Samovolné otevírání oken v prohlížeči, při kliknutí kamkoliv
Napsal: 04 úno 2017 20:53
Dobrý večer,
v chromu při kliknutí kamkoliv čí psaní , vyskakují nevyžádaná okna s pornem, soutěží nebo stránky , které se tváří, že jsou od Microsoftu.
Pročistili jsme pc Adwar cleanerem ale okna stále vyskakují.
Děkuji předem za pomoc a ochotu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
Ran by Andrejka (administrator) on A-PC (04-02-2017 20:44:32)
Running from C:\Users\Andrejka\Desktop
Loaded Profiles: Andrejka & UpdatusUser (Available Profiles: Andrejka & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CÍGLER SOFTWARE, a.s.) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MS3Auto.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) C:\Users\Andrejka\AppData\Local\Apps\2.0\Q0Q5A74O.597\4Y0E0VKT.BL4\lsb...tion_2d7b41b05b24775e_0001.0006_4ccd0b1bea5227ca\LSB.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(forum.viry.cz) C:\Users\Andrejka\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AmIcoSinglun64] => c:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2012-04-27] (Alcor Micro Corp.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2899216 2012-04-18] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [410896 2012-04-18] (Synaptics)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2016-01-31] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6199128 2016-01-31] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [548864 2011-12-09] (Vimicro)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2849641181-2342539820-3421546230-1000\...\Run: [GoogleChromeAutoLaunch_74A5810E6D4D1CD89630C5C531BBBE6A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1104728 2016-12-08] (Google Inc.)
HKU\S-1-5-21-2849641181-2342539820-3421546230-1000\...\Run: [S3Automatic] => C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MS3Auto.exe [31631312 2016-11-29] (CÍGLER SOFTWARE, a.s.)
HKU\S-1-5-21-2849641181-2342539820-3421546230-1000\...\Run: [S3AutomaticSTART] => C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MS3Auto.exe [31631312 2016-11-29] (CÍGLER SOFTWARE, a.s.)
HKU\S-1-5-21-2849641181-2342539820-3421546230-1000\...\MountPoints2: D - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2849641181-2342539820-3421546230-1000\...\MountPoints2: {16fefc62-c8e8-11e6-b291-3c970e337901} - D:\HiSuiteDownLoader.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156256 2013-12-26] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.132.31.132 31.132.31.232
Tcpip\..\Interfaces\{AC4373F7-BA43-4474-AB3C-39B1D7D60CE2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F8E0EED6-D2C0-46E5-8400-9C886B6FE3EC}: [DhcpNameServer] 31.132.31.132 31.132.31.232
Internet Explorer:
==================
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
FireFox:
========
FF DefaultProfile: 5xguzx17.default
FF ProfilePath: C:\Users\Andrejka\AppData\Roaming\Mozilla\Firefox\Profiles\5xguzx17.default [2017-02-04]
FF NewTab: Mozilla\Firefox\Profiles\5xguzx17.default -> hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... 8_CZ_ff_nt_
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\5xguzx17.default -> Amazon
FF Homepage: Mozilla\Firefox\Profiles\5xguzx17.default -> www.google.cz/
FF Extension: (Google Translator for Firefox) - C:\Users\Andrejka\AppData\Roaming\Mozilla\Firefox\Profiles\5xguzx17.default\Extensions\translator@zoli.bod.xpi [2017-02-02]
FF Extension: (Diagnostics) - C:\Users\Andrejka\AppData\Roaming\Mozilla\Firefox\Profiles\5xguzx17.default\features\{d512048d-0315-4eaf-b5b0-c6fb3fde60ec}\diagnostics@mozilla.org.xpi [2017-02-02]
FF Extension: (Send HSTS Priming Requests) - C:\Users\Andrejka\AppData\Roaming\Mozilla\Firefox\Profiles\5xguzx17.default\features\{d512048d-0315-4eaf-b5b0-c6fb3fde60ec}\hsts-priming@mozilla.org.xpi [2017-02-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2849641181-2342539820-3421546230-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Andrejka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
Chrome:
=======
CHR Profile: C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default [2017-02-04]
CHR Extension: (Prezentace Google) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-16]
CHR Extension: (Dokumenty Google) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-16]
CHR Extension: (Disk Google) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-16]
CHR Extension: (YouTube) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-16]
CHR Extension: (Export History) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknbcfebliancjjedjblkhfefoppcedo [2016-12-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Diep Friends - by Creators of Agar.pw) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbhaejibfpkjkblcnhccangahmmlgejd [2016-08-15]
CHR Extension: (Tabulky Google) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-16]
CHR Extension: (GIVT.cz) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggfjoibkmcdpipebclkmekplmdjhmkop [2016-12-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-31]
CHR Extension: (Agar/Slither Infinity) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnhheoadpkhnhicikbeaikololmoegma [2016-10-30]
CHR Extension: (Tlačítko Pin It) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-11-01]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-01-31]
