 20:40 - 2016-04-23 07:28 - 01541792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 20:40 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 20:40 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 20:40 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 20:40 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 20:40 - 2016-04-23 06:14 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 20:40 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 20:40 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 20:40 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 20:40 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 20:40 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 20:40 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 20:39 - 2016-05-06 06:23 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 20:39 - 2016-04-30 08:53 - 01152000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 20:39 - 2016-04-30 08:46 - 02974720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 20:39 - 2016-04-23 08:06 - 01232576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 20:39 - 2016-04-23 08:06 - 00973504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 20:39 - 2016-04-23 08:06 - 00576192 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 20:39 - 2016-04-23 08:06 - 00440512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 20:39 - 2016-04-23 08:06 - 00248512 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 20:39 - 2016-04-23 08:06 - 00042688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 20:39 - 2016-04-23 07:28 - 05796704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 20:39 - 2016-04-23 07:28 - 01561392 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 20:39 - 2016-04-23 07:28 - 00545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 20:39 - 2016-04-23 07:14 - 00310112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 20:39 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 20:39 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 20:39 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 20:39 - 2016-04-23 07:01 - 01714520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 20:39 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 20:39 - 2016-04-23 07:01 - 00484704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 20:39 - 2016-04-23 07:00 - 01273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 20:39 - 2016-04-23 06:55 - 00430432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 20:39 - 2016-04-23 06:21 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 20:39 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 20:39 - 2016-04-23 06:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 20:39 - 2016-04-23 06:16 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 20:39 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 20:39 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 20:39 - 2016-04-23 06:14 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 20:39 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 20:39 - 2016-04-23 06:13 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 20:39 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 20:39 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 20:39 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 20:39 - 2016-04-23 06:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 20:39 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 20:39 - 2016-04-23 06:07 - 01793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 20:39 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 20:39 - 2016-04-23 06:05 - 01895936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 20:39 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 20:39 - 2016-04-23 06:04 - 01733632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 20:39 - 2016-04-23 06:03 - 01899520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 20:39 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 20:38 - 2016-05-06 07:20 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 20:38 - 2016-05-06 06:13 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 20:38 - 2016-05-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 20:38 - 2016-05-06 06:05 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 20:38 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 20:38 - 2016-05-06 05:49 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 20:38 - 2016-04-23 08:06 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 20:38 - 2016-04-23 07:28 - 00550240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 20:38 - 2016-04-23 07:28 - 00278368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 20:38 - 2016-04-23 07:28 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 20:38 - 2016-04-23 07:26 - 00792328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 20:38 - 2016-04-23 07:21 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 20:38 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 20:38 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 20:38 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 20:38 - 2016-04-23 07:12 - 00104800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 20:38 - 2016-04-23 07:11 - 00259424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 20:38 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 20:38 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 20:38 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 20:38 - 2016-04-23 07:07 - 00192704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 20:38 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 20:38 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 20:38 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 20:38 - 2016-04-23 07:01 - 