Prosím o kontrolu, NTB se chová divně, tak nějak nahodile si uvolňuje a zabírá klidně i 20GB dat z disku ...
Děkuji moc za pomoc ...
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2016
Ran by Martina Lovecká (administrator) on MARTINA (01-12-2016 19:17:04)
Running from C:\Users\Martina Lovecká\Desktop
Loaded Profiles: Martina Lovecká (Available Profiles: Martina Lovecká)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Windows\SysWOW64\slpd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncagent.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(simplitec GmbH) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\cammute.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
() C:\Program Files\WindowsApps\Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt\Facebook.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.4.9926.18471_x64__8wekyb3d8bbwe\glcnd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(forum.viry.cz) C:\Users\Martina Lovecká\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [341448 2014-11-07] (Lenovo Group Limited)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [TpShocks] => C:\windows\system32\TpShocks.exe [384296 2013-08-21] (Lenovo.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [939976 2015-02-20] (Lenovo)
HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [35856 2016-04-12] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [35856 2016-04-12] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [35856 2016-04-12] (Lenovo Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2016-07-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-15] (Vimicro)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [286960 2016-05-25] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [75776 2016-06-03] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-12] (Disc Soft Ltd)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818712 2016-10-12] (Google)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372400 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk [2016-08-29]
ShortcutTarget: Google Calendar Sync.lnk -> C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-05-25]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Martina Lovecká\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-06-04]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.80.47.1 8.8.8.8
Tcpip\..\Interfaces\{868968E4-B74F-45A6-9290-960E863B2FB4}: [DhcpNameServer] 10.80.47.1 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2696491085-2783822483-1749094236-1002 -> DefaultScope {05AF68B1-0A23-43F5-93BA-E00450F0096A} URL =
SearchScopes: HKU\S-1-5-21-2696491085-2783822483-1749094236-1002 -> {05AF68B1-0A23-43F5-93BA-E00450F0096A} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-02-03] (RealDownloader)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-11-09] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-11-09] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-02-03] (RealDownloader)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-11-09] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-09] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-11-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-09] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-11-09] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.3.100 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-05-25] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.3.100 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-05-25] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default [2016-12-01]
CHR Extension: (Prezentace Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-24]
CHR Extension: (Dokumenty Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-24]
CHR Extension: (Disk Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-24]
CHR Extension: (YouTube) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-24]
CHR Extension: (Kalendář Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-08-26]
CHR Extension: (Tabulky Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (AdBlock) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR Extension: (Gmail) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-24]
CHR Extension: (Chrome Media Router) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-15]
CHR HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [566288 2016-04-12] (Lenovo Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3319488 2016-11-09] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-12] (Disc Soft Ltd)
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [41160 2015-10-02] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1576712 2015-10-02] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [182984 2015-10-02] (ESET)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-06-03] (Freemake) [File not signed]
R2 hasplms; C:\windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-09] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-08-29] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2023592 2015-09-25] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [631312 2016-04-12] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited)
S3 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [480712 2015-03-23] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-05-12] ()
R2 LPlatSvc; C:\windows\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59384 2013-07-16] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [138232 2013-07-16] (Lenovo Group Limited)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-02-03] ()
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-05-25] (RealNetworks, Inc.)
R2 slpd; C:\Windows\SysWOW64\slpd.exe [102400 2011-02-17] () [File not signed]
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28544 2016-09-10] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-09] (TeamViewer GmbH)
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [5653736 2015-12-07] (RealVNC Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AX88179; C:\windows\system32\DRIVERS\ax88179_178a.sys [88112 2016-07-13] (ASIX Electronics Corp.)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2016-03-28] (Disc Soft Ltd)
R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [47672 2016-03-28] (Disc Soft Ltd)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [255272 2015-10-08] (ESET)
R1 ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [186272 2015-10-08] (ESET)
R2 epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [169744 2015-10-08] (ESET)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [117192 2013-08-29] (Intel Corporation)
R3 LnvHIDHW; C:\windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-09] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-19] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RTSPER; C:\windows\system32\DRIVERS\RtsPer.sys [418008 2013-06-24] (Realsil Semiconductor Corporation)
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-23] (Synaptics Incorporated)
S3 SSMO3v2Filter; C:\windows\system32\drivers\MO3v2Driver.sys [23040 2010-11-22] (Sagatek Co. Ltd.)
R3 vm331avs; C:\windows\System32\Drivers\vm331avs.sys [1065344 2013-09-11] (Vimicro Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S2 NEWDRIVER; \??\C:\windows\SysWow64\WinVDEdrv6.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-01 19:17 - 2016-12-01 19:17 - 00029517 _____ C:\Users\Martina Lovecká\Desktop\FRST.txt
2016-12-01 19:16 - 2016-12-01 19:17 - 00000000 ____D C:\FRST
2016-12-01 19:15 - 2016-12-01 19:14 - 00112640 _____ (forum.viry.cz) C:\Users\Martina Lovecká\Desktop\FRSTLauncher.exe
2016-12-01 19:14 - 2016-12-01 19:14 - 00112640 _____ (forum.viry.cz) C:\Users\Martina Lovecká\Downloads\Nepotvrzeno 246806.crdownload
2016-12-01 19:12 - 2016-12-01 19:11 - 02411520 _____ (Farbar) C:\Users\Martina Lovecká\Desktop\FRST64.exe
2016-11-29 22:33 - 2016-11-29 22:33 - 00116084 _____ C:\Users\Martina Lovecká\Downloads\Gilmore.Girls.2016.S01E01.720p.WEBRip.x264-TheRival.srt
2016-11-28 16:24 - 2016-11-28 16:30 - 00000000 ____D C:\Users\Martina Lovecká\Desktop\kolo dvůr
2016-11-28 16:23 - 2016-11-28 16:23 - 00003650 _____ C:\windows\System32\Tasks\RNUpgradeHelperResumePrompt_Martina Lovecká
2016-11-28 16:23 - 2016-11-28 16:23 - 00003254 _____ C:\windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Martina Lovecká
2016-11-28 15:40 - 2016-11-30 22:42 - 00003526 _____ C:\windows\System32\Tasks\ReclaimerUpdateXML_Martina Lovecká
2016-11-28 15:40 - 2016-11-30 22:41 - 00003532 _____ C:\windows\System32\Tasks\ReclaimerUpdateFiles_Martina Lovecká
2016-11-28 10:11 - 2016-11-28 10:56 - 931722570 _____ C:\Users\Martina Lovecká\Downloads\Gilmore.Girls.2016.S01E01.720p.WEBRip.x264_TheRival.avi
2016-11-21 16:33 - 2016-11-21 17:36 - 1986069219 _____ C:\Users\Martina Lovecká\Downloads\The.Beatles.Eight.Days.A.Week.2016.HDtv vložené titulky cz novinka.mp4
2016-11-21 11:02 - 2016-11-21 12:34 - 2012256061 _____ C:\Users\Martina Lovecká\Desktop\The.Beatles.Eight.Days.A.Week.2016.720p.x264.AAC.MVGroup.org.mp4
2016-11-20 14:39 - 2016-11-20 14:39 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Local\Tvsukernel
2016-11-20 14:33 - 2016-11-20 14:51 - 00000018 _____ C:\windows\SysWOW64\taskSchedularLog.txt
2016-11-20 14:06 - 2016-11-20 14:06 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-11-10 11:18 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-11-10 11:18 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-11-10 11:18 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-11-10 11:18 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-11-10 11:18 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-11-10 11:18 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-11-10 11:18 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-11-10 11:18 - 2016-10-25 15:11 - 04169216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-11-10 11:18 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-11-10 11:18 - 2016-10-22 17:51 - 00880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-11-10 11:18 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-11-10 11:18 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-11-10 11:18 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-11-10 11:18 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-11-10 11:18 - 2016-10-13 20:06 - 01385280 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-11-10 11:18 - 2016-10-12 09:01 - 00377176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2016-11-10 11:18 - 2016-10-11 21:21 - 00497448 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2016-11-10 11:18 - 2016-10-10 22:17 - 00444248 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-11-10 11:18 - 2016-10-09 23:59 - 00551256 ____C (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2016-11-10 11:18 - 2016-10-08 23:53 - 03754496 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2016-11-10 11:18 - 2016-10-08 23:21 - 01445376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-11-10 11:18 - 2016-10-08 22:49 - 02410496 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll
2016-11-10 11:18 - 2016-10-08 02:34 - 01660040 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-11-10 11:18 - 2016-10-08 02:34 - 01212248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-11-10 11:18 - 2016-09-09 23:52 - 00921944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\refs.sys
2016-11-10 11:18 - 2016-09-09 15:04 - 00864256 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2016-11-10 11:18 - 2016-09-03 17:12 - 00512512 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2016-11-10 11:18 - 2016-09-03 16:58 - 00397824 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2016-11-10 11:18 - 2016-09-01 15:33 - 00377856 _____ (Microsoft Corporation) C:\windows\system32\vmrdvcore.dll
2016-11-10 11:18 - 2016-09-01 15:33 - 00342528 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2016-11-10 11:18 - 2016-09-01 15:31 - 00296960 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
2016-11-10 11:18 - 2016-08-30 03:18 - 00871936 _____ (Microsoft Corporation) C:\windows\system32\msdtcprx.dll
2016-11-10 11:18 - 2016-08-30 03:03 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdtcprx.dll
2016-11-10 11:18 - 2016-08-22 14:34 - 01628672 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2016-11-10 11:17 - 2016-11-02 21:48 - 00372568 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-11-10 11:17 - 2016-11-02 21:48 - 00315224 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-11-10 11:17 - 2016-11-02 15:03 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-11-10 11:17 - 2016-11-02 15:00 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-11-10 11:17 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-11-10 11:17 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-11-10 11:17 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-11-10 11:17 - 2016-10-27 19:07 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2016-11-10 11:17 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-11-10 11:17 - 2016-10-27 18:57 - 01033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-11-10 11:17 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-11-10 11:17 - 2016-10-27 18:47 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-11-10 11:17 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-11-10 11:17 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-11-10 11:17 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-11-10 11:17 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-11-10 11:17 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-11-10 11:17 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-11-10 11:17 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-11-10 11:17 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-11-10 11:17 - 2016-10-22 17:57 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2016-11-10 11:17 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-11-10 11:17 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-11-10 11:17 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-11-10 11:17 - 2016-10-22 17:45 - 00330752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-11-10 11:17 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-11-10 11:17 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-11-10 11:17 - 2016-10-13 20:06 - 01124376 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2016-11-10 11:17 - 2016-10-11 21:21 - 00399776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsvr.dll
2016-11-10 11:17 - 2016-10-11 19:34 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2016-11-10 11:17 - 2016-10-11 18:47 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\input.dll
2016-11-10 11:17 - 2016-10-11 17:55 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\input.dll
2016-11-10 11:17 - 2016-10-10 22:17 - 00333656 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-11-10 11:17 - 2016-10-09 00:12 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-11-10 11:17 - 2016-10-08 23:18 - 00840704 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
2016-11-10 11:17 - 2016-10-08 23:07 - 00332288 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2016-11-10 11:17 - 2016-10-08 23:02 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-11-10 11:17 - 2016-10-08 22:21 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2016-11-10 11:17 - 2016-10-04 21:39 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2016-11-10 11:17 - 2016-10-04 21:23 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-11-10 11:17 - 2016-10-04 21:08 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2016-11-10 11:17 - 2016-10-04 21:08 - 00077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2016-11-10 11:17 - 2016-09-09 23:14 - 00275800 ____C (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2016-11-10 11:17 - 2016-09-09 15:15 - 00269824 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll
2016-11-10 11:17 - 2016-09-09 15:09 - 00203776 _____ (Microsoft Corporation) C:\windows\SysWOW64\DafPrintProvider.dll
2016-11-10 11:17 - 2016-09-09 15:03 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\iscsiwmi.dll
2016-11-10 11:17 - 2016-09-09 15:02 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsiwmi.dll
2016-11-10 11:17 - 2016-09-09 14:38 - 00446124 _____ C:\windows\system32\ApnDatabase.xml
2016-11-10 11:17 - 2016-09-03 19:20 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\iscsidsc.dll
2016-11-10 11:17 - 2016-09-03 19:06 - 00151040 _____ (Microsoft Corporation) C:\windows\system32\iscsiexe.dll
2016-11-10 11:17 - 2016-09-03 18:21 - 00055296 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsidsc.dll
2016-11-10 11:17 - 2016-09-03 18:18 - 00825856 _____ (Microsoft Corporation) C:\windows\system32\pmcsnap.dll
2016-11-10 11:17 - 2016-09-03 17:05 - 01094656 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2016-11-10 11:17 - 2016-09-02 15:05 - 00306176 _____ (Microsoft Corporation) C:\windows\system32\pdh.dll
2016-11-10 11:17 - 2016-09-02 15:05 - 00262144 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdh.dll
2016-11-10 11:17 - 2016-08-30 15:11 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\dab.dll
2016-11-10 11:17 - 2016-08-30 03:45 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\xolehlp.dll
2016-11-10 11:17 - 2016-08-30 03:18 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\xolehlp.dll
2016-11-05 08:53 - 2016-11-05 08:57 - 58632155 _____ C:\Users\Martina Lovecká\Downloads\szidi-tobias---divy-mak.zip
2016-11-05 08:51 - 2016-11-05 08:51 - 00000000 ____D C:\Users\Martina Lovecká\Downloads\SZIDI-TOBIAS---At-se-dobre-deje-(SK-2011)
2016-11-05 08:51 - 2016-11-05 08:51 - 00000000 ____D C:\Users\Martina Lovecká\Downloads\Szidi-Tobias_Jolanka_SK2014_mp3
2016-11-03 18:32 - 2016-11-03 18:32 - 00000000 ____D C:\Users\Martina Lovecká\Documents\MAGIX downloads
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-01 18:51 - 2016-03-23 19:48 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2696491085-2783822483-1749094236-1002
2016-12-01 18:50 - 2016-03-24 09:30 - 00000976 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-01 18:45 - 2016-08-03 11:32 - 00000000 ____D C:\Users\Martina Lovecká\Desktop\uprava fotek
2016-12-01 18:44 - 2016-03-23 19:43 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Local\Packages
2016-12-01 18:44 - 2016-03-23 18:18 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Roaming\vlc
2016-12-01 18:20 - 2016-03-23 19:44 - 00004006 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{D88044DC-ED0A-4ADA-9C9D-0852FF0D329F}
2016-11-30 22:39 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2016-11-30 13:50 - 2016-03-24 09:30 - 00000972 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-29 21:47 - 2016-04-09 09:40 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Local\CrashDumps
2016-11-28 16:27 - 2016-03-23 01:18 - 00739924 _____ C:\windows\system32\perfh005.dat
2016-11-28 16:27 - 2016-03-23 01:18 - 00151610 _____ C:\windows\system32\perfc005.dat
2016-11-28 16:27 - 2013-08-31 16:40 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2016-11-28 15:40 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-28 15:40 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2016-11-27 11:32 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\NDF
2016-11-26 12:29 - 2016-03-23 00:26 - 00000000 ____D C:\windows\System32\Tasks\Lenovo
2016-11-26 12:26 - 2016-03-23 19:44 - 00025271 _____ C:\Users\Martina Lovecká\AppData\Roaming\AbsoluteReminder.xml
2016-11-26 12:25 - 2016-03-23 12:03 - 00000000 ___DO C:\Users\Martina Lovecká\SkyDrive
2016-11-26 12:22 - 2016-10-25 09:58 - 00000000 ___RD C:\Users\Martina Lovecká\Disk Google
2016-11-26 12:21 - 2016-04-12 14:12 - 00000000 ___RD C:\Users\Martina Lovecká\iCloudDrive
2016-11-26 12:21 - 2016-03-24 09:25 - 00000450 _____ C:\windows\Tasks\Power Suite (Tray).job
2016-11-24 20:09 - 2016-03-23 00:44 - 00064000 _____ C:\windows\SysWOW64\Xui.trf
2016-11-20 14:57 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-11-20 14:57 - 2013-08-22 14:25 - 01572864 ___SH C:\windows\system32\config\BBI
2016-11-20 14:56 - 2016-03-23 00:26 - 00000000 ____D C:\windows\Downloaded Installations
2016-11-20 14:06 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-20 14:06 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-11-20 14:05 - 2016-03-23 17:58 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-16 11:48 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
2016-11-15 11:22 - 2013-08-22 15:44 - 05330896 _____ C:\windows\system32\FNTCACHE.DAT
2016-11-15 11:00 - 2013-08-22 16:36 - 00000000 ___RD C:\windows\ToastData
2016-11-14 16:24 - 2016-05-17 08:06 - 00004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-10 13:21 - 2016-03-23 15:09 - 00000000 ____D C:\windows\system32\MRT