CHR Extension: (FormApps Chrome Extension) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2016-08-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-16]
CHR Extension: (Chrome Media Router) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]
CHR Profile: C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\System Profile [2016-03-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-29] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-29] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272864 2015-12-10] (Lenovo)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1318128 2017-01-23] (Overwolf LTD)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6887696 2015-11-30] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 SmbDrvIntel; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27408 2012-04-18] (Synaptics Incorporated)
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-04 20:44 - 2017-02-04 20:44 - 00021366 _____ C:\Users\Andrejka\Desktop\FRST.txt
2017-02-04 20:31 - 2017-02-04 20:31 - 00000000 ____D C:\FRST
2017-02-04 20:30 - 2017-02-04 20:30 - 00112640 _____ (forum.viry.cz) C:\Users\Andrejka\Desktop\FRSTLauncher.exe
2017-02-04 20:28 - 2017-02-04 20:28 - 02420736 _____ (Farbar) C:\Users\Andrejka\Desktop\FRST64.exe
2017-02-02 15:05 - 2017-02-02 15:05 - 00077146 _____ C:\Users\Andrejka\Desktop\otvíračka pátek.pdf
2017-02-02 11:08 - 2017-02-02 11:10 - 00000000 ____D C:\AdwCleaner
2017-02-02 11:06 - 2017-02-02 11:07 - 04015056 _____ C:\Users\Andrejka\Downloads\adwcleaner_6.043.exe
2017-02-02 10:54 - 2017-02-02 10:54 - 20229480 _____ C:\Users\Andrejka\Downloads\FISKARS- CENÍKY.zip
2017-02-01 09:38 - 2017-02-01 09:38 - 00000110 ____H C:\Users\Andrejka\Downloads\16467311_1626962380654277_948502074_n.jpg.uid-zps
2017-02-01 09:38 - 2017-02-01 09:38 - 00000110 ____H C:\Users\Andrejka\Downloads\16466994_1626962403987608_2133468565_n.jpg.uid-zps
2017-02-01 09:38 - 2017-02-01 09:38 - 00000110 ____H C:\Users\Andrejka\Downloads\16442926_1626960257321156_1995635054_o.jpg.uid-zps
2017-02-01 09:38 - 2017-02-01 09:38 - 00000110 ____H C:\Users\Andrejka\Downloads\16389418_1626960100654505_437363031_o.jpg.uid-zps
2017-02-01 09:37 - 2017-02-01 09:37 - 00000110 ____H C:\Users\Andrejka\Downloads\16467308_1626962367320945_1218474671_n.jpg.uid-zps
2017-01-31 17:30 - 2017-01-31 17:30 - 00068109 _____ C:\Users\Andrejka\Desktop\Internetové bankovnictví vs3.pdf
2017-01-31 17:22 - 2017-01-31 17:22 - 00025221 _____ C:\Users\Andrejka\Downloads\Internetové-bankovnictví.trojcata.pdf
2017-01-31 17:21 - 2017-01-31 17:21 - 00070337 _____ C:\Users\Andrejka\Desktop\Internetové bankovnictví - 28112012.pdf
2017-01-31 17:17 - 2017-01-31 17:17 - 00064212 _____ C:\Users\Andrejka\Desktop\Internetové bankovnictví 07012016.pdf
2017-01-31 17:16 - 2017-01-31 17:16 - 00074219 _____ C:\Users\Andrejka\Desktop\Internetové bankovnictví 7012016.pdf
2017-01-31 17:14 - 2017-01-31 17:14 - 00093744 _____ C:\Users\Andrejka\Downloads\Internetové-bankovnictví-17.11.2016-do-5.1.2017.pdf
2017-01-31 16:49 - 2017-01-31 16:49 - 00003639 _____ C:\Users\Andrejka\Documents\Můj film.wlmp
2017-01-31 14:32 - 2017-01-31 14:32 - 00155644 _____ C:\Users\Andrejka\Downloads\Prodejka-za-hotove.pdf
2017-01-31 14:08 - 2017-01-31 14:08 - 00038005 _____ C:\Users\Andrejka\Desktop\rekapitulace.pdf
2017-01-31 14:07 - 2017-01-31 14:07 - 00123112 _____ C:\Users\Andrejka\Desktop\Objednávka č.201700567 - Nonstopstavebniny.pdf
2017-01-31 11:40 - 2017-01-31 11:40 - 00103432 _____ C:\Users\Andrejka\Desktop\RE_ Daňový doklad zálohy PRODOMOS.pdf
2017-01-30 15:48 - 2017-01-30 15:49 - 17516255 _____ ( ) C:\Users\Andrejka\Downloads\instalujmzdy.exe
2017-01-30 15:47 - 2017-02-04 20:38 - 00000000 ____D C:\PFSW
2017-01-30 15:35 - 2017-01-30 15:36 - 85957207 _____ (ing. Pavel Macek ) C:\Users\Andrejka\Downloads\StartPF.exe
2017-01-28 10:24 - 2017-01-28 10:24 - 01559758 _____ C:\Users\Andrejka\Downloads\manual_sbirky (2).pdf
2017-01-27 22:25 - 2017-01-27 22:31 - 390968983 _____ (ČAPEK - WinDUO, s.r.o.) C:\Users\Andrejka\Downloads\WinDUO.exe
2017-01-27 22:20 - 2017-01-27 22:22 - 160795862 _____ (DeCe COMPUTERS s.r.o. Děčín ) C:\Users\Andrejka\Downloads\demouctw.exe
2017-01-27 22:01 - 2017-01-27 22:01 - 00010790 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20161101-20161130_cislo-11.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00008060 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20161201-20161231_cislo-12.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00006240 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160801-20160831_cislo-8.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00005980 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160501-20160531_cislo-5.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00005590 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160901-20160930_cislo-9.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00004290 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160601-20160630_cislo-6.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00003770 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160201-20160229_cislo-2.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00003770 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160101-20160131_cislo-1.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00003380 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160401-20160430_cislo-4.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00003380 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160301-20160331_cislo-3.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00002210 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20161001-20161031_cislo-10.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00002080 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160701-20160731_cislo-7.gpc