00336224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 20:38 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 20:38 - 2016-04-23 07:00 - 01396584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 20:38 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 20:38 - 2016-04-23 07:00 - 00049504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 20:38 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 20:38 - 2016-04-23 06:29 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 20:38 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 20:38 - 2016-04-23 06:29 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 20:38 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 20:38 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 20:38 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 20:38 - 2016-04-23 06:27 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 20:38 - 2016-04-23 06:25 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 20:38 - 2016-04-23 06:24 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 20:38 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 20:38 - 2016-04-23 06:24 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 20:38 - 2016-04-23 06:23 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 20:38 - 2016-04-23 06:23 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 20:38 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 20:38 - 2016-04-23 06:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 20:38 - 2016-04-23 06:21 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 20:38 - 2016-04-23 06:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 20:38 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 20:38 - 2016-04-23 06:20 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 20:38 - 2016-04-23 06:20 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 20:38 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 20:38 - 2016-04-23 06:20 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 20:38 - 2016-04-23 06:19 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 20:38 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 20:38 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 20:38 - 2016-04-23 06:17 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 20:38 - 2016-04-23 06:16 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 20:38 - 2016-04-23 06:16 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 20:38 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 20:38 - 2016-04-23 06:14 - 00739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 20:38 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 20:38 - 2016-04-23 06:13 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 20:38 - 2016-04-23 06:12 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 20:38 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 20:38 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 20:38 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 20:38 - 2016-04-23 06:03 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 20:38 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 20:38 - 2016-04-23 06:01 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 20:38 - 2016-04-23 04:10 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 20:37 - 2016-04-23 06:28 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 20:37 - 2016-04-23 06:27 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 20:37 - 2016-04-23 06:23 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 20:37 - 2016-04-23 06:21 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 20:37 - 2016-04-23 06:19 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 20:37 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 19:47 - 2016-05-11 19:47 - 00000000 ____D C:\Program Files\Common Files\AV
2016-05-11 19:47 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-05-11 19:45 - 2016-05-15 19:45 - 00002200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-05-11 19:45 - 2016-05-15 19:45 - 00002188 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-05-11 19:45 - 2016-05-15 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-05-11 19:44 - 2016-05-15 19:46 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2016-05-11 19:44 - 2016-05-15 19:45 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-05-11 19:44 - 2015-06-16 17:19 - 00018688 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean.exe
2016-05-11 19:42 - 2016-05-11 19:44 - 53962248 _____ C:\Users\Jitka\Downloads\spybot-2.4.exe
2016-05-11 19:25 - 2016-05-11 19:25 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-05-11 18:49 - 2016-05-22 12:18 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-11 18:49 - 2016-05-11 18:49 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-11 18:49 - 2016-05-11 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-11 18:49 - 2016-05-11 18:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-11 18:49 - 2016-05-11 18:49 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-05-11 18:49 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-11 18:49 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-11 18:49 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-11 18:48 - 2016-05-11 18:48 - 22851472 _____ (Malwarebytes ) C:\Users\Jitka\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-11 06:12 - 2016-05-11 06:13 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Trendmicro_T969813393073238T_.exe
2016-05-10 20:17 - 2016-05-10 20:17 - 00417624 _____ C:\Users\Jitka\Downloads\EDUin_konkurzy_tematicke_okruhy (2).pdf
2016-05-10 20:17 - 2016-05-10 20:17 - 00086784 _____ C:\Users\Jitka\Downloads\TZ_120329_EDUin_nabidka_starostum (1).pdf
2016-05-10 18:30 - 2016-05-10 18:30 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Fsecure_T969554829765761T_ (3).exe