2016-11-10 13:21 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2016-11-10 13:18 - 2016-03-23 15:09 - 141011376 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-11-10 12:21 - 2016-03-24 09:31 - 00002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-10 12:21 - 2016-03-24 09:31 - 00002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-06 20:37 - 2016-03-24 09:30 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Local\Google
2016-11-03 18:33 - 2016-10-20 19:45 - 00718142 _____ C:\Users\Martina Lovecká\Desktop\dovolena fotky 2.MVP
==================== Files in the root of some directories =======
2016-03-23 19:44 - 2016-11-26 12:26 - 0025271 _____ () C:\Users\Martina Lovecká\AppData\Roaming\AbsoluteReminder.xml
2016-05-28 17:03 - 2016-05-31 08:08 - 0000602 _____ () C:\Users\Martina Lovecká\AppData\Roaming\MARTINA.MTBF.txt
2016-04-15 17:43 - 2016-05-28 17:05 - 0004608 _____ () C:\Users\Martina Lovecká\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-26 10:05 - 2016-06-26 10:05 - 0000017 _____ () C:\Users\Martina Lovecká\AppData\Local\resmon.resmoncfg
2016-03-23 00:23 - 2016-03-23 00:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Martina Lovecká\AppData\Local\Temp\LSCSetup64.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Power Suite (Tray).job => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
Task: C:\windows\Tasks\Power Suite.job => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Endpoint Antivirus 6.2.2033.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.2.2033.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Martina Loveck \Desktop" je 3079 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\WINDOWS\\System32\\slpd.exe"="C:\\WINDOWS\\System32\\slpd.exe:*:Enabled:Service Location Protocol"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\WINDOWS\\System32\\slpd.exe"="C:\\WINDOWS\\System32\\slpd.exe:*:Enabled:Service Location Protocol"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kontrola logu, problém s místem na disku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu, problém s místem na disku
Zdravím!
Těch 20GB Dat se týká čeho? Oper. systému, celého disku, či něčeho jiného?
Spusťte tuto utilitu:
Těch 20GB Dat se týká čeho? Oper. systému, celého disku, či něčeho jiného?
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu, problém s místem na disku
Ono je to různé, chvilku to hlásí 3GB volného místa na disku, pak najednou 10GB aniž by člověk cokoli udělal, pak vyskočí že je potřeba provést údržbu protože zbývá 200MB ...
# AdwCleaner v6.030 - Log soubor vytvořen 01/12/2016 na 20:43:15
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-12-01.1 [Server]
# Operační systém : Windows 8.1 Pro (X64)
# Uživatelské jméno : Martina Lovecká - MARTINA
# Beží od : C:\Users\Martina Lovecká\Downloads\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Adresáře ] *****
[-] Adresář smazán:C:\Program Files (x86)\Common Files\freemake shared
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Klíč smazán:HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\Software\APN PIP
[#] Klíč smazán po restartování:HKCU\Software\APN PIP
[#] Klíč smazán po restartování:[x64] HKCU\Software\APN PIP
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1189 Bajtů] - [01/12/2016 20:43:15]
C:\AdwCleaner\AdwCleaner[S0].txt - [1655 Bajtů] - [01/12/2016 20:42:52]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1337 Bajtů] ##########
# AdwCleaner v6.030 - Log soubor vytvořen 01/12/2016 na 20:43:15
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-12-01.1 [Server]
# Operační systém : Windows 8.1 Pro (X64)
# Uživatelské jméno : Martina Lovecká - MARTINA
# Beží od : C:\Users\Martina Lovecká\Downloads\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Adresáře ] *****
[-] Adresář smazán:C:\Program Files (x86)\Common Files\freemake shared
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Klíč smazán:HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\Software\APN PIP
[#] Klíč smazán po restartování:HKCU\Software\APN PIP
[#] Klíč smazán po restartování:[x64] HKCU\Software\APN PIP
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1189 Bajtů] - [01/12/2016 20:43:15]
C:\AdwCleaner\AdwCleaner[S0].txt - [1655 Bajtů] - [01/12/2016 20:42:52]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1337 Bajtů] ##########
Re: kontrola logu, problém s místem na disku
Teď po těchto dvou skenech je ze 3GB najednou 94GB volného místa na disku C
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu, problém s místem na disku
OK. Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu, problém s místem na disku
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2016
Ran by Martina Lovecká (administrator) on MARTINA (01-12-2016 21:33:50)
Running from C:\Users\Martina Lovecká\Desktop
Loaded Profiles: Martina Lovecká (Available Profiles: Martina Lovecká)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Windows\SysWOW64\slpd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncagent.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\MSOSYNC.EXE
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(forum.viry.cz) C:\Users\Martina Lovecká\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [341448 2014-11-07] (Lenovo Group Limited)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [TpShocks] => C:\windows\system32\TpShocks.exe [384296 2013-08-21] (Lenovo.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [939976 2015-02-20] (Lenovo)
HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [35856 2016-04-12] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [35856 2016-04-12] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [35856 2016-04-12] (Lenovo Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2016-07-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-15] (Vimicro)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-12] (Disc Soft Ltd)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818712 2016-10-12] (Google)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372400 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
Startup: C:\Users\Martina Lovecká\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-06-04]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.80.47.1 8.8.8.8
Tcpip\..\Interfaces\{868968E4-B74F-45A6-9290-960E863B2FB4}: [DhcpNameServer] 10.80.47.1 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2696491085-2783822483-1749094236-1002 -> DefaultScope {05AF68B1-0A23-43F5-93BA-E00450F0096A} URL =
SearchScopes: HKU\S-1-5-21-2696491085-2783822483-1749094236-1002 -> {05AF68B1-0A23-43F5-93BA-E00450F0096A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-11-09] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-11-09] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-11-09] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-09] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-11-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-09] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-11-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default [2016-12-01]
CHR Extension: (Prezentace Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-24]
CHR Extension: (Dokumenty Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-24]
CHR Extension: (Disk Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-24]
CHR Extension: (YouTube) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-24]
CHR Extension: (Kalendář Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-08-26]
CHR Extension: (Tabulky Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (AdBlock) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR Extension: (Gmail) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-24]
CHR Extension: (Chrome Media Router) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-15]
CHR HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [566288 2016-04-12] (Lenovo Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3319488 2016-11-09] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-12] (Disc Soft Ltd)
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [41160 2015-10-02] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1576712 2015-10-02] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [182984 2015-10-02] (ESET)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-06-03] (Freemake) [File not signed]
R2 hasplms; C:\windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-09] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-08-29] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2023592 2015-09-25] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [631312 2016-04-12] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited)
S3 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [480712 2015-03-23] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-05-12] ()
R2 LPlatSvc; C:\windows\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59384 2013-07-16] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [138232 2013-07-16] (Lenovo Group Limited)
R2 slpd; C:\Windows\SysWOW64\slpd.exe [102400 2011-02-17] () [File not signed]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28544 2016-09-10] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [5653736 2015-12-07] (RealVNC Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AX88179; C:\windows\system32\DRIVERS\ax88179_178a.sys [88112 2016-07-13] (ASIX Electronics Corp.)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2016-03-28] (Disc Soft Ltd)
R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [47672 2016-03-28] (Disc Soft Ltd)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [255272 2015-10-08] (ESET)
R1 ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [186272 2015-10-08] (ESET)
R2 epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [169744 2015-10-08] (ESET)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [117192 2013-08-29] (Intel Corporation)
R3 LnvHIDHW; C:\windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-09] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-19] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RTSPER; C:\windows\system32\DRIVERS\RtsPer.sys [418008 2013-06-24] (Realsil Semiconductor Corporation)
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-23] (Synaptics Incorporated)
S3 SSMO3v2Filter; C:\windows\system32\drivers\MO3v2Driver.sys [23040 2010-11-22] (Sagatek Co. Ltd.)