2017-01-27 21:56 - 2017-01-27 21:56 - 00014170 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20151101-20151130_cislo-2.gpc
2017-01-27 21:56 - 2017-01-27 21:56 - 00011310 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20151201-20151231_cislo-3.gpc
2017-01-27 21:56 - 2017-01-27 21:56 - 00007280 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20151021-20151031_cislo-1.gpc
2017-01-27 21:47 - 2017-01-27 21:47 - 00025696 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20151101-20151130_cislo-2.csv
2017-01-27 21:47 - 2017-01-27 21:47 - 00021721 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20151201-20151231_cislo-3.csv
2017-01-27 21:47 - 2017-01-27 21:47 - 00013198 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20151021-20151031_cislo-1.csv
2017-01-27 21:47 - 2017-01-27 21:47 - 00008003 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160101-20160131_cislo-1.csv
2017-01-27 21:40 - 2017-01-27 22:10 - 00000000 ____D C:\ProgramData\Atma10
2017-01-27 21:38 - 2017-01-27 21:38 - 41996742 _____ (ATMA Vratislav Bělský ) C:\Users\Andrejka\Downloads\SetupAtma1038.exe
2017-01-27 16:14 - 2017-01-27 16:14 - 00941034 _____ C:\Users\Andrejka\Downloads\1414145162_0_1372261250_0_pruvodce-obcanskym-zakonikem-pro-nadace-a-nadacni-fondy_fd-(5).pdf
2017-01-27 15:19 - 2017-01-27 15:19 - 00049320 _____ C:\Users\Andrejka\Downloads\1300719933_0_povinnosti_nadaci (1).pdf
2017-01-27 15:12 - 2017-01-27 15:12 - 00722432 _____ C:\Users\Andrejka\Downloads\UCZAV_NO16 (1).xls
2017-01-27 13:35 - 2017-01-27 13:35 - 00070835 _____ C:\Users\Andrejka\Downloads\Jak a kdy využít marketingové materiály.pdf
2017-01-27 13:35 - 2017-01-27 13:35 - 00063117 _____ C:\Users\Andrejka\Downloads\E-maily podporovatelům_zima-jaro.pdf
2017-01-27 13:35 - 2017-01-27 13:35 - 00058067 _____ C:\Users\Andrejka\Downloads\Texty pro web_zima-jaro.pdf
2017-01-27 13:35 - 2017-01-27 13:35 - 00049726 _____ C:\Users\Andrejka\Downloads\Facebook statusy_zima-jaro.pdf
2017-01-27 11:56 - 2017-01-28 08:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-26 22:25 - 2017-01-26 22:25 - 00443814 _____ C:\Users\Andrejka\Documents\Nadační fond.pdf
2017-01-26 22:15 - 2017-01-26 22:15 - 00047470 _____ C:\Users\Andrejka\Downloads\Pohyb_13885653719_na_uctu_2700977831.pdf
2017-01-26 10:21 - 2017-01-26 10:21 - 00000110 ____H C:\Users\Andrejka\Downloads\16358736_1619463874737461_1518917587_n.jpg.uid-zps
2017-01-24 22:15 - 2017-01-24 22:15 - 00213280 _____ C:\Users\Andrejka\Downloads\XPrijC160401214C.pdf
2017-01-24 22:14 - 2017-01-24 22:14 - 00842713 _____ C:\Users\Andrejka\Downloads\podaci_listek-2017-24-01-22-14-07.pdf
2017-01-24 22:10 - 2017-01-24 22:10 - 00214802 _____ C:\Users\Andrejka\Documents\Příjem - 4čtvrtletí.pdf
2017-01-24 21:54 - 2017-01-24 21:54 - 00022528 _____ C:\Users\Andrejka\Documents\Návštěvnost.xls
2017-01-24 21:47 - 2017-01-24 21:49 - 00022016 _____ C:\Users\Andrejka\Documents\Výsledková listina.xls
2017-01-24 21:27 - 2017-01-24 21:27 - 00010236 _____ C:\Users\Andrejka\Documents\Evidence spotřeby.xlsx
2017-01-24 20:47 - 2017-01-24 20:47 - 00010806 _____ C:\Users\Andrejka\Documents\Výsledková listina.xlsx
2017-01-24 11:01 - 2017-01-24 11:01 - 00079996 _____ C:\Users\Andrejka\Documents\PLNÁ MOC.pdf
2017-01-24 10:29 - 2017-01-24 11:02 - 00079996 _____ C:\Users\Andrejka\Documents\PLNÁ MOC-vydání věci.pdf
2017-01-23 17:08 - 2017-01-23 17:08 - 00047794 _____ C:\Users\Andrejka\Downloads\Pohyb_13883837275_na_uctu_2700977831.pdf
2017-01-23 17:05 - 2017-01-23 17:05 - 00025221 _____ C:\Users\Andrejka\Documents\Internetové bankovnictví.trojcata.pdf
2017-01-23 15:32 - 2017-01-23 15:32 - 00199519 _____ C:\Users\Andrejka\Downloads\434416768_1_Poučení_pošk__právnické_osoby_v_tr_ř_-poučení_poškozeného.pdf
2017-01-23 15:32 - 2017-01-23 15:32 - 00186946 _____ C:\Users\Andrejka\Downloads\434467775_0_Usn__o_vrácení__vyd___věci___80_1_tr__ř_-Usnesení_nadace.pdf
2017-01-23 15:32 - 2017-01-23 15:32 - 00160199 _____ C:\Users\Andrejka\Downloads\434416768_0_-vyčíslení_škody.pdf
2017-01-23 15:29 - 2017-01-23 15:29 - 00497668 _____ C:\Users\Andrejka\Downloads\434648411_0_TPAdamTantu.doc.pdf
2017-01-23 13:10 - 2017-01-23 13:10 - 00001040 _____ C:\Users\Andrejka\Downloads\ali.txt
2017-01-23 12:51 - 2017-01-23 12:52 - 210986104 _____ ( ) C:\Users\Andrejka\Downloads\duelsetup-13-1-0-32000.exe
2017-01-23 11:07 - 2017-01-23 11:07 - 00176391 _____ C:\Users\Andrejka\Documents\Faktura 17FV510100000136.PDF
2017-01-23 10:44 - 2017-01-23 10:44 - 00134384 _____ C:\Users\Andrejka\Downloads\Faktura_0013247430_4576497300_1607013439.PDF
2017-01-21 10:33 - 2017-01-21 10:33 - 00062041 _____ C:\Users\Andrejka\Documents\připojení.pdf
2017-01-20 11:20 - 2017-01-20 11:38 - 00000000 ____D C:\Users\Andrejka\AppData\Local\Neopokladna