2016-05-10 18:17 - 2016-05-10 18:22 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Fsecure_T969554829765761T_ (2).exe
2016-05-10 18:15 - 2016-05-10 18:15 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Fsecure_T969554829765761T_ (1).exe
2016-05-10 18:14 - 2016-05-10 18:14 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Fsecure_T969554829765761T_.exe
2016-05-10 06:11 - 2016-05-10 06:11 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Trendmicro_T969236249797619T_ (2).exe
2016-05-10 06:09 - 2016-05-10 06:09 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Trendmicro_T969236249797619T_ (1).exe
2016-05-10 06:01 - 2016-05-10 06:01 - 04914720 _____ (Facebook Inc.) C:\Users\Jitka\Downloads\Trendmicro_T969236249797619T_.exe
2016-05-09 19:44 - 2016-05-09 19:44 - 00004404 _____ C:\Users\Jitka\Downloads\video.jse
2016-05-08 08:14 - 2016-05-08 08:14 - 00012875 _____ C:\Users\Jitka\Downloads\VZOR pro školy zúčto - MŠMT 2016 - kraje- OPVK.xlsx
2016-05-05 20:09 - 2016-05-05 20:09 - 00170937 _____ C:\Users\Jitka\Downloads\Vyrocni zprava o cinnosti skoly 2014-2015 (2).pdf
2016-05-04 20:04 - 2016-05-04 20:04 - 00623518 _____ C:\Users\Jitka\Downloads\Zakon_561-2004Sb_01092015.pdf
2016-05-02 20:22 - 2016-05-02 20:22 - 02483225 _____ C:\Users\Jitka\Downloads\ŠVP KOS KOMUNIKACE - OSOBNOST - VZDĚLÁVÁNÍ (2).zip
2016-05-01 21:58 - 2016-05-01 21:58 - 00574975 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_17.pdf
2016-05-01 21:58 - 2016-05-01 21:58 - 00574975 _____ C:\Users\Jitka\Desktop\Kartoteka_2016_aktualizace_17.pdf
2016-05-01 21:57 - 2016-05-01 21:57 - 00567069 _____ C:\Users\Jitka\Downloads\mv_reditel_jako_zamestnavatel_vuci_sve_osobe.pdf
2016-05-01 15:55 - 2016-05-01 15:55 - 02483225 _____ C:\Users\Jitka\Downloads\ŠVP KOS KOMUNIKACE - OSOBNOST - VZDĚLÁVÁNÍ (1).zip
2016-05-01 15:54 - 2016-05-01 15:54 - 02483225 _____ C:\Users\Jitka\Downloads\ŠVP KOS KOMUNIKACE - OSOBNOST - VZDĚLÁVÁNÍ.zip
2016-04-30 07:15 - 2016-04-30 07:15 - 00548408 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_11 (1).pdf
2016-04-30 07:14 - 2016-04-30 07:14 - 00611204 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_12 (1).pdf
2016-04-30 07:13 - 2016-04-30 07:13 - 00871809 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_13 (1).pdf
2016-04-30 07:13 - 2016-04-30 07:13 - 00504160 _____ C:\Users\Jitka\Downloads\csi_individualni_vzdelavani_2016 (1).pdf
2016-04-30 07:12 - 2016-04-30 07:12 - 00622849 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_15.pdf
2016-04-30 07:12 - 2016-04-30 07:12 - 00570100 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_apríl_2016.pdf
2016-04-30 07:11 - 2016-04-30 07:11 - 00580887 _____ C:\Users\Jitka\Downloads\Kartoteka_2016_aktualizace_16.pdf
2016-04-24 19:22 - 2016-04-24 19:22 - 00094148 _____ C:\Users\Jitka\Downloads\Životopis Eliška Petáková.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-22 12:43 - 2012-10-25 21:12 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-22 12:23 - 2015-10-31 20:45 - 01736848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-22 12:23 - 2015-10-30 17:08 - 00733226 _____ C:\WINDOWS\system32\perfh005.dat
2016-05-22 12:23 - 2015-10-30 17:08 - 00151654 _____ C:\WINDOWS\system32\perfc005.dat
2016-05-22 12:20 - 2016-04-16 15:48 - 00000000 ____D C:\Users\Jitka\AppData\Roaming\Seznam.cz
2016-05-22 12:20 - 2016-04-16 15:48 - 00000000 ____D C:\Program Files\Seznam.cz
2016-05-22 12:19 - 2014-04-20 09:34 - 00000000 ____D C:\Users\Jitka\AppData\Roaming\DropboxMaster
2016-05-22 12:19 - 2014-03-29 22:41 - 00000000 ____D C:\Users\Jitka\AppData\Roaming\Dropbox
2016-05-22 12:18 - 2015-12-17 05:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-22 12:18 - 2012-10-25 21:12 - 00000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-22 12:17 - 2012-10-28 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-05-22 12:14 - 2015-12-17 04:51 - 00366520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-22 12:13 - 2012-10-28 13:54 - 00000000 ____D C:\Program Files\HP
2016-05-22 12:13 - 2012-10-28 13:53 - 00000000 ____D C:\ProgramData\HP
2016-05-22 11:55 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-05-22 11:49 - 2015-10-30 07:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-22 11:11 - 2014-08-08 15:12 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-05-22 11:10 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-22 11:10 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-22 10:58 - 2015-10-31 20:54 - 00002426 _____ C:\Users\Jitka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-22 10:58 - 2015-10-31 20:54 - 00000000 ___RD C:\Users\Jitka\OneDrive
2016-05-15 16:14 - 2016-04-16 15:48 - 00000000 ____D C:\Program Files\Opera
2016-05-15 09:56 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-05-14 18:56 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-13 03:34 - 2015-09-10 06:39 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-13 03:31 - 2015-10-30 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-13 03:31 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-13 03:31 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-13 03:31 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-13 03:31 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-13 03:30 - 2015-10-30 07:48 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-13 02:45 - 2012-10-25 21:13 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-12 06:28 - 2013-08-16 03:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-12 06:20 - 2012-10-27 08:24 - 136686448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 21:57 - 2015-10-30 07:49 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 07:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-05-11 19:25 - 2015-11-08 08:05 - 00000000 ____D C:\Program Files\Adobe