R3 vm331avs; C:\windows\System32\Drivers\vm331avs.sys [1065344 2013-09-11] (Vimicro Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S2 NEWDRIVER; \??\C:\windows\SysWow64\WinVDEdrv6.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-01 20:41 - 2016-12-01 20:43 - 00000000 ____D C:\AdwCleaner
2016-12-01 20:41 - 2016-12-01 20:41 - 03910208 _____ C:\Users\Martina Lovecká\Downloads\adwcleaner_6.030.exe
2016-12-01 19:17 - 2016-12-01 21:33 - 00025525 _____ C:\Users\Martina Lovecká\Desktop\FRST.txt
2016-12-01 19:16 - 2016-12-01 19:17 - 00000000 ____D C:\FRST
2016-12-01 19:15 - 2016-12-01 19:14 - 00112640 _____ (forum.viry.cz) C:\Users\Martina Lovecká\Desktop\FRSTLauncher.exe
2016-12-01 19:14 - 2016-12-01 19:14 - 00112640 _____ (forum.viry.cz) C:\Users\Martina Lovecká\Downloads\Nepotvrzeno 246806.crdownload
2016-12-01 19:12 - 2016-12-01 19:11 - 02411520 _____ (Farbar) C:\Users\Martina Lovecká\Desktop\FRST64.exe
2016-11-29 22:33 - 2016-11-29 22:33 - 00116084 _____ C:\Users\Martina Lovecká\Downloads\Gilmore.Girls.2016.S01E01.720p.WEBRip.x264-TheRival.srt
2016-11-28 16:24 - 2016-11-28 16:30 - 00000000 ____D C:\Users\Martina Lovecká\Desktop\kolo dvůr
2016-11-28 10:11 - 2016-11-28 10:56 - 931722570 _____ C:\Users\Martina Lovecká\Downloads\Gilmore.Girls.2016.S01E01.720p.WEBRip.x264_TheRival.avi
2016-11-21 16:33 - 2016-11-21 17:36 - 1986069219 _____ C:\Users\Martina Lovecká\Downloads\The.Beatles.Eight.Days.A.Week.2016.HDtv vložené titulky cz novinka.mp4
2016-11-21 11:02 - 2016-11-21 12:34 - 2012256061 _____ C:\Users\Martina Lovecká\Desktop\The.Beatles.Eight.Days.A.Week.2016.720p.x264.AAC.MVGroup.org.mp4
2016-11-20 14:39 - 2016-11-20 14:39 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Local\Tvsukernel
2016-11-20 14:33 - 2016-11-20 14:51 - 00000018 _____ C:\windows\SysWOW64\taskSchedularLog.txt
2016-11-20 14:06 - 2016-11-20 14:06 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-11-10 11:18 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-11-10 11:18 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-11-10 11:18 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-11-10 11:18 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-11-10 11:18 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-11-10 11:18 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-11-10 11:18 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-11-10 11:18 - 2016-10-25 15:11 - 04169216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-11-10 11:18 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-11-10 11:18 - 2016-10-22 17:51 - 00880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-11-10 11:18 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-11-10 11:18 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-11-10 11:18 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-11-10 11:18 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-11-10 11:18 - 2016-10-13 20:06 - 01385280 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-11-10 11:18 - 2016-10-12 09:01 - 00377176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2016-11-10 11:18 - 2016-10-11 21:21 - 00497448 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2016-11-10 11:18 - 2016-10-10 22:17 - 00444248 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-11-10 11:18 - 2016-10-09 23:59 - 00551256 ____C (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2016-11-10 11:18 - 2016-10-08 23:53 - 03754496 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2016-11-10 11:18 - 2016-10-08 23:21 - 01445376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-11-10 11:18 - 2016-10-08 22:49 - 02410496 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll
2016-11-10 11:18 - 2016-10-08 02:34 - 01660040 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-11-10 11:18 - 2016-10-08 02:34 - 01212248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-11-10 11:18 - 2016-09-09 23:52 - 00921944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\refs.sys
2016-11-10 11:18 - 2016-09-09 15:04 - 00864256 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2016-11-10 11:18 - 2016-09-03 17:12 - 00512512 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2016-11-10 11:18 - 2016-09-03 16:58 - 00397824 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2016-11-10 11:18 - 2016-09-01 15:33 - 00377856 _____ (Microsoft Corporation) C:\windows\system32\vmrdvcore.dll
2016-11-10 11:18 - 2016-09-01 15:33 - 00342528 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2016-11-10 11:18 - 2016-09-01 15:31 - 00296960 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
2016-11-10 11:18 - 2016-08-30 03:18 - 00871936 _____ (Microsoft Corporation) C:\windows\system32\msdtcprx.dll
2016-11-10 11:18 - 2016-08-30 03:03 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdtcprx.dll
2016-11-10 11:18 - 2016-08-22 14:34 - 01628672 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2016-11-10 11:17 - 2016-11-02 21:48 - 00372568 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-11-10 11:17 - 2016-11-02 21:48 - 00315224 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-11-10 11:17 - 2016-11-02 15:03 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-11-10 11:17 - 2016-11-02 15:00 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-11-10 11:17 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-11-10 11:17 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-11-10 11:17 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-11-10 11:17 - 2016-10-27 19:07 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2016-11-10 11:17 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-11-10 11:17 - 2016-10-27 18:57 - 01033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-11-10 11:17 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-11-10 11:17 - 2016-10-27 18:47 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-11-10 11:17 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-11-10 11:17 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-11-10 11:17 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-11-10 11:17 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-11-10 11:17 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-11-10 11:17 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-11-10 11:17 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-11-10 11:17 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-11-10 11:17 - 2016-10-22 17:57 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2016-11-10 11:17 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-11-10 11:17 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-11-10 11:17 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-11-10 11:17 - 2016-10-22 17:45 - 00330752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-11-10 11:17 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-11-10 11:17 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-11-10 11:17 - 2016-10-13 20:06 - 01124376 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2016-11-10 11:17 - 2016-10-11 21:21 - 00399776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsvr.dll
2016-11-10 11:17 - 2016-10-11 19:34 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2016-11-10 11:17 - 2016-10-11 18:47 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\input.dll
2016-11-10 11:17 - 2016-10-11 17:55 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\input.dll
2016-11-10 11:17 - 2016-10-10 22:17 - 00333656 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-11-10 11:17 - 2016-10-09 00:12 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-11-10 11:17 - 2016-10-08 23:18 - 00840704 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
2016-11-10 11:17 - 2016-10-08 23:07 - 00332288 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2016-11-10 11:17 - 2016-10-08 23:02 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-11-10 11:17 - 2016-10-08 22:21 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2016-11-10 11:17 - 2016-10-04 21:39 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2016-11-10 11:17 - 2016-10-04 21:23 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-11-10 11:17 - 2016-10-04 21:08 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2016-11-10 11:17 - 2016-10-04 21:08 - 00077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2016-11-10 11:17 - 2016-09-09 23:14 - 00275800 ____C (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2016-11-10 11:17 - 2016-09-09 15:15 - 00269824 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll
2016-11-10 11:17 - 2016-09-09 15:09 - 00203776 _____ (Microsoft Corporation) C:\windows\SysWOW64\DafPrintProvider.dll