2017-01-20 11:19 - 2017-01-20 11:20 - 00000000 ____D C:\Program Files (x86)\Neopokladna
2017-01-19 16:37 - 2017-01-19 16:37 - 00107546 _____ C:\Users\Andrejka\Downloads\Darovací smlouva NFDS- finanční dar (4).pdf
2017-01-15 00:47 - 2017-01-15 00:47 - 87238672 _____ (Ježek software s.r.o. ) C:\Users\Andrejka\Downloads\stereo-2500.exe
2017-01-15 00:34 - 2017-01-15 00:35 - 00000000 ____D C:\Users\Andrejka\Downloads\SQLManagementStudio_2014_x64_ENU
2017-01-15 00:34 - 2017-01-15 00:34 - 00000000 ____D C:\Users\Andrejka\AppData\Local\Microsoft_Corporation
2017-01-15 00:27 - 2017-01-15 00:29 - 00000000 ____D C:\Users\Andrejka\Downloads\sqlexpr2014_64
2017-01-14 09:59 - 2017-01-14 09:59 - 00000000 ____D C:\Users\Andrejka\EET-UČTENKY
2017-01-14 09:57 - 2017-01-14 09:57 - 00000000 ____D C:\Users\Andrejka\Documents\jsweet
2017-01-10 14:19 - 2017-01-10 14:19 - 00113762 _____ C:\Users\Andrejka\Downloads\Nákup v Číně 7.1.2017.xlsx
2017-01-10 12:15 - 2017-01-15 00:39 - 00000000 ____D C:\ProgramData\firebird
2017-01-10 12:15 - 2017-01-10 12:15 - 00000000 ____D C:\ABX
2017-01-05 23:25 - 2017-01-05 23:25 - 00107546 _____ C:\Users\Andrejka\Downloads\Darovací smlouva NFDS- finanční dar (3).pdf
2017-01-05 16:31 - 2017-01-05 16:31 - 00061681 _____ C:\Users\Andrejka\Documents\záložky_05.01.17.html
2017-01-05 08:29 - 2017-01-05 08:29 - 00156324 _____ C:\Users\Andrejka\Documents\ŽIVOTOPIS.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-04 20:43 - 2016-07-31 15:50 - 00000000 ____D C:\Users\Andrejka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Battlelog.co
2017-02-04 20:43 - 2016-07-31 15:50 - 00000000 ____D C:\Users\Andrejka\AppData\Local\bf2battlelog
2017-02-04 20:43 - 2015-12-11 10:49 - 00000000 ____D C:\Users\Andrejka
2017-02-04 20:25 - 2016-11-20 10:39 - 00000000 ____D C:\Users\Andrejka\AppData\LocalLow\Mozilla
2017-02-04 20:19 - 2015-12-14 09:02 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-04 12:32 - 2015-12-11 13:00 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2017-02-04 11:59 - 2016-09-23 21:13 - 00000000 ____D C:\Users\Andrejka\Counter-Strike 1.6
2017-02-04 10:13 - 2009-07-14 05:45 - 00018416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-04 10:13 - 2009-07-14 05:45 - 00018416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-04 10:08 - 2009-07-14 16:18 - 00668792 _____ C:\Windows\system32\perfh005.dat
2017-02-04 10:08 - 2009-07-14 16:18 - 00141420 _____ C:\Windows\system32\perfc005.dat
2017-02-04 10:08 - 2009-07-14 06:13 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-04 10:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-02-04 10:02 - 2015-12-11 13:00 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2017-02-04 10:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-03 11:15 - 2016-01-12 19:08 - 00000000 ____D C:\Users\Andrejka\AppData\Local\Deployment
2017-01-31 15:22 - 2016-01-07 15:28 - 00000000 ____D C:\Users\Andrejka\Documents\Dokumenty fondu
2017-01-30 08:17 - 2016-11-22 15:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-01-30 08:17 - 2015-12-11 12:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-27 22:33 - 2016-01-13 08:25 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-26 15:27 - 2016-01-15 21:26 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-01-23 12:56 - 2017-01-04 16:38 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2017-01-22 09:37 - 2016-10-05 13:44 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-20 11:38 - 2016-01-29 19:11 - 00000000 ____D C:\Users\Andrejka\AppData\Local\CrashDumps
2017-01-18 13:24 - 2015-12-11 12:08 - 00000000 ____D C:\ProgramData\Oracle
2017-01-18 13:17 - 2015-12-14 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-18 13:17 - 2015-12-14 08:59 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-18 13:16 - 2015-12-14 08:59 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-01-13 16:25 - 2016-10-24 11:39 - 00000000 ____D C:\Users\Andrejka\Documents\Eliška
2017-01-12 20:10 - 2015-12-13 03:59 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-10 18:19 - 2015-12-14 09:02 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-10 18:19 - 2015-12-14 09:02 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-10 18:19 - 2015-12-14 09:02 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-10 18:19 - 2015-12-14 09:02 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-10 18:19 - 2015-12-14 09:02 - 00000000 ____D C:\Windows\system32\Macromed
==================== Files in the root of some directories =======
Files to move or delete:
====================
C:\Users\Andrejka\ts3client_win64.exe
Some files in TEMP:
====================
2017-01-18 13:08 - 2017-01-18 13:08 - 0739904 _____ (Oracle Corporation) C:\Users\Andrejka\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-01-22 00:34 - 2017-01-22 00:34 - 13977352 _____ (Microsoft Corporation) C:\Users\Andrejka\AppData\Local\Temp\vcredist_x86.exe
2007-08-31 12:12 - 2007-08-31 12:12 - 0460248 ____R (Macrovision Corporation) C:\Users\Andrejka\AppData\Local\Temp\_is293E.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Andrejka\Desktop" je 23 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
v chromu při kliknutí kamkoliv čí psaní , vyskakují nevyžádaná okna s pornem, soutěží nebo stránky , které se tváří, že jsou od Microsoftu.
