﻿Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by Ekospol (administrator) on NOSKA (30-12-2016 08:13:37)
Running from C:\Users\Ekospol\Documents\b3
Loaded Profiles: Ekospol (Available Profiles: Ekospol & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Windows\Temp\gEE93.tmp.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Zabbix SIA) C:\zabbix\zabbix_agentd.exe
(Hewlett-Packard Development Company) C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\launcher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.48.2066.101\SZBrowser_autoupdate.exe
(Google Inc.) C:\Users\Ekospol\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7570136 2014-04-15] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-03-06] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-08-07] (CyberLink Corp.)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2213592 2014-02-05] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2109952 2014-10-07] (Dominik Reichl)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-2861624394-871130569-1612233255-1001\...\Run: [HP Officejet 7500 E910 (NET)] => C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2861624394-871130569-1612233255-1001\...\Run: [Google Update] => C:\Users\Ekospol\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-19] (Google Inc.)
HKU\S-1-5-21-2861624394-871130569-1612233255-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-2861624394-871130569-1612233255-1001\...\RunOnce: [Uninstall C:\Users\Ekospol\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ekospol\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-2861624394-871130569-1612233255-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
Lsa: [Notification Packages] DPPassFilter scecli
ShellExecuteHooks: No Name - {B9320EEE-AB3C-11E6-BA01-64006A5CFC23} - C:\Users\Ekospol\AppData\Roaming\Jaberge\Ckesuge.dll -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-19] (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.251
Tcpip\..\Interfaces\{46860AD7-E388-466F-BF98-AE642F1A7127}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{46860AD7-E388-466F-BF98-AE642F1A7127}: [DhcpNameServer] 192.168.1.251

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-10-11] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-19] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-03] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-19] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-03] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: a0kga05n.default-1481037319380
FF ProfilePath: C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\h44knnl7.default [not found]
FF ProfilePath: C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\hk50ls8f.default-1477288871359 [2016-12-20]
FF ProfilePath: C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\a0kga05n.default-1481037319380 [2016-12-30]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\a0kga05n.default-1481037319380\Extensions\firefox@zenmate.com.xpi [2016-12-19]
FF Extension: (Screengrab (fix version)) - C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\a0kga05n.default-1481037319380\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2016-12-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-19]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2014-08-08] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-19]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-03] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-02-11] (DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-2861624394-871130569-1612233255-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ekospol\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-2861624394-871130569-1612233255-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ekospol\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.kdb.cz/
CHR StartupUrls: Default -> "hxxp://dev.rezervacnik.cz/www/","hxxps://github.com/jakubhouzvicka/Rezervacnik-DEV/commits/master"
CHR DefaultSearchKeyword: Default -> google.cz_
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default [2016-12-30]
CHR Extension: (Prezentace Google) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-25]
CHR Extension: (Dokumenty Google) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-25]
CHR Extension: (Disk Google) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-13]
CHR Extension: (YouTube) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-25]
CHR Extension: (Tabulky Google) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-25]
CHR Extension: (Wunderlist - To-do and Task list) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc [2016-12-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-13]
CHR Extension: (Gmail) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19]
CHR Profile: C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-12-13]
CHR Extension: (Avast Online Security) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-06]
CHR Extension: (HP Client Security Manager) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2016-12-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-06]
CHR Extension: (Chrome Media Router) - C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-19]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2014-02-11]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2015-09-15] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-19] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [370656 2016-05-19] (AVAST Software)
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [76336 2016-11-28] (CyberGhost S.R.L)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-11-01] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-08-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-08-12] (CyberLink)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2014-02-11] (DigitalPersona, Inc.)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567608 2013-11-20] (Hewlett-Packard Company)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
R2 HpDamServiceHost; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [18232 2013-11-15] (Hewlett-Packard Development Company)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-20] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-04] (Microsoft Corporation)
R2 Zabbix Agent; C:\zabbix\zabbix_agentd.exe [385024 2015-03-12] (Zabbix SIA) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [37656 2016-05-19] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [37144 2016-05-19] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [107792 2016-05-19] (AVAST Software)
R3 aswNetNd6; C:\windows\System32\DRIVERS\aswNetNd6.sys [28312 2016-05-19] (AVAST Software)
R1 aswNetSec; C:\windows\system32\drivers\aswNetSec.sys [536312 2016-05-19] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [103064 2016-05-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-19] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1070904 2016-05-19] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [465792 2016-05-19] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [166432 2016-05-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
R1 CLVirtualDrive; C:\windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-10-07] (Hewlett-Packard Company)
R0 iaStorF; C:\windows\System32\drivers\iaStorF.sys [28008 2014-03-14] (Intel Corporation)
S3 MEIx64; C:\windows\system32\drivers\TeeDriverx64.sys [116736 2014-02-20] (Intel Corporation)
R0 PinFile; C:\windows\System32\DRIVERS\PinFile.sys [49856 2014-02-03] (WinMagic Inc.)