2016-05-11 19:25 - 2012-12-03 16:40 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-05-11 19:24 - 2015-03-03 19:11 - 00000000 __SHD C:\Users\Jitka\AppData\Local\EmieUserList
2016-05-11 19:24 - 2015-03-03 19:11 - 00000000 __SHD C:\Users\Jitka\AppData\Local\EmieSiteList
2016-05-11 19:06 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-05-05 20:19 - 2015-12-06 22:15 - 00000000 ____D C:\Users\Jitka\Desktop\2015-2016
2016-05-03 01:52 - 2015-10-31 20:49 - 00000000 ____D C:\Users\Jitka\AppData\Local\Packages
2016-05-01 15:53 - 2013-08-27 18:34 - 00000000 ____D C:\Users\Jitka\Desktop\školní rok 2013-2014
2016-04-30 10:34 - 2015-12-17 04:56 - 00000000 ____D C:\Users\Jitka
2016-04-29 18:13 - 2013-05-25 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-25 16:43 - 2014-10-10 08:20 - 00000000 ____D C:\Users\Jitka\Desktop\fleška bílá
2016-04-22 09:57 - 2012-10-25 21:00 - 00374944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2012-10-28 13:53 - 2016-05-22 12:17 - 0008044 _____ () C:\ProgramData\hpzinstall.log
Files to move or delete:
====================
C:\Users\Jitka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
Some files in TEMP:
====================
C:\Users\Jitka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8pnn5r.dll
C:\Users\Jitka\AppData\Local\Temp\libeay32.dll
C:\Users\Jitka\AppData\Local\Temp\msvcr120.dll
C:\Users\Jitka\AppData\Local\Temp\sqlite3.dll
C:\Users\Jitka\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-22 11:32
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: facebook účet zablokován, rozesílá kraviny
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-2940639707-4219176008-972982903-1000\...\RunOnce: [SeznamInstall-uninstall:a7aa602239e96f88a0450dde9374dd5e] => C:\Users\Jitka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2016-05-22] () <===== ATTENTION
C:\Users\Jitka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
GroupPolicyScripts: Restriction <======= ATTENTION
U4 aspnet_state; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Jitka\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
zaloudekmatej
- Návštěvník
- Příspěvky: 35
- Registrován: 19 dub 2016 08:19
Re: facebook účet zablokován, rozesílá kraviny
fix proveden, start panel pořád nejde otevřít, ms edfe se pořád hned po spuštění ukončí programy pořád padají .. při otevření normálního .jpg vyskočí chyba "aplikace nebyla spuštěna" .. není to spíše zralé na kompletní přeinstalaci systému?
Fix result of Farbar Recovery Scan Tool (x86) Version:22-05-2016
Ran by Jitka (2016-05-23 14:13:23) Run:1
Running from C:\Users\Jitka\Desktop
Loaded Profiles: Jitka & (Available Profiles: Jitka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-2940639707-4219176008-972982903-1000\...\RunOnce: [SeznamInstall-uninstall:a7aa602239e96f88a0450dde9374dd5e] => C:\Users\Jitka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2016-05-22] () <===== ATTENTION
C:\Users\Jitka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
GroupPolicyScripts: Restriction <======= ATTENTION
U4 aspnet_state; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Jitka\AppData\Local\Temp
End
*****************
HKU\S-1-5-21-2940639707-4219176008-972982903-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SeznamInstall-uninstall:a7aa602239e96f88a0450dde9374dd5e => value not found.
C:\Users\Jitka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => key removed successfully.
HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
aspnet_state => service removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
"C:\Users\Jitka\AppData\Local\Temp" folder move:
Could not move "C:\Users\Jitka\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-05-23 14:15:48)
C:\Users\Jitka\AppData\Local\Temp => moved successfully
==== End of Fixlog 14:16:13 ====
Fix result of Farbar Recovery Scan Tool (x86) Version:22-05-2016
Ran by Jitka (2016-05-23 14:13:23) Run:1
Running from C:\Users\Jitka\Desktop
Loaded Profiles: Jitka & (Available Profiles: Jitka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-2940639707-4219176008-972982903-1000\...\RunOnce: [SeznamInstall-uninstall:a7aa602239e96f88a0450dde9374dd5e] => C:\Users\Jitka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2016-05-22] () <===== ATTENTION
C:\Users\Jitka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
GroupPolicyScripts: Restriction <======= ATTENTION
U4 aspnet_state; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Jitka\AppData\Local\Temp
End
*****************
HKU\S-1-5-21-2940639707-4219176008-972982903-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SeznamInstall-uninstall:a7aa602239e96f88a0450dde9374dd5e => value not found.
C:\Users\Jitka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => key removed successfully.
HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
aspnet_state => service removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
"C:\Users\Jitka\AppData\Local\Temp" folder move:
Could not move "C:\Users\Jitka\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-05-23 14:15:48)
C:\Users\Jitka\AppData\Local\Temp => moved successfully
==== End of Fixlog 14:16:13 ====
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: facebook účet zablokován, rozesílá kraviny
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
zaloudekmatej
- Návštěvník
- Příspěvky: 35
- Registrován: 19 dub 2016 08:19
Re: facebook účet zablokován, rozesílá kraviny
Psal jsem to výše na začátku příspěvku, pc úplně beze změny
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: facebook účet zablokován, rozesílá kraviny
Promiňte, přehlédl jsem. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
zaloudekmatej
- Návštěvník
- Příspěvky: 35
- Registrován: 19 dub 2016 08:19
Re: facebook účet zablokován, rozesílá kraviny
Dostal jsem se ke správnému výsledku?