Pročistili jsme pc Adwar cleanerem ale okna stále vyskakují.
Děkuji předem za pomoc a ochotu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
Ran by Andrejka (administrator) on A-PC (04-02-2017 20:44:32)
Running from C:\Users\Andrejka\Desktop
Loaded Profiles: Andrejka & UpdatusUser (Available Profiles: Andrejka & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CÍGLER SOFTWARE, a.s.) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MS3Auto.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) C:\Users\Andrejka\AppData\Local\Apps\2.0\Q0Q5A74O.597\4Y0E0VKT.BL4\lsb...tion_2d7b41b05b24775e_0001.0006_4ccd0b1bea5227ca\LSB.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(forum.viry.cz) C:\Users\Andrejka\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AmIcoSinglun64] => c:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [368728 2012-04-27] (Alcor Micro Corp.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2899216 2012-04-18] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [410896 2012-04-18] (Synaptics)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2016-01-31] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6199128 2016-01-31] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [548864 2011-12-09] (Vimicro)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2849641181-2342539820-3421546230-1000\...\Run: [GoogleChromeAutoLaunch_74A5810E6D4D1CD89630C5C531BBBE6A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1104728 2016-12-08] (Google Inc.)
HKU\S-1-5-21-2849641181-2342539820-3421546230-1000\...\Run: [S3Automatic] => C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MS3Auto.exe [31631312 2016-11-29] (CÍGLER SOFTWARE, a.s.)
HKU\S-1-5-21-2849641181-2342539820-3421546230-1000\...\Run: [S3AutomaticSTART] => C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MS3Auto.exe [31631312 2016-11-29] (CÍGLER SOFTWARE, a.s.)
HKU\S-1-5-21-2849641181-2342539820-3421546230-1000\...\MountPoints2: D - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2849641181-2342539820-3421546230-1000\...\MountPoints2: {16fefc62-c8e8-11e6-b291-3c970e337901} - D:\HiSuiteDownLoader.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156256 2013-12-26] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.132.31.132 31.132.31.232
Tcpip\..\Interfaces\{AC4373F7-BA43-4474-AB3C-39B1D7D60CE2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F8E0EED6-D2C0-46E5-8400-9C886B6FE3EC}: [DhcpNameServer] 31.132.31.132 31.132.31.232
Internet Explorer:
==================
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
FireFox:
========
FF DefaultProfile: 5xguzx17.default
FF ProfilePath: C:\Users\Andrejka\AppData\Roaming\Mozilla\Firefox\Profiles\5xguzx17.default [2017-02-04]
FF NewTab: Mozilla\Firefox\Profiles\5xguzx17.default -> hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... 8_CZ_ff_nt_
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\5xguzx17.default -> Amazon
FF Homepage: Mozilla\Firefox\Profiles\5xguzx17.default -> www.google.cz/
FF Extension: (Google Translator for Firefox) - C:\Users\Andrejka\AppData\Roaming\Mozilla\Firefox\Profiles\5xguzx17.default\Extensions\translator@zoli.bod.xpi [2017-02-02]
FF Extension: (Diagnostics) - C:\Users\Andrejka\AppData\Roaming\Mozilla\Firefox\Profiles\5xguzx17.default\features\{d512048d-0315-4eaf-b5b0-c6fb3fde60ec}\diagnostics@mozilla.org.xpi [2017-02-02]
FF Extension: (Send HSTS Priming Requests) - C:\Users\Andrejka\AppData\Roaming\Mozilla\Firefox\Profiles\5xguzx17.default\features\{d512048d-0315-4eaf-b5b0-c6fb3fde60ec}\hsts-priming@mozilla.org.xpi [2017-02-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2849641181-2342539820-3421546230-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Andrejka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)
Chrome:
=======
CHR Profile: C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default [2017-02-04]
CHR Extension: (Prezentace Google) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-16]
CHR Extension: (Dokumenty Google) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-16]
CHR Extension: (Disk Google) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-16]
CHR Extension: (YouTube) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-16]
CHR Extension: (Export History) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknbcfebliancjjedjblkhfefoppcedo [2016-12-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Diep Friends - by Creators of Agar.pw) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbhaejibfpkjkblcnhccangahmmlgejd [2016-08-15]
CHR Extension: (Tabulky Google) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-16]
CHR Extension: (GIVT.cz) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggfjoibkmcdpipebclkmekplmdjhmkop [2016-12-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-31]
CHR Extension: (Agar/Slither Infinity) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnhheoadpkhnhicikbeaikololmoegma [2016-10-30]
CHR Extension: (Tlačítko Pin It) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-11-01]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-01-31]
CHR Extension: (FormApps Chrome Extension) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2016-08-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-16]