R0 SDDisk2K; C:\windows\System32\DRIVERS\SDDisk2K.sys [228544 2014-02-03] (WinMagic Inc.)
R0 SDDToki; C:\windows\System32\DRIVERS\SDDToki.sys [131264 2014-02-03] (WinMagic Inc.)
S3 wdm_usb; C:\windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-29 15:41 - 2016-12-29 15:41 - 00000000 ____D C:\Users\Ekospol\AppData\Roaming\Adobe
2016-12-29 15:41 - 2016-12-29 15:41 - 00000000 ____D C:\Users\Ekospol\AppData\Local\Adobe
2016-12-29 15:41 - 2016-12-29 15:41 - 00000000 ____D C:\ProgramData\Adobe
2016-12-29 07:53 - 2016-12-29 14:36 - 00000000 ____D C:\Users\Ekospol\AppData\Local\CrashDumps
2016-12-29 07:49 - 2016-12-29 07:51 - 00000000 ____D C:\AdwCleaner
2016-12-28 16:23 - 2016-12-30 08:13 - 00000000 ____D C:\FRST
2016-12-28 15:45 - 2016-12-28 15:45 - 00000000 ____D C:\Users\Ekospol\AppData\Local\CEF
2016-12-28 11:46 - 2016-12-28 12:48 - 00688352 _____ C:\windows\ntbtlog.txt
2016-12-23 16:01 - 2016-12-23 16:09 - 00000000 __SHD C:\Users\Public\DRM
2016-12-23 14:32 - 2016-12-23 14:36 - 00000577 _____ C:\Users\Ekospol\Documents\temp.txt
2016-12-23 10:57 - 2016-12-23 10:57 - 00006477 _____ C:\Users\Ekospol\Desktop\JRT.txt
2016-12-23 10:48 - 2016-12-23 10:54 - 00002124 _____ C:\Users\Ekospol\Desktop\Rkill.txt
2016-12-23 08:35 - 2016-12-23 08:35 - 00092827 _____ C:\Users\Ekospol\Downloads\2016_12_7_barrandov-hruba-stavba (1).pdf
2016-12-23 08:34 - 2016-12-23 08:34 - 00092844 _____ C:\Users\Ekospol\Downloads\2016_12_19_ekospol-pf (1).pdf
2016-12-23 08:17 - 2016-12-23 08:17 - 00091876 _____ C:\Users\Ekospol\Downloads\nové přednášky_veterináři.pdf
2016-12-22 08:47 - 2016-12-22 08:47 - 00092850 _____ C:\Users\Ekospol\Downloads\2016_12_19_ekospol-pf.pdf
2016-12-22 08:10 - 2016-12-22 08:11 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-21 14:04 - 2016-12-21 14:04 - 00000000 ____D C:\Users\Ekospol\AppData\Roaming\VitySoft
2016-12-20 09:13 - 2016-12-20 09:13 - 00000990 _____ C:\windows\system32\.crusader
2016-12-20 08:53 - 2016-12-20 09:21 - 00000000 ____D C:\Program Files\HitmanPro
2016-12-20 08:52 - 2016-12-20 09:14 - 00000000 ____D C:\ProgramData\HitmanPro
2016-12-20 08:47 - 2016-12-20 08:47 - 03977168 _____ C:\Users\Ekospol\Downloads\adwcleaner_6.041.exe
2016-12-19 08:49 - 2016-12-19 08:49 - 00092833 _____ C:\Users\Ekospol\Downloads\2016_12_7_barrandov-hruba-stavba.pdf
2016-12-12 11:48 - 2016-12-12 11:48 - 00000000 _____ C:\autoexec.bat
2016-12-12 10:42 - 2016-12-12 10:42 - 00091093 _____ C:\Users\Ekospol\Downloads\Kontakty(2).csv
2016-12-12 10:42 - 2016-12-12 10:42 - 00091093 _____ C:\Users\Ekospol\Downloads\Kontakty(1).csv
2016-12-09 08:29 - 2016-12-09 08:29 - 00092003 _____ C:\Users\Ekospol\Downloads\nové přednášky_pátá_vlna-na všechny (4).pdf
2016-12-08 08:48 - 2016-12-08 08:48 - 00092003 _____ C:\Users\Ekospol\Downloads\nové přednášky_pátá_vlna-na všechny (3).pdf
2016-12-07 14:52 - 2016-12-07 14:52 - 00092007 _____ C:\Users\Ekospol\Downloads\nové přednášky_pátá_vlna-na všechny (2).pdf