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 24.5.2016
Čas skenování: 15:24
Protokol: mwb.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.05.24.04
Databáze rootkitů: v2016.05.20.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x86
Souborový systém: NTFS
Uživatel: Jitka
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 294517
Uplynulý čas: 7 min, 57 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 24.5.2016
Čas skenování: 15:24
Protokol: mwb.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.05.24.04
Databáze rootkitů: v2016.05.20.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x86
Souborový systém: NTFS
Uživatel: Jitka
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 294517
Uplynulý čas: 7 min, 57 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: facebook účet zablokován, rozesílá kraviny
Toto je OK, PC je zcela bez nákazy. Účet vám zablokoval admin FB?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
zaloudekmatej
- Návštěvník
- Příspěvky: 35
- Registrován: 19 dub 2016 08:19
Re: facebook účet zablokován, rozesílá kraviny
vyskakuje text v přesném znění
"Your Computer Needs to Be Cleaned Váš počítač byl pravděpodobně napaden malwarem. Pomůžeme vám problém odstranit a zabezpečit váš účet, aby se malware nerozšiřoval vašim přátelům. Malware je software, který se pokouší ukrást osobní údaje a způsobuje problémy při používání Facebooku. Malware se může do vašeho počítače dostat kliknutím na odkazy, které obsahují spam, nebo jejich sdílením."
Samotný facebook nabízí nějaký program na čištění který majitelka pc několikrát pustila, pc to asi zrovna moc neulevilo .. navíc přihlásit se k danému účtu nejde pouze z tohoto pc ..
Ještě ve stejnou chvíli se začal objevovat ten problém s neotevírajícím se panelem start menu (dočetl jsem se že prý je to chyba ve win 10) takže to spojitost mít asi nebude, ale ještě je tady ten samovolně se zavírající ms edge a taky to že nejde otevřít ani obrázek ..
"Your Computer Needs to Be Cleaned Váš počítač byl pravděpodobně napaden malwarem. Pomůžeme vám problém odstranit a zabezpečit váš účet, aby se malware nerozšiřoval vašim přátelům. Malware je software, který se pokouší ukrást osobní údaje a způsobuje problémy při používání Facebooku. Malware se může do vašeho počítače dostat kliknutím na odkazy, které obsahují spam, nebo jejich sdílením."
Samotný facebook nabízí nějaký program na čištění který majitelka pc několikrát pustila, pc to asi zrovna moc neulevilo .. navíc přihlásit se k danému účtu nejde pouze z tohoto pc ..
Ještě ve stejnou chvíli se začal objevovat ten problém s neotevírajícím se panelem start menu (dočetl jsem se že prý je to chyba ve win 10) takže to spojitost mít asi nebude, ale ještě je tady ten samovolně se zavírající ms edge a taky to že nejde otevřít ani obrázek ..
-
Rudy
- Site Admin
- Příspěvky: 118271
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: facebook účet zablokován, rozesílá kraviny
Skeny ukazují na to, že PC je nyní bez malware. Ještě můžete provlést kontrolu na rootkity:
Nejsou ty obrázky náhodou přejmenovány? Jakou mají soubory obrázků příponu?Stáhněte Malwarebytes Anti-Rootkit http://www.malwarebytes.org/products/mbar/
Uložte nejlépe na Plochu a rozbalte
Spusťte kliknutím na mbar
Nyní postupně klikněte na Next a Update
Po dokončení update (aktualizace) databáze klikněte opět na Next
Nechte zaškrtnute všechny tři možnosti a kliněte na Scan čímž spustíte prohledavani PC
Po dokončeni skenu (cca 5 minutek) zkontrolujte, zda-li je u všech nalezů (samozrejme pokud budou) zatržítko
Tež zkontrolujte, jestli je zatržitko u Create Restore point
Nyní klikněte na CleanUp čímž nalezenou infekci odstraníme
PC bude restartován
Složka mbar by měla obsahovat log (a zřejmě se i sám otevře) mbar-log-rok-měsíc-den (hodina-minuta-sekunda).txt, ten mi sem dejte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
zaloudekmatej
- Návštěvník
- Příspěvky: 35
- Registrován: 19 dub 2016 08:19
Re: facebook účet zablokován, rozesílá kraviny
sken na rootkity také nic nenašel, obrázky jsou klasické .jpg / .jpeg nevím, možná je něco špatně přímo v systému windows
Přispějete na provoz fóra?