CHR Extension: (Chrome Media Router) - C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]
CHR Profile: C:\Users\Andrejka\AppData\Local\Google\Chrome\User Data\System Profile [2016-03-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-29] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-29] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272864 2015-12-10] (Lenovo)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1318128 2017-01-23] (Overwolf LTD)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6887696 2015-11-30] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 SmbDrvIntel; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27408 2012-04-18] (Synaptics Incorporated)
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-04 20:44 - 2017-02-04 20:44 - 00021366 _____ C:\Users\Andrejka\Desktop\FRST.txt
2017-02-04 20:31 - 2017-02-04 20:31 - 00000000 ____D C:\FRST
2017-02-04 20:30 - 2017-02-04 20:30 - 00112640 _____ (forum.viry.cz) C:\Users\Andrejka\Desktop\FRSTLauncher.exe
2017-02-04 20:28 - 2017-02-04 20:28 - 02420736 _____ (Farbar) C:\Users\Andrejka\Desktop\FRST64.exe
2017-02-02 15:05 - 2017-02-02 15:05 - 00077146 _____ C:\Users\Andrejka\Desktop\otvíračka pátek.pdf
2017-02-02 11:08 - 2017-02-02 11:10 - 00000000 ____D C:\AdwCleaner
2017-02-02 11:06 - 2017-02-02 11:07 - 04015056 _____ C:\Users\Andrejka\Downloads\adwcleaner_6.043.exe
2017-02-02 10:54 - 2017-02-02 10:54 - 20229480 _____ C:\Users\Andrejka\Downloads\FISKARS- CENÍKY.zip
2017-02-01 09:38 - 2017-02-01 09:38 - 00000110 ____H C:\Users\Andrejka\Downloads\16467311_1626962380654277_948502074_n.jpg.uid-zps
2017-02-01 09:38 - 2017-02-01 09:38 - 00000110 ____H C:\Users\Andrejka\Downloads\16466994_1626962403987608_2133468565_n.jpg.uid-zps
2017-02-01 09:38 - 2017-02-01 09:38 - 00000110 ____H C:\Users\Andrejka\Downloads\16442926_1626960257321156_1995635054_o.jpg.uid-zps
2017-02-01 09:38 - 2017-02-01 09:38 - 00000110 ____H C:\Users\Andrejka\Downloads\16389418_1626960100654505_437363031_o.jpg.uid-zps
2017-02-01 09:37 - 2017-02-01 09:37 - 00000110 ____H C:\Users\Andrejka\Downloads\16467308_1626962367320945_1218474671_n.jpg.uid-zps
2017-01-31 17:30 - 2017-01-31 17:30 - 00068109 _____ C:\Users\Andrejka\Desktop\Internetové bankovnictví vs3.pdf
2017-01-31 17:22 - 2017-01-31 17:22 - 00025221 _____ C:\Users\Andrejka\Downloads\Internetové-bankovnictví.trojcata.pdf
2017-01-31 17:21 - 2017-01-31 17:21 - 00070337 _____ C:\Users\Andrejka\Desktop\Internetové bankovnictví - 28112012.pdf
2017-01-31 17:17 - 2017-01-31 17:17 - 00064212 _____ C:\Users\Andrejka\Desktop\Internetové bankovnictví 07012016.pdf
2017-01-31 17:16 - 2017-01-31 17:16 - 00074219 _____ C:\Users\Andrejka\Desktop\Internetové bankovnictví 7012016.pdf
2017-01-31 17:14 - 2017-01-31 17:14 - 00093744 _____ C:\Users\Andrejka\Downloads\Internetové-bankovnictví-17.11.2016-do-5.1.2017.pdf
2017-01-31 16:49 - 2017-01-31 16:49 - 00003639 _____ C:\Users\Andrejka\Documents\Můj film.wlmp
2017-01-31 14:32 - 2017-01-31 14:32 - 00155644 _____ C:\Users\Andrejka\Downloads\Prodejka-za-hotove.pdf
2017-01-31 14:08 - 2017-01-31 14:08 - 00038005 _____ C:\Users\Andrejka\Desktop\rekapitulace.pdf
2017-01-31 14:07 - 2017-01-31 14:07 - 00123112 _____ C:\Users\Andrejka\Desktop\Objednávka č.201700567 - Nonstopstavebniny.pdf
2017-01-31 11:40 - 2017-01-31 11:40 - 00103432 _____ C:\Users\Andrejka\Desktop\RE_ Daňový doklad zálohy PRODOMOS.pdf
2017-01-30 15:48 - 2017-01-30 15:49 - 17516255 _____ ( ) C:\Users\Andrejka\Downloads\instalujmzdy.exe
2017-01-30 15:47 - 2017-02-04 20:38 - 00000000 ____D C:\PFSW
2017-01-30 15:35 - 2017-01-30 15:36 - 85957207 _____ (ing. Pavel Macek ) C:\Users\Andrejka\Downloads\StartPF.exe
2017-01-28 10:24 - 2017-01-28 10:24 - 01559758 _____ C:\Users\Andrejka\Downloads\manual_sbirky (2).pdf
2017-01-27 22:25 - 2017-01-27 22:31 - 390968983 _____ (ČAPEK - WinDUO, s.r.o.) C:\Users\Andrejka\Downloads\WinDUO.exe
2017-01-27 22:20 - 2017-01-27 22:22 - 160795862 _____ (DeCe COMPUTERS s.r.o. Děčín ) C:\Users\Andrejka\Downloads\demouctw.exe
2017-01-27 22:01 - 2017-01-27 22:01 - 00010790 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20161101-20161130_cislo-11.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00008060 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20161201-20161231_cislo-12.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00006240 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160801-20160831_cislo-8.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00005980 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160501-20160531_cislo-5.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00005590 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160901-20160930_cislo-9.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00004290 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160601-20160630_cislo-6.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00003770 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160201-20160229_cislo-2.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00003770 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160101-20160131_cislo-1.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00003380 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160401-20160430_cislo-4.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00003380 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160301-20160331_cislo-3.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00002210 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20161001-20161031_cislo-10.gpc