2016-12-06 15:38 - 2016-12-06 15:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-06 14:51 - 2016-12-06 14:51 - 00290304 _____ (Microsoft Corporation) C:\windows\SysWOW64\subinacl.exe
2016-12-06 14:28 - 2016-12-06 14:28 - 00006030 _____ C:\windows\System32\Tasks\Galerentannly Server
2016-12-06 14:27 - 2016-12-30 08:15 - 00016734 _____ C:\windows\System32\Tasks\935z56777t378
2016-12-06 14:27 - 2016-12-06 14:27 - 00000929 _____ C:\Users\Public\Desktop\Download setup.lnk
2016-12-06 14:27 - 2016-12-06 14:27 - 00000000 ___HD C:\ProgramData\935z56777t378
2016-12-06 14:21 - 2016-12-29 09:18 - 00000000 ____D C:\Users\Ekospol\Documents\b3
2016-12-06 10:25 - 2016-12-06 10:25 - 00091966 _____ C:\Users\Ekospol\Downloads\nové přednášky_pátá_vlna-na všechny.pdf
2016-12-06 10:25 - 2016-12-06 10:25 - 00091966 _____ C:\Users\Ekospol\Downloads\nové přednášky_pátá_vlna-na všechny (1).pdf
2016-12-05 15:01 - 2016-12-05 15:01 - 00091935 _____ C:\Users\Ekospol\Downloads\nové přednášky_čtvrtá_vlna.pdf
2016-12-05 15:00 - 2016-12-05 15:00 - 00091871 _____ C:\Users\Ekospol\Downloads\2x přednáška-třetí rozesílka-co neotevřeli.pdf
2016-12-02 10:48 - 2016-12-16 14:44 - 00000000 ____D C:\Users\Ekospol\Documents\!!!analýza weby listopad 16
2016-12-02 09:37 - 2016-12-05 08:59 - 00000000 ____D C:\Users\Ekospol\Documents\seznam 2017
2016-12-02 09:07 - 2016-12-02 09:07 - 00000000 ____D C:\Users\Ekospol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdWords Editor
2016-12-02 08:20 - 2016-12-02 08:20 - 00092013 _____ C:\Users\Ekospol\Downloads\2016_11_24-dalsi-tipy-na-byty_3kk_kopie_kopie.pdf
2016-11-30 08:44 - 2016-11-30 08:44 - 00091861 _____ C:\Users\Ekospol\Downloads\nové přednášky_třetí vlna (1).pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-30 08:13 - 2009-07-14 05:45 - 00027568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-30 08:13 - 2009-07-14 05:45 - 00027568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-30 08:10 - 2016-11-18 16:45 - 00000000 ____D C:\Users\Ekospol\AppData\LocalLow\Mozilla
2016-12-30 08:07 - 2015-08-31 07:34 - 00000000 ____D C:\Users\Ekospol\AppData\Roaming\Skype
2016-12-30 08:07 - 2014-11-03 10:06 - 00000000 ____D C:\Users\Ekospol\Documents\Soubory aplikace Outlook
2016-12-30 08:04 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-12-29 19:38 - 2016-05-16 09:38 - 00000911 _____ C:\windows\Tasks\EPSON L1300 Series Update {DE41C75C-65A8-4BA4-BA9F-9234500E0AC8}.job
2016-12-29 19:38 - 2016-05-16 09:38 - 00000725 _____ C:\windows\Tasks\EPSON L1300 Series Invitation {DE41C75C-65A8-4BA4-BA9F-9234500E0AC8}.job
2016-12-29 19:38 - 2009-07-14 06:32 - 00000000 ____D C:\windows\system32\FxsTmp
2016-12-29 16:05 - 2014-12-31 14:30 - 00000000 ____D C:\Users\Ekospol\AppData\Roaming\KeePass
2016-12-29 15:47 - 2014-08-08 06:06 - 00684158 _____ C:\windows\system32\perfh005.dat
2016-12-29 15:47 - 2014-08-08 06:06 - 00146664 _____ C:\windows\system32\perfc005.dat