2016-11-10 11:17 - 2016-09-09 15:03 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\iscsiwmi.dll
2016-11-10 11:17 - 2016-09-09 15:02 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsiwmi.dll
2016-11-10 11:17 - 2016-09-09 14:38 - 00446124 _____ C:\windows\system32\ApnDatabase.xml
2016-11-10 11:17 - 2016-09-03 19:20 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\iscsidsc.dll
2016-11-10 11:17 - 2016-09-03 19:06 - 00151040 _____ (Microsoft Corporation) C:\windows\system32\iscsiexe.dll
2016-11-10 11:17 - 2016-09-03 18:21 - 00055296 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsidsc.dll
2016-11-10 11:17 - 2016-09-03 18:18 - 00825856 _____ (Microsoft Corporation) C:\windows\system32\pmcsnap.dll
2016-11-10 11:17 - 2016-09-03 17:05 - 01094656 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2016-11-10 11:17 - 2016-09-02 15:05 - 00306176 _____ (Microsoft Corporation) C:\windows\system32\pdh.dll
2016-11-10 11:17 - 2016-09-02 15:05 - 00262144 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdh.dll
2016-11-10 11:17 - 2016-08-30 15:11 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\dab.dll
2016-11-10 11:17 - 2016-08-30 03:45 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\xolehlp.dll
2016-11-10 11:17 - 2016-08-30 03:18 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\xolehlp.dll
2016-11-05 08:53 - 2016-11-05 08:57 - 58632155 _____ C:\Users\Martina Lovecká\Downloads\szidi-tobias---divy-mak.zip
2016-11-05 08:51 - 2016-11-05 08:51 - 00000000 ____D C:\Users\Martina Lovecká\Downloads\SZIDI-TOBIAS---At-se-dobre-deje-(SK-2011)
2016-11-05 08:51 - 2016-11-05 08:51 - 00000000 ____D C:\Users\Martina Lovecká\Downloads\Szidi-Tobias_Jolanka_SK2014_mp3
2016-11-03 18:32 - 2016-11-03 18:32 - 00000000 ____D C:\Users\Martina Lovecká\Documents\MAGIX downloads
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-01 21:32 - 2016-05-25 15:59 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Roaming\Real
2016-12-01 21:31 - 2016-10-25 09:58 - 00000000 ___RD C:\Users\Martina Lovecká\Disk Google
2016-12-01 21:31 - 2016-04-12 14:12 - 00000000 ___RD C:\Users\Martina Lovecká\iCloudDrive
2016-12-01 21:31 - 2016-03-24 09:30 - 00000972 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-01 21:31 - 2016-03-23 12:03 - 00000000 ___DO C:\Users\Martina Lovecká\SkyDrive
2016-12-01 21:31 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-12-01 21:30 - 2013-08-22 14:25 - 01572864 ___SH C:\windows\system32\config\BBI
2016-12-01 21:24 - 2016-03-23 01:18 - 00739924 _____ C:\windows\system32\perfh005.dat
2016-12-01 21:24 - 2016-03-23 01:18 - 00151610 _____ C:\windows\system32\perfc005.dat
2016-12-01 21:24 - 2013-08-31 16:40 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2016-12-01 21:24 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2016-12-01 21:22 - 2016-03-23 19:48 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2696491085-2783822483-1749094236-1002
2016-12-01 21:19 - 2016-05-25 15:59 - 00000000 ____D C:\ProgramData\Real
2016-12-01 21:19 - 2016-05-25 15:59 - 00000000 ____D C:\Program Files (x86)\Real
2016-12-01 21:19 - 2016-03-23 00:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-01 21:14 - 2016-03-24 09:30 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-01 21:11 - 2016-03-23 00:44 - 00078336 _____ C:\windows\SysWOW64\Xui.trf
2016-12-01 21:10 - 2016-03-23 00:22 - 00000000 ____D C:\Program Files\Lenovo
2016-12-01 21:10 - 2016-03-23 00:22 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-12-01 21:05 - 2016-03-23 00:26 - 00000000 ____D C:\windows\System32\Tasks\Lenovo
2016-12-01 20:57 - 2016-07-29 12:51 - 00000000 ____D C:\Program Files (x86)\Glarysoft
2016-12-01 20:53 - 2016-03-23 19:43 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Roaming\Lenovo
2016-12-01 20:53 - 2016-03-23 01:16 - 00000000 ____D C:\ProgramData\Lenovo
2016-12-01 20:53 - 2016-03-23 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2016-12-01 20:53 - 2016-03-23 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-12-01 20:50 - 2016-03-24 09:30 - 00000976 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-01 20:49 - 2016-03-23 19:44 - 00026803 _____ C:\Users\Martina Lovecká\AppData\Roaming\AbsoluteReminder.xml
2016-12-01 19:28 - 2016-03-24 10:00 - 00000994 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-12-01 19:28 - 2016-03-24 10:00 - 00000982 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2016-12-01 19:28 - 2016-03-24 10:00 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-01 18:45 - 2016-08-03 11:32 - 00000000 ____D C:\Users\Martina Lovecká\Desktop\uprava fotek
2016-12-01 18:44 - 2016-03-23 19:43 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Local\Packages
2016-12-01 18:44 - 2016-03-23 18:18 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Roaming\vlc
2016-12-01 18:20 - 2016-03-23 19:44 - 00004006 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{D88044DC-ED0A-4ADA-9C9D-0852FF0D329F}
2016-11-29 21:47 - 2016-04-09 09:40 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Local\CrashDumps
2016-11-28 15:40 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-28 15:40 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2016-11-27 11:32 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\NDF
2016-11-20 14:56 - 2016-03-23 00:26 - 00000000 ____D C:\windows\Downloaded Installations
2016-11-20 14:06 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-20 14:06 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-11-20 14:05 - 2016-03-23 17:58 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-16 11:48 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
2016-11-15 11:22 - 2013-08-22 15:44 - 05330896 _____ C:\windows\system32\FNTCACHE.DAT
2016-11-15 11:00 - 2013-08-22 16:36 - 00000000 ___RD C:\windows\ToastData
2016-11-14 16:24 - 2016-05-17 08:06 - 00004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-10 13:21 - 2016-03-23 15:09 - 00000000 ____D C:\windows\system32\MRT
2016-11-10 13:21 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2016-11-10 13:18 - 2016-03-23 15:09 - 141011376 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-11-10 12:21 - 2016-03-24 09:31 - 00002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-10 12:21 - 2016-03-24 09:31 - 00002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-06 20:37 - 2016-03-24 09:30 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Local\Google
2016-11-03 18:33 - 2016-10-20 19:45 - 00718142 _____ C:\Users\Martina Lovecká\Desktop\dovolena fotky 2.MVP
==================== Files in the root of some directories =======
2016-03-23 19:44 - 2016-12-01 20:49 - 0026803 _____ () C:\Users\Martina Lovecká\AppData\Roaming\AbsoluteReminder.xml
2016-05-28 17:03 - 2016-05-31 08:08 - 0000602 _____ () C:\Users\Martina Lovecká\AppData\Roaming\MARTINA.MTBF.txt
2016-04-15 17:43 - 2016-05-28 17:05 - 0004608 _____ () C:\Users\Martina Lovecká\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-26 10:05 - 2016-06-26 10:05 - 0000017 _____ () C:\Users\Martina Lovecká\AppData\Local\resmon.resmoncfg
2016-03-23 00:23 - 2016-03-23 00:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Martina Lovecká\AppData\Local\Temp\libeay32.dll
C:\Users\Martina Lovecká\AppData\Local\Temp\lowproc.exe
C:\Users\Martina Lovecká\AppData\Local\Temp\LSCSetup64.exe
C:\Users\Martina Lovecká\AppData\Local\Temp\msvcr120.dll
C:\Users\Martina Lovecká\AppData\Local\Temp\sqlite3.dll
C:\Users\Martina Lovecká\AppData\Local\Temp\stubhelper.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Endpoint Antivirus 6.2.2033.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.2.2033.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Martina Loveck \Desktop" je 3079 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\WINDOWS\\System32\\slpd.exe"="C:\\WINDOWS\\System32\\slpd.exe:*:Enabled:Service Location Protocol"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\WINDOWS\\System32\\slpd.exe"="C:\\WINDOWS\\System32\\slpd.exe:*:Enabled:Service Location Protocol"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Martina Lovecká (administrator) on MARTINA (01-12-2016 21:33:50)
Running from C:\Users\Martina Lovecká\Desktop
Loaded Profiles: Martina Lovecká (Available Profiles: Martina Lovecká)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Windows\SysWOW64\slpd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncagent.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\MSOSYNC.EXE
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(forum.viry.cz) C:\Users\Martina Lovecká\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [341448 2014-11-07] (Lenovo Group Limited)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [TpShocks] => C:\windows\system32\TpShocks.exe [384296 2013-08-21] (Lenovo.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [939976 2015-02-20] (Lenovo)
HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [35856 2016-04-12] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [35856 2016-04-12] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [35856 2016-04-12] (Lenovo Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2016-07-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-15] (Vimicro)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-12] (Disc Soft Ltd)
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818712 2016-10-12] (Google)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372400 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
Startup: C:\Users\Martina Lovecká\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-06-04]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.80.47.1 8.8.8.8
Tcpip\..\Interfaces\{868968E4-B74F-45A6-9290-960E863B2FB4}: [DhcpNameServer] 10.80.47.1 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2696491085-2783822483-1749094236-1002 -> DefaultScope {05AF68B1-0A23-43F5-93BA-E00450F0096A} URL =
SearchScopes: HKU\S-1-5-21-2696491085-2783822483-1749094236-1002 -> {05AF68B1-0A23-43F5-93BA-E00450F0096A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-11-09] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-11-09] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-11-09] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-09] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-09] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-11-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-09] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-11-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default [2016-12-01]
CHR Extension: (Prezentace Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-24]
CHR Extension: (Dokumenty Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-24]
CHR Extension: (Disk Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-24]
CHR Extension: (YouTube) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-24]
CHR Extension: (Kalendář Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-08-26]
CHR Extension: (Tabulky Google) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (AdBlock) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR Extension: (Gmail) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-24]
CHR Extension: (Chrome Media Router) - C:\Users\Martina Lovecká\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-15]
CHR HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [566288 2016-04-12] (Lenovo Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3319488 2016-11-09] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-12] (Disc Soft Ltd)
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [41160 2015-10-02] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1576712 2015-10-02] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [182984 2015-10-02] (ESET)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-06-03] (Freemake) [File not signed]
R2 hasplms; C:\windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-09] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-08-29] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2023592 2015-09-25] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [631312 2016-04-12] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited)
S3 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [480712 2015-03-23] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-05-12] ()
R2 LPlatSvc; C:\windows\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59384 2013-07-16] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [138232 2013-07-16] (Lenovo Group Limited)
R2 slpd; C:\Windows\SysWOW64\slpd.exe [102400 2011-02-17] () [File not signed]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28544 2016-09-10] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [5653736 2015-12-07] (RealVNC Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AX88179; C:\windows\system32\DRIVERS\ax88179_178a.sys [88112 2016-07-13] (ASIX Electronics Corp.)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2016-03-28] (Disc Soft Ltd)
R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [47672 2016-03-28] (Disc Soft Ltd)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [255272 2015-10-08] (ESET)
R1 ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [186272 2015-10-08] (ESET)
R2 epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [169744 2015-10-08] (ESET)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [117192 2013-08-29] (Intel Corporation)
R3 LnvHIDHW; C:\windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-09] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-19] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RTSPER; C:\windows\system32\DRIVERS\RtsPer.sys [418008 2013-06-24] (Realsil Semiconductor Corporation)
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-23] (Synaptics Incorporated)
S3 SSMO3v2Filter; C:\windows\system32\drivers\MO3v2Driver.sys [23040 2010-11-22] (Sagatek Co. Ltd.)
R3 vm331avs; C:\windows\System32\Drivers\vm331avs.sys [1065344 2013-09-11] (Vimicro Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S2 NEWDRIVER; \??\C:\windows\SysWow64\WinVDEdrv6.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-01 20:41 - 2016-12-01 20:43 - 00000000 ____D C:\AdwCleaner
2016-12-01 20:41 - 2016-12-01 20:41 - 03910208 _____ C:\Users\Martina Lovecká\Downloads\adwcleaner_6.030.exe
2016-12-01 19:17 - 2016-12-01 21:33 - 00025525 _____ C:\Users\Martina Lovecká\Desktop\FRST.txt
2016-12-01 19:16 - 2016-12-01 19:17 - 00000000 ____D C:\FRST
2016-12-01 19:15 - 2016-12-01 19:14 - 00112640 _____ (forum.viry.cz) C:\Users\Martina Lovecká\Desktop\FRSTLauncher.exe
2016-12-01 19:14 - 2016-12-01 19:14 - 00112640 _____ (forum.viry.cz) C:\Users\Martina Lovecká\Downloads\Nepotvrzeno 246806.crdownload
2016-12-01 19:12 - 2016-12-01 19:11 - 02411520 _____ (Farbar) C:\Users\Martina Lovecká\Desktop\FRST64.exe
2016-11-29 22:33 - 2016-11-29 22:33 - 00116084 _____ C:\Users\Martina Lovecká\Downloads\Gilmore.Girls.2016.S01E01.720p.WEBRip.x264-TheRival.srt
2016-11-28 16:24 - 2016-11-28 16:30 - 00000000 ____D C:\Users\Martina Lovecká\Desktop\kolo dvůr
2016-11-28 10:11 - 2016-11-28 10:56 - 931722570 _____ C:\Users\Martina Lovecká\Downloads\Gilmore.Girls.2016.S01E01.720p.WEBRip.x264_TheRival.avi
2016-11-21 16:33 - 2016-11-21 17:36 - 1986069219 _____ C:\Users\Martina Lovecká\Downloads\The.Beatles.Eight.Days.A.Week.2016.HDtv vložené titulky cz novinka.mp4
2016-11-21 11:02 - 2016-11-21 12:34 - 2012256061 _____ C:\Users\Martina Lovecká\Desktop\The.Beatles.Eight.Days.A.Week.2016.720p.x264.AAC.MVGroup.org.mp4
2016-11-20 14:39 - 2016-11-20 14:39 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Local\Tvsukernel
2016-11-20 14:33 - 2016-11-20 14:51 - 00000018 _____ C:\windows\SysWOW64\taskSchedularLog.txt
2016-11-20 14:06 - 2016-11-20 14:06 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-11-10 11:18 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-11-10 11:18 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-11-10 11:18 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-11-10 11:18 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-11-10 11:18 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-11-10 11:18 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-11-10 11:18 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-11-10 11:18 - 2016-10-25 15:11 - 04169216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-11-10 11:18 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-11-10 11:18 - 2016-10-22 17:51 - 00880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-11-10 11:18 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-11-10 11:18 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-11-10 11:18 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-11-10 11:18 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-11-10 11:18 - 2016-10-13 20:06 - 01385280 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-11-10 11:18 - 2016-10-12 09:01 - 00377176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2016-11-10 11:18 - 2016-10-11 21:21 - 00497448 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2016-11-10 11:18 - 2016-10-10 22:17 - 00444248 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-11-10 11:18 - 2016-10-09 23:59 - 00551256 ____C (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2016-11-10 11:18 - 2016-10-08 23:53 - 03754496 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2016-11-10 11:18 - 2016-10-08 23:21 - 01445376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-11-10 11:18 - 2016-10-08 22:49 - 02410496 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll
2016-11-10 11:18 - 2016-10-08 02:34 - 01660040 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-11-10 11:18 - 2016-10-08 02:34 - 01212248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-11-10 11:18 - 2016-09-09 23:52 - 00921944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\refs.sys
2016-11-10 11:18 - 2016-09-09 15:04 - 00864256 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2016-11-10 11:18 - 2016-09-03 17:12 - 00512512 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2016-11-10 11:18 - 2016-09-03 16:58 - 00397824 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2016-11-10 11:18 - 2016-09-01 15:33 - 00377856 _____ (Microsoft Corporation) C:\windows\system32\vmrdvcore.dll
2016-11-10 11:18 - 2016-09-01 15:33 - 00342528 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2016-11-10 11:18 - 2016-09-01 15:31 - 00296960 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
2016-11-10 11:18 - 2016-08-30 03:18 - 00871936 _____ (Microsoft Corporation) C:\windows\system32\msdtcprx.dll
2016-11-10 11:18 - 2016-08-30 03:03 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdtcprx.dll
2016-11-10 11:18 - 2016-08-22 14:34 - 01628672 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2016-11-10 11:17 - 2016-11-02 21:48 - 00372568 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-11-10 11:17 - 2016-11-02 21:48 - 00315224 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-11-10 11:17 - 2016-11-02 15:03 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-11-10 11:17 - 2016-11-02 15:00 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-11-10 11:17 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-11-10 11:17 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-11-10 11:17 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-11-10 11:17 - 2016-10-27 19:07 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2016-11-10 11:17 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-11-10 11:17 - 2016-10-27 18:57 - 01033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-11-10 11:17 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-11-10 11:17 - 2016-10-27 18:47 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-11-10 11:17 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-11-10 11:17 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-11-10 11:17 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-11-10 11:17 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-11-10 11:17 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-11-10 11:17 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-11-10 11:17 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-11-10 11:17 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-11-10 11:17 - 2016-10-22 17:57 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2016-11-10 11:17 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-11-10 11:17 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-11-10 11:17 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-11-10 11:17 - 2016-10-22 17:45 - 00330752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-11-10 11:17 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-11-10 11:17 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-11-10 11:17 - 2016-10-13 20:06 - 01124376 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2016-11-10 11:17 - 2016-10-11 21:21 - 00399776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsvr.dll
2016-11-10 11:17 - 2016-10-11 19:34 - 00247296 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2016-11-10 11:17 - 2016-10-11 18:47 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\input.dll
2016-11-10 11:17 - 2016-10-11 17:55 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\input.dll
2016-11-10 11:17 - 2016-10-10 22:17 - 00333656 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-11-10 11:17 - 2016-10-09 00:12 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-11-10 11:17 - 2016-10-08 23:18 - 00840704 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
2016-11-10 11:17 - 2016-10-08 23:07 - 00332288 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2016-11-10 11:17 - 2016-10-08 23:02 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-11-10 11:17 - 2016-10-08 22:21 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2016-11-10 11:17 - 2016-10-04 21:39 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2016-11-10 11:17 - 2016-10-04 21:23 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-11-10 11:17 - 2016-10-04 21:08 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2016-11-10 11:17 - 2016-10-04 21:08 - 00077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2016-11-10 11:17 - 2016-09-09 23:14 - 00275800 ____C (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2016-11-10 11:17 - 2016-09-09 15:15 - 00269824 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll
2016-11-10 11:17 - 2016-09-09 15:09 - 00203776 _____ (Microsoft Corporation) C:\windows\SysWOW64\DafPrintProvider.dll
2016-11-10 11:17 - 2016-09-09 15:03 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\iscsiwmi.dll
2016-11-10 11:17 - 2016-09-09 15:02 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsiwmi.dll
2016-11-10 11:17 - 2016-09-09 14:38 - 00446124 _____ C:\windows\system32\ApnDatabase.xml
2016-11-10 11:17 - 2016-09-03 19:20 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\iscsidsc.dll
2016-11-10 11:17 - 2016-09-03 19:06 - 00151040 _____ (Microsoft Corporation) C:\windows\system32\iscsiexe.dll
2016-11-10 11:17 - 2016-09-03 18:21 - 00055296 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsidsc.dll
2016-11-10 11:17 - 2016-09-03 18:18 - 00825856 _____ (Microsoft Corporation) C:\windows\system32\pmcsnap.dll
2016-11-10 11:17 - 2016-09-03 17:05 - 01094656 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2016-11-10 11:17 - 2016-09-02 15:05 - 00306176 _____ (Microsoft Corporation) C:\windows\system32\pdh.dll
2016-11-10 11:17 - 2016-09-02 15:05 - 00262144 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdh.dll
2016-11-10 11:17 - 2016-08-30 15:11 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\dab.dll
2016-11-10 11:17 - 2016-08-30 03:45 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\xolehlp.dll
2016-11-10 11:17 - 2016-08-30 03:18 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\xolehlp.dll
2016-11-05 08:53 - 2016-11-05 08:57 - 58632155 _____ C:\Users\Martina Lovecká\Downloads\szidi-tobias---divy-mak.zip
2016-11-05 08:51 - 2016-11-05 08:51 - 00000000 ____D C:\Users\Martina Lovecká\Downloads\SZIDI-TOBIAS---At-se-dobre-deje-(SK-2011)
2016-11-05 08:51 - 2016-11-05 08:51 - 00000000 ____D C:\Users\Martina Lovecká\Downloads\Szidi-Tobias_Jolanka_SK2014_mp3
2016-11-03 18:32 - 2016-11-03 18:32 - 00000000 ____D C:\Users\Martina Lovecká\Documents\MAGIX downloads
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-01 21:32 - 2016-05-25 15:59 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Roaming\Real
2016-12-01 21:31 - 2016-10-25 09:58 - 00000000 ___RD C:\Users\Martina Lovecká\Disk Google
2016-12-01 21:31 - 2016-04-12 14:12 - 00000000 ___RD C:\Users\Martina Lovecká\iCloudDrive
2016-12-01 21:31 - 2016-03-24 09:30 - 00000972 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-01 21:31 - 2016-03-23 12:03 - 00000000 ___DO C:\Users\Martina Lovecká\SkyDrive
2016-12-01 21:31 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-12-01 21:30 - 2013-08-22 14:25 - 01572864 ___SH C:\windows\system32\config\BBI
2016-12-01 21:24 - 2016-03-23 01:18 - 00739924 _____ C:\windows\system32\perfh005.dat
2016-12-01 21:24 - 2016-03-23 01:18 - 00151610 _____ C:\windows\system32\perfc005.dat
2016-12-01 21:24 - 2013-08-31 16:40 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2016-12-01 21:24 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2016-12-01 21:22 - 2016-03-23 19:48 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2696491085-2783822483-1749094236-1002
2016-12-01 21:19 - 2016-05-25 15:59 - 00000000 ____D C:\ProgramData\Real
2016-12-01 21:19 - 2016-05-25 15:59 - 00000000 ____D C:\Program Files (x86)\Real
2016-12-01 21:19 - 2016-03-23 00:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-01 21:14 - 2016-03-24 09:30 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-01 21:11 - 2016-03-23 00:44 - 00078336 _____ C:\windows\SysWOW64\Xui.trf
2016-12-01 21:10 - 2016-03-23 00:22 - 00000000 ____D C:\Program Files\Lenovo
2016-12-01 21:10 - 2016-03-23 00:22 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-12-01 21:05 - 2016-03-23 00:26 - 00000000 ____D C:\windows\System32\Tasks\Lenovo