2017-01-27 22:01 - 2017-01-27 22:01 - 00002080 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160701-20160731_cislo-7.gpc
2017-01-27 21:56 - 2017-01-27 21:56 - 00014170 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20151101-20151130_cislo-2.gpc
2017-01-27 21:56 - 2017-01-27 21:56 - 00011310 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20151201-20151231_cislo-3.gpc
2017-01-27 21:56 - 2017-01-27 21:56 - 00007280 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20151021-20151031_cislo-1.gpc
2017-01-27 21:47 - 2017-01-27 21:47 - 00025696 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20151101-20151130_cislo-2.csv
2017-01-27 21:47 - 2017-01-27 21:47 - 00021721 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20151201-20151231_cislo-3.csv
2017-01-27 21:47 - 2017-01-27 21:47 - 00013198 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20151021-20151031_cislo-1.csv
2017-01-27 21:47 - 2017-01-27 21:47 - 00008003 _____ C:\Users\Andrejka\Downloads\Vypis_z_uctu-2300880854_20160101-20160131_cislo-1.csv
2017-01-27 21:40 - 2017-01-27 22:10 - 00000000 ____D C:\ProgramData\Atma10
2017-01-27 21:38 - 2017-01-27 21:38 - 41996742 _____ (ATMA Vratislav Bělský ) C:\Users\Andrejka\Downloads\SetupAtma1038.exe
2017-01-27 16:14 - 2017-01-27 16:14 - 00941034 _____ C:\Users\Andrejka\Downloads\1414145162_0_1372261250_0_pruvodce-obcanskym-zakonikem-pro-nadace-a-nadacni-fondy_fd-(5).pdf
2017-01-27 15:19 - 2017-01-27 15:19 - 00049320 _____ C:\Users\Andrejka\Downloads\1300719933_0_povinnosti_nadaci (1).pdf
2017-01-27 15:12 - 2017-01-27 15:12 - 00722432 _____ C:\Users\Andrejka\Downloads\UCZAV_NO16 (1).xls
2017-01-27 13:35 - 2017-01-27 13:35 - 00070835 _____ C:\Users\Andrejka\Downloads\Jak a kdy využít marketingové materiály.pdf
2017-01-27 13:35 - 2017-01-27 13:35 - 00063117 _____ C:\Users\Andrejka\Downloads\E-maily podporovatelům_zima-jaro.pdf
2017-01-27 13:35 - 2017-01-27 13:35 - 00058067 _____ C:\Users\Andrejka\Downloads\Texty pro web_zima-jaro.pdf
2017-01-27 13:35 - 2017-01-27 13:35 - 00049726 _____ C:\Users\Andrejka\Downloads\Facebook statusy_zima-jaro.pdf
2017-01-27 11:56 - 2017-01-28 08:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-26 22:25 - 2017-01-26 22:25 - 00443814 _____ C:\Users\Andrejka\Documents\Nadační fond.pdf
2017-01-26 22:15 - 2017-01-26 22:15 - 00047470 _____ C:\Users\Andrejka\Downloads\Pohyb_13885653719_na_uctu_2700977831.pdf
2017-01-26 10:21 - 2017-01-26 10:21 - 00000110 ____H C:\Users\Andrejka\Downloads\16358736_1619463874737461_1518917587_n.jpg.uid-zps
2017-01-24 22:15 - 2017-01-24 22:15 - 00213280 _____ C:\Users\Andrejka\Downloads\XPrijC160401214C.pdf
2017-01-24 22:14 - 2017-01-24 22:14 - 00842713 _____ C:\Users\Andrejka\Downloads\podaci_listek-2017-24-01-22-14-07.pdf
2017-01-24 22:10 - 2017-01-24 22:10 - 00214802 _____ C:\Users\Andrejka\Documents\Příjem - 4čtvrtletí.pdf
2017-01-24 21:54 - 2017-01-24 21:54 - 00022528 _____ C:\Users\Andrejka\Documents\Návštěvnost.xls
2017-01-24 21:47 - 2017-01-24 21:49 - 00022016 _____ C:\Users\Andrejka\Documents\Výsledková listina.xls
2017-01-24 21:27 - 2017-01-24 21:27 - 00010236 _____ C:\Users\Andrejka\Documents\Evidence spotřeby.xlsx
2017-01-24 20:47 - 2017-01-24 20:47 - 00010806 _____ C:\Users\Andrejka\Documents\Výsledková listina.xlsx
2017-01-24 11:01 - 2017-01-24 11:01 - 00079996 _____ C:\Users\Andrejka\Documents\PLNÁ MOC.pdf
2017-01-24 10:29 - 2017-01-24 11:02 - 00079996 _____ C:\Users\Andrejka\Documents\PLNÁ MOC-vydání věci.pdf
2017-01-23 17:08 - 2017-01-23 17:08 - 00047794 _____ C:\Users\Andrejka\Downloads\Pohyb_13883837275_na_uctu_2700977831.pdf
2017-01-23 17:05 - 2017-01-23 17:05 - 00025221 _____ C:\Users\Andrejka\Documents\Internetové bankovnictví.trojcata.pdf
2017-01-23 15:32 - 2017-01-23 15:32 - 00199519 _____ C:\Users\Andrejka\Downloads\434416768_1_Poučení_pošk__právnické_osoby_v_tr_ř_-poučení_poškozeného.pdf
2017-01-23 15:32 - 2017-01-23 15:32 - 00186946 _____ C:\Users\Andrejka\Downloads\434467775_0_Usn__o_vrácení__vyd___věci___80_1_tr__ř_-Usnesení_nadace.pdf
2017-01-23 15:32 - 2017-01-23 15:32 - 00160199 _____ C:\Users\Andrejka\Downloads\434416768_0_-vyčíslení_škody.pdf
2017-01-23 15:29 - 2017-01-23 15:29 - 00497668 _____ C:\Users\Andrejka\Downloads\434648411_0_TPAdamTantu.doc.pdf
2017-01-23 13:10 - 2017-01-23 13:10 - 00001040 _____ C:\Users\Andrejka\Downloads\ali.txt
2017-01-23 12:51 - 2017-01-23 12:52 - 210986104 _____ ( ) C:\Users\Andrejka\Downloads\duelsetup-13-1-0-32000.exe
2017-01-23 11:07 - 2017-01-23 11:07 - 00176391 _____ C:\Users\Andrejka\Documents\Faktura 17FV510100000136.PDF
2017-01-23 10:44 - 2017-01-23 10:44 - 00134384 _____ C:\Users\Andrejka\Downloads\Faktura_0013247430_4576497300_1607013439.PDF
2017-01-21 10:33 - 2017-01-21 10:33 - 00062041 _____ C:\Users\Andrejka\Documents\připojení.pdf
2017-01-20 11:20 - 2017-01-20 11:38 - 00000000 ____D C:\Users\Andrejka\AppData\Local\Neopokladna