2016-12-29 15:47 - 2009-07-14 06:13 - 01617264 _____ C:\windows\system32\PerfStringBackup.INI
2016-12-29 15:47 - 2009-07-14 04:20 - 00000000 ____D C:\windows\inf
2016-12-29 11:24 - 2016-04-29 14:55 - 00000000 ____D C:\Users\Ekospol\Documents\bann
2016-12-29 08:05 - 2009-07-14 06:08 - 00032638 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-12-28 20:06 - 2016-10-31 10:18 - 00000000 ____D C:\Users\Ekospol\AppData\Roaming\Wise Auto Shutdown
2016-12-28 20:06 - 2016-06-07 07:12 - 00000000 ____D C:\Users\Ekospol\AppData\Local\Intel_Corporation
2016-12-28 20:06 - 2015-12-04 08:21 - 00000000 ____D C:\windows\System32\Tasks\AVAST Software
2016-12-28 20:06 - 2015-04-07 16:26 - 00000000 ____D C:\Users\Guest
2016-12-28 20:06 - 2015-02-24 16:27 - 00000000 ____D C:\Users\Ekospol\AppData\Local\BusyNeed
2016-12-28 20:06 - 2015-01-26 16:33 - 00000000 ____D C:\Users\Ekospol\AppData\Local\Avant_Prime
2016-12-28 20:06 - 2015-01-26 16:21 - 00000000 ____D C:\Users\Ekospol\AppData\Local\Softomotive
2016-12-28 20:06 - 2015-01-26 16:20 - 00000000 ____D C:\Users\Ekospol\AppData\Local\IIIQ
2016-12-28 20:06 - 2015-01-26 09:24 - 00000000 ____D C:\Users\Ekospol\AppData\Local\CloverETL Designer Community
2016-12-28 20:06 - 2014-12-22 17:28 - 00000000 ____D C:\Users\Ekospol\AppData\Local\Microsoft_Corporation
2016-12-28 20:06 - 2014-12-18 13:42 - 00000000 ____D C:\Users\Ekospol\AppData\Local\Doist_Ltd
2016-12-28 20:06 - 2014-11-21 15:47 - 00000000 ____D C:\Users\Ekospol\AppData\Local\gtk-2.0
2016-12-28 20:06 - 2014-11-03 15:36 - 00000000 ____D C:\Users\Ekospol\AppData\Roaming\GHISLER
2016-12-28 20:06 - 2014-10-08 02:57 - 00000000 ____D C:\Users\Ekospol\AppData\Local\RemEngine
2016-12-28 20:06 - 2014-10-08 02:57 - 00000000 ____D C:\Users\Ekospol\AppData\Local\Hewlett-Packard_Company
2016-12-28 20:06 - 2014-10-08 02:56 - 00000000 ____D C:\Users\Ekospol
2016-12-28 20:06 - 2009-07-14 04:20 - 00000000 ____D C:\windows\servicing
2016-12-28 20:06 - 2009-07-14 04:20 - 00000000 ____D C:\windows\registration
2016-12-28 20:06 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-28 14:21 - 2016-11-22 13:14 - 00000000 ____D C:\Users\Ekospol\Documents\!adwords
2016-12-28 12:49 - 2014-10-08 13:52 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-12-28 11:42 - 2014-05-06 01:51 - 00000000 ____D C:\SWSETUP
2016-12-28 09:55 - 2014-10-08 16:09 - 00000000 ____D C:\windows\system32\MRT
2016-12-25 03:25 - 2016-02-23 16:23 - 00000000 ____D C:\windows\System32\Tasks\Games
2016-12-23 15:56 - 2016-09-22 09:22 - 00000000 ____D C:\Users\Ekospol\AppData\Roaming\jEdit
2016-12-23 10:20 - 2014-11-07 14:03 - 00000000 ____D C:\Users\Ekospol\AppData\Roaming\Google
2016-12-22 08:06 - 2014-10-09 09:16 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-19 12:37 - 2016-10-24 07:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-19 09:07 - 2016-03-07 15:38 - 00003564 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2861624394-871130569-1612233255-1001UA