2016-12-01 20:57 - 2016-07-29 12:51 - 00000000 ____D C:\Program Files (x86)\Glarysoft
2016-12-01 20:53 - 2016-03-23 19:43 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Roaming\Lenovo
2016-12-01 20:53 - 2016-03-23 01:16 - 00000000 ____D C:\ProgramData\Lenovo
2016-12-01 20:53 - 2016-03-23 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2016-12-01 20:53 - 2016-03-23 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-12-01 20:50 - 2016-03-24 09:30 - 00000976 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-01 20:49 - 2016-03-23 19:44 - 00026803 _____ C:\Users\Martina Lovecká\AppData\Roaming\AbsoluteReminder.xml
2016-12-01 19:28 - 2016-03-24 10:00 - 00000994 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-12-01 19:28 - 2016-03-24 10:00 - 00000982 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2016-12-01 19:28 - 2016-03-24 10:00 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-01 18:45 - 2016-08-03 11:32 - 00000000 ____D C:\Users\Martina Lovecká\Desktop\uprava fotek
2016-12-01 18:44 - 2016-03-23 19:43 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Local\Packages
2016-12-01 18:44 - 2016-03-23 18:18 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Roaming\vlc
2016-12-01 18:20 - 2016-03-23 19:44 - 00004006 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{D88044DC-ED0A-4ADA-9C9D-0852FF0D329F}
2016-11-29 21:47 - 2016-04-09 09:40 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Local\CrashDumps
2016-11-28 15:40 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-28 15:40 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2016-11-27 11:32 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\NDF
2016-11-20 14:56 - 2016-03-23 00:26 - 00000000 ____D C:\windows\Downloaded Installations
2016-11-20 14:06 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-20 14:06 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-11-20 14:05 - 2016-03-23 17:58 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-16 11:48 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
2016-11-15 11:22 - 2013-08-22 15:44 - 05330896 _____ C:\windows\system32\FNTCACHE.DAT
2016-11-15 11:00 - 2013-08-22 16:36 - 00000000 ___RD C:\windows\ToastData
2016-11-14 16:24 - 2016-05-17 08:06 - 00004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-10 13:21 - 2016-03-23 15:09 - 00000000 ____D C:\windows\system32\MRT
2016-11-10 13:21 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2016-11-10 13:18 - 2016-03-23 15:09 - 141011376 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-11-10 12:21 - 2016-03-24 09:31 - 00002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-10 12:21 - 2016-03-24 09:31 - 00002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-06 20:37 - 2016-03-24 09:30 - 00000000 ____D C:\Users\Martina Lovecká\AppData\Local\Google
2016-11-03 18:33 - 2016-10-20 19:45 - 00718142 _____ C:\Users\Martina Lovecká\Desktop\dovolena fotky 2.MVP
==================== Files in the root of some directories =======
2016-03-23 19:44 - 2016-12-01 20:49 - 0026803 _____ () C:\Users\Martina Lovecká\AppData\Roaming\AbsoluteReminder.xml
2016-05-28 17:03 - 2016-05-31 08:08 - 0000602 _____ () C:\Users\Martina Lovecká\AppData\Roaming\MARTINA.MTBF.txt
2016-04-15 17:43 - 2016-05-28 17:05 - 0004608 _____ () C:\Users\Martina Lovecká\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-26 10:05 - 2016-06-26 10:05 - 0000017 _____ () C:\Users\Martina Lovecká\AppData\Local\resmon.resmoncfg
2016-03-23 00:23 - 2016-03-23 00:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Martina Lovecká\AppData\Local\Temp\libeay32.dll
C:\Users\Martina Lovecká\AppData\Local\Temp\lowproc.exe
C:\Users\Martina Lovecká\AppData\Local\Temp\LSCSetup64.exe
C:\Users\Martina Lovecká\AppData\Local\Temp\msvcr120.dll
C:\Users\Martina Lovecká\AppData\Local\Temp\sqlite3.dll
C:\Users\Martina Lovecká\AppData\Local\Temp\stubhelper.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Endpoint Antivirus 6.2.2033.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.2.2033.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Martina Loveck \Desktop" je 3079 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\WINDOWS\\System32\\slpd.exe"="C:\\WINDOWS\\System32\\slpd.exe:*:Enabled:Service Location Protocol"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\WINDOWS\\System32\\slpd.exe"="C:\\WINDOWS\\System32\\slpd.exe:*:Enabled:Service Location Protocol"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu, problém s místem na disku
Otevřte poznámkový blok a zkopírujte do něj:
Z logu:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2696491085-2783822483-1749094236-1002 -> DefaultScope {05AF68B1-0A23-43F5-93BA-E00450F0096A} URL =
SearchScopes: HKU\S-1-5-21-2696491085-2783822483-1749094236-1002 -> {05AF68B1-0A23-43F5-93BA-E00450F0096A} URL =
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\Martina Lovecká\AppData\Local\Temp
EmptyTemp:
End
Z logu:
To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\Martina Lovecká novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.Velikost slozky "C:\Users\Martina Lovecká \Desktop" je 3079 MB.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu, problém s místem na disku
NTB staruje úplně v pohodě, to je OK, ale i tak díky ...
Fix result of Farbar Recovery Scan Tool (x64) Version: 30-11-2016
Ran by Martina Lovecká (02-12-2016 09:26:20) Run:1
Running from C:\Users\Martina Lovecká\Desktop
Loaded Profiles: Martina Lovecká (Available Profiles: Martina Lovecká)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2696491085-2783822483-1749094236-1002 -> DefaultScope {05AF68B1-0A23-43F5-93BA-E00450F0096A} URL =
SearchScopes: HKU\S-1-5-21-2696491085-2783822483-1749094236-1002 -> {05AF68B1-0A23-43F5-93BA-E00450F0096A} URL =
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\Martina Lovecká\AppData\Local\Temp
EmptyTemp:
End
*****************
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{05AF68B1-0A23-43F5-93BA-E00450F0096A}" => key removed successfully
HKCR\CLSID\{05AF68B1-0A23-43F5-93BA-E00450F0096A} => key not found.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"C:\Users\Martina Lovecká\AppData\Local\Temp" folder move:
Could not move "C:\Users\Martina Lovecká\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36278142 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 22338298 B
Edge => 0 B
Chrome => 34901984 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 1365013 B
LocalService => 10990 B
NetworkService => 0 B
Martina Lovecká => 131056700 B
RecycleBin => 0 B
EmptyTemp: => 223.5 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 02-12-2016 09:28:37)
C:\Users\Martina Lovecká\AppData\Local\Temp => moved successfully
==== End of Fixlog 09:28:37 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 30-11-2016
Ran by Martina Lovecká (02-12-2016 09:26:20) Run:1
Running from C:\Users\Martina Lovecká\Desktop
Loaded Profiles: Martina Lovecká (Available Profiles: Martina Lovecká)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2696491085-2783822483-1749094236-1002 -> DefaultScope {05AF68B1-0A23-43F5-93BA-E00450F0096A} URL =
SearchScopes: HKU\S-1-5-21-2696491085-2783822483-1749094236-1002 -> {05AF68B1-0A23-43F5-93BA-E00450F0096A} URL =
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\Martina Lovecká\AppData\Local\Temp
EmptyTemp:
End
*****************
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2696491085-2783822483-1749094236-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{05AF68B1-0A23-43F5-93BA-E00450F0096A}" => key removed successfully
HKCR\CLSID\{05AF68B1-0A23-43F5-93BA-E00450F0096A} => key not found.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"C:\Users\Martina Lovecká\AppData\Local\Temp" folder move:
Could not move "C:\Users\Martina Lovecká\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36278142 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 22338298 B
Edge => 0 B
Chrome => 34901984 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 1365013 B
LocalService => 10990 B
NetworkService => 0 B
Martina Lovecká => 131056700 B
RecycleBin => 0 B
EmptyTemp: => 223.5 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 02-12-2016 09:28:37)
C:\Users\Martina Lovecká\AppData\Local\Temp => moved successfully
==== End of Fixlog 09:28:37 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu, problém s místem na disku
Smazáno. Kolik máte nyní volného místa na syst. disku?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu, problém s místem na disku
Už delší dobu se tam drží asi 94GB a to je v pořádku, takže moc diky =)
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu, problém s místem na disku
Jj. To je až dost. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?