2017-01-20 11:19 - 2017-01-20 11:20 - 00000000 ____D C:\Program Files (x86)\Neopokladna
2017-01-19 16:37 - 2017-01-19 16:37 - 00107546 _____ C:\Users\Andrejka\Downloads\Darovací smlouva NFDS- finanční dar (4).pdf
2017-01-15 00:47 - 2017-01-15 00:47 - 87238672 _____ (Ježek software s.r.o. ) C:\Users\Andrejka\Downloads\stereo-2500.exe
2017-01-15 00:34 - 2017-01-15 00:35 - 00000000 ____D C:\Users\Andrejka\Downloads\SQLManagementStudio_2014_x64_ENU
2017-01-15 00:34 - 2017-01-15 00:34 - 00000000 ____D C:\Users\Andrejka\AppData\Local\Microsoft_Corporation
2017-01-15 00:27 - 2017-01-15 00:29 - 00000000 ____D C:\Users\Andrejka\Downloads\sqlexpr2014_64
2017-01-14 09:59 - 2017-01-14 09:59 - 00000000 ____D C:\Users\Andrejka\EET-UČTENKY
2017-01-14 09:57 - 2017-01-14 09:57 - 00000000 ____D C:\Users\Andrejka\Documents\jsweet
2017-01-10 14:19 - 2017-01-10 14:19 - 00113762 _____ C:\Users\Andrejka\Downloads\Nákup v Číně 7.1.2017.xlsx
2017-01-10 12:15 - 2017-01-15 00:39 - 00000000 ____D C:\ProgramData\firebird
2017-01-10 12:15 - 2017-01-10 12:15 - 00000000 ____D C:\ABX
2017-01-05 23:25 - 2017-01-05 23:25 - 00107546 _____ C:\Users\Andrejka\Downloads\Darovací smlouva NFDS- finanční dar (3).pdf
2017-01-05 16:31 - 2017-01-05 16:31 - 00061681 _____ C:\Users\Andrejka\Documents\záložky_05.01.17.html
2017-01-05 08:29 - 2017-01-05 08:29 - 00156324 _____ C:\Users\Andrejka\Documents\ŽIVOTOPIS.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-04 20:43 - 2016-07-31 15:50 - 00000000 ____D C:\Users\Andrejka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Battlelog.co
2017-02-04 20:43 - 2016-07-31 15:50 - 00000000 ____D C:\Users\Andrejka\AppData\Local\bf2battlelog
2017-02-04 20:43 - 2015-12-11 10:49 - 00000000 ____D C:\Users\Andrejka
2017-02-04 20:25 - 2016-11-20 10:39 - 00000000 ____D C:\Users\Andrejka\AppData\LocalLow\Mozilla
2017-02-04 20:19 - 2015-12-14 09:02 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-04 12:32 - 2015-12-11 13:00 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2017-02-04 11:59 - 2016-09-23 21:13 - 00000000 ____D C:\Users\Andrejka\Counter-Strike 1.6
2017-02-04 10:13 - 2009-07-14 05:45 - 00018416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-04 10:13 - 2009-07-14 05:45 - 00018416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-04 10:08 - 2009-07-14 16:18 - 00668792 _____ C:\Windows\system32\perfh005.dat
2017-02-04 10:08 - 2009-07-14 16:18 - 00141420 _____ C:\Windows\system32\perfc005.dat
2017-02-04 10:08 - 2009-07-14 06:13 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-04 10:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-02-04 10:02 - 2015-12-11 13:00 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2017-02-04 10:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-03 11:15 - 2016-01-12 19:08 - 00000000 ____D C:\Users\Andrejka\AppData\Local\Deployment
2017-01-31 15:22 - 2016-01-07 15:28 - 00000000 ____D C:\Users\Andrejka\Documents\Dokumenty fondu
2017-01-30 08:17 - 2016-11-22 15:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-01-30 08:17 - 2015-12-11 12:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-27 22:33 - 2016-01-13 08:25 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-26 15:27 - 2016-01-15 21:26 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-01-23 12:56 - 2017-01-04 16:38 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2017-01-22 09:37 - 2016-10-05 13:44 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-20 11:38 - 2016-01-29 19:11 - 00000000 ____D C:\Users\Andrejka\AppData\Local\CrashDumps
2017-01-18 13:24 - 2015-12-11 12:08 - 00000000 ____D C:\ProgramData\Oracle
2017-01-18 13:17 - 2015-12-14 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-18 13:17 - 2015-12-14 08:59 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-18 13:16 - 2015-12-14 08:59 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-01-13 16:25 - 2016-10-24 11:39 - 00000000 ____D C:\Users\Andrejka\Documents\Eliška
2017-01-12 20:10 - 2015-12-13 03:59 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-10 18:19 - 2015-12-14 09:02 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-10 18:19 - 2015-12-14 09:02 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-10 18:19 - 2015-12-14 09:02 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-10 18:19 - 2015-12-14 09:02 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-10 18:19 - 2015-12-14 09:02 - 00000000 ____D C:\Windows\system32\Macromed
==================== Files in the root of some directories =======
Files to move or delete:
====================
C:\Users\Andrejka\ts3client_win64.exe
Some files in TEMP:
====================
2017-01-18 13:08 - 2017-01-18 13:08 - 0739904 _____ (Oracle Corporation) C:\Users\Andrejka\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-01-22 00:34 - 2017-01-22 00:34 - 13977352 _____ (Microsoft Corporation) C:\Users\Andrejka\AppData\Local\Temp\vcredist_x86.exe
2007-08-31 12:12 - 2007-08-31 12:12 - 0460248 ____R (Macrovision Corporation) C:\Users\Andrejka\AppData\Local\Temp\_is293E.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Andrejka\Desktop" je 23 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================