2016-12-19 09:07 - 2016-03-07 15:38 - 00003292 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2861624394-871130569-1612233255-1001Core
2016-12-19 08:31 - 2014-10-08 13:41 - 00003384 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-19 08:31 - 2014-10-08 13:41 - 00003256 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-19 08:30 - 2016-11-18 09:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-16 14:13 - 2016-09-22 09:21 - 00000886 _____ C:\Users\Ekospol\Desktop\jEdit.lnk
2016-12-16 14:13 - 2016-08-23 07:54 - 00001780 _____ C:\Users\Ekospol\Desktop\CyberGhost 6.lnk
2016-12-16 14:13 - 2015-12-18 08:11 - 00001173 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-12-15 10:32 - 2014-10-08 13:42 - 00002203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-13 10:11 - 2016-09-05 07:31 - 00000000 ____D C:\Users\Ekospol\AppData\Roaming\TeamViewer
2016-12-13 10:11 - 2016-09-05 07:30 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-13 10:10 - 2014-10-09 09:11 - 00000000 ____D C:\windows\Minidump
2016-12-13 10:10 - 2013-12-03 21:17 - 00000000 ____D C:\windows\Panther
2016-12-12 11:45 - 2014-08-08 06:43 - 00000000 ____D C:\ProgramData\Temp
2016-12-12 09:42 - 2016-08-05 12:27 - 01048649 _____ C:\zabbix_agentd.log.old
2016-12-08 11:23 - 2016-11-09 12:17 - 00000000 ____D C:\Users\Ekospol\Documents\b2
2016-12-08 08:51 - 2016-08-09 07:41 - 00000000 ____D C:\Program Files\totalcmd
2016-12-08 08:08 - 2013-12-03 21:26 - 01608938 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-12-08 08:07 - 2009-07-14 06:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2016-12-06 16:15 - 2016-10-24 07:01 - 00000000 ____D C:\Users\Ekospol\Desktop\Původní data aplikace Firefox
2016-12-06 16:02 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Vss
2016-12-06 16:00 - 2014-10-09 09:22 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2016-12-06 14:30 - 2016-11-15 08:52 - 00000000 ____D C:\952fa6cff9835b748175898e2946
2016-12-06 14:30 - 2015-11-11 20:28 - 00000000 ____D C:\7148f83c28e724c90e93
2016-12-06 14:30 - 2015-08-06 14:07 - 00000000 ____D C:\Marketing
2016-12-06 14:30 - 2015-03-16 15:37 - 00000000 ____D C:\Program Files (x86)\Adobe Illustrator
2016-12-06 14:30 - 2014-12-31 14:21 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2016-12-06 14:30 - 2014-08-08 06:44 - 00000000 ___RD C:\Program Files (x86)\Online Services
2016-12-06 14:30 - 2014-08-08 06:43 - 00000000 ____D C:\Program Files (x86)\CyberLink
2016-12-06 14:29 - 2016-11-08 08:31 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-06 14:29 - 2016-10-31 10:18 - 00000000 ____D C:\Program Files (x86)\Wise
2016-12-06 14:29 - 2016-07-15 15:37 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-12-06 14:29 - 2015-11-19 10:13 - 00000000 ____D C:\Program Files (x86)\Opera
2016-12-06 14:29 - 2015-09-16 09:13 - 00000000 ____D C:\Program Files (x86)\WinSCP
2016-12-06 14:29 - 2015-05-22 09:21 - 00000000 ____D C:\Program Files (x86)\MySQL
2016-12-06 14:29 - 2015-02-24 15:24 - 00000000 ____D C:\Program Files (x86)\WebSundew 4 SE
2016-12-06 14:29 - 2015-01-26 11:30 - 00000000 ____D C:\Program Files (x86)\Web Content Extractor
2016-12-06 14:29 - 2014-11-11 11:12 - 00000000 ____D C:\Program Files (x86)\HP
2016-12-06 14:29 - 2014-11-03 15:47 - 00000000 ____D C:\Program Files (x86)\NetBeans 8.0.1
2016-12-06 14:29 - 2014-11-03 13:15 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-06 14:29 - 2014-10-08 13:49 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-06 14:29 - 2014-10-08 13:41 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-06 14:29 - 2014-08-08 06:45 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-12-06 14:29 - 2014-08-08 06:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-06 14:29 - 2014-08-08 06:39 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-12-06 14:29 - 2014-08-08 06:39 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-12-06 14:29 - 2014-08-08 06:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-06 14:29 - 2014-08-08 06:36 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-12-06 14:29 - 2014-08-08 06:31 - 00000000 ____D C:\Program Files (x86)\Intel
2016-12-06 14:29 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-12-06 14:29 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-12-06 14:29 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-06 14:29 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-12-06 14:29 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-12-06 14:29 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-06 14:29 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-12-02 16:38 - 2015-11-02 11:21 - 00000000 ____D C:\Users\Ekospol\Documents\!!!analýza weby říjen
2016-12-01 13:43 - 2015-09-16 09:16 - 00000600 _____ C:\Users\Ekospol\AppData\Roaming\winscp.rnd

==================== Files in the root of some directories =======

2015-09-16 09:16 - 2016-12-01 13:43 - 0000600 _____ () C:\Users\Ekospol\AppData\Roaming\winscp.rnd
2015-01-26 14:40 - 2015-01-26 14:40 - 0000308 _____ () C:\Users\Ekospol\AppData\Local\gl.tmp
2014-11-21 15:53 - 2014-11-21 15:53 - 0002103 _____ () C:\Users\Ekospol\AppData\Local\recently-used.xbel
2015-01-26 15:01 - 2015-01-26 15:08 - 0000048 ____H () C:\Users\Ekospol\AppData\Local\vwr_lic.dat
2014-11-21 13:08 - 2014-11-21 13:08 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-08-08 06:38 - 2014-08-08 06:39 - 8864708 _____ () C:\ProgramData\hpcsmmsilogs.log
2014-08-08 06:46 - 2014-08-08 06:46 - 1278752 _____ () C:\ProgramData\hpdam_install_log.txt
2014-08-08 06:46 - 2014-08-08 06:46 - 0544474 _____ () C:\ProgramData\HPFileSanitizer_Install_Log.txt
2014-11-10 13:10 - 2014-11-10 13:10 - 0000055 _____ () C:\ProgramData\pconfig.dat

Files to move or delete:
====================
C:\ProgramData\pconfig.dat


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-05 10:18

==================== End of FRST.txt ============================