Malware blokující odkazy na FCB

[agas]

Dobrý den,

před několika dny mi FCB zablokoval sdílení odkazů s tím, že mám na počítači malware a že mi to odblokují po jeho odstranění. Než jsem se k tomu dostal, tak se to sice zase rozchodilo, ale když jsem si už na čísi radu stáhnul "eScan Antivirus & Spyware Toolkit Utility" a projel jsem tím svůj notebook (sken trval nekonečně dlouho - noc a den), :-O rád bych se zeptal, jestli to, co tam bylo nalezeno, je nějak nebezpečné, a pokud ano, jak se toho zbavit (ta utilitka mi píše, že pokud se toho chci zbavit, mám si koupit eScan, což je cca 60 dolarů na rok a nevím, jestli není nějaké lacinější cesty).

Ukázalo mi to 17 kritických objektů a celkem 87 chyb (což je vše typu "Záznam ten a ten odkazuje na neplatný objekt ten a ten").

Z těch 17 kritických objektů bylo šest jasně identifikovatelných, takže jsem je vyhledal a smazal do koše (koš jsem zatím nevysypal):

Kód: Vybrat vše

Soubor C:\Program Files (x86)\Avidemux 2.6\uninstall.exe je infikovaný virem Gen:Trojan.Heur.P.bK4@feqEJeo (DB) !! Provedené akce: Ponecháno, neodstraněno!.

Soubor C:\Program Files (x86)\freac\iconv.dll je infikovaný virem Gen:Trojan.Heur.P.3O4@fekxoDb (DB) !! Provedené akce: Ponecháno, neodstraněno!.

Soubor C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe je infikovaný virem Gen:Trojan.Heur.P.bK4@fekvI9f (DB) !! Provedené akce: Ponecháno, neodstraněno!.

Soubor C:\Users\petr.hruska\Documents\PODKLADY\VOŠ\filosofie\Platon---kratylos.rar je infikovaný virem Exe.Corrupted !! Provedené akce: Ponecháno, neodstraněno!.

Soubor C:\Users\petr.hruska\Documents\PODKLADY\VOŠ\filosofie\Platón---Dialogy.rar je infikovaný virem Exe.Corrupted !! Provedené akce: Ponecháno, neodstraněno!.

Soubor C:\Users\petr.hruska\Software\Rajče\rajce-downloader_1.0.0.0.exe je infikovaný virem Gen:Trojan.Heur.P.bK4@f8ZO@Ni (DB) !! Provedené akce: Ponecháno, neodstraněno!.

Jedenáct z těch kritických ale nevím, jak najít a jak je odstranit:

Kód: Vybrat vše

Objekt "alexa Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.

Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.

Objekt "winlink Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.

Objekt "CasinoOnNet Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.

Objekt "AntiSpyware Pro XP Corrupted Adware/Spyware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.

Objekt "Troj/Banker-Q Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.

Objekt "AntiSpyware Pro XP Corrupted Adware/Spyware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.

Objekt "Troj/Banker-Q Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.

Objekt "XLG Security Center Corrupted Adware/Spyware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.

Objekt "XLG Security Center Corrupted Adware/Spyware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.

Objekt "Trust Fighter Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.

Děkuji za případnou radu!

Petr Hruška

[Rudy]

Zdravím!
Dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

[agas]

Díky za odpověď.

Farbar Recovery Scan Tool se mi stáhnout podařilo bez problémů, ovšem FRSTLauncher, když jsem konečně přesvědčil všechny své ochrany, aby jej dovolily stáhnout, mi při rozkliknutí hlásí "Tato aplikace nemůže běžet na vašem počítači. Chcete-li najít verzi pro svůj počítač, obraťte se na vydavatele softwaru."

Mám tedy spustit ten Farbar REcovaery Scan Tool přímo?

[agas]

Tak se mi to už podařilo spustit. Ovšem v tom odkazovaném návodu se mi nezobrazuje zmiňovaný obrázek:

Kód: Vybrat vše

Dooznačíme položku Addition.txt - viz obrázek.

Nevím tedy, jestli to mám vše dobře zaškrtnuté.

V sekci Whitelist je zaškrtnuté všechno, v sekci Optional Scan je zaškrtnuté Addition.txt.

Mám tedy kliknout na Scan a poslat výsledky?

[Rudy]

Můžete, tak by to mělo být.

[agas]

Tak tady je ten log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by petr.hruska (administrator) on PETRHRUSKA (18-03-2018 16:48:18)
Running from C:\Users\petr.hruska\Desktop
Loaded Profiles: petr.hruska (Available Profiles: petr.hruska & DefaultAppPool)
Platform: Windows 10 Pro Version 1709 16299.251 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

Kód: Vybrat vše

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Digital Care Solutions) C:\Program Files\BDServices\BitDefenderCOM.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Nitro PDF Software) C:\Program Files (x86)\Nitro\Pro 9\NitroPDFDriverService9x64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
() C:\Program Files (x86)\Nitro\Pro 9\Nitro_UpdateService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(f.lux Software LLC) C:\Users\petr.hruska\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroidHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(MicroWorld Technologies Inc.) C:\Users\PETR~1.HRU\AppData\Local\Temp\mexe.com
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\WINWORD.EXE
Failed to access process -> WINWORD.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MessageCenterPlus.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\petr.hruska\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Users\petr.hruska\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [382248 2013-02-12] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [290160 2012-06-02] (Lenovo Group Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [324352 2017-12-18] (ESET)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-31] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-04-13] (Intel Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [1091376 2012-01-17] (Lenovo)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (iSkySoft)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe [1962944 2016-11-22] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-227463364-3509510608-2868378379-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-03-29] (Google Inc.)
HKU\S-1-5-21-227463364-3509510608-2868378379-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-06] (Piriform Ltd)
HKU\S-1-5-21-227463364-3509510608-2868378379-1000\...\Run: [Dropbox Update] => C:\Users\petr.hruska\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-227463364-3509510608-2868378379-1000\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [15645816 2018-03-14] (Sand Studio)
HKU\S-1-5-21-227463364-3509510608-2868378379-1000\...\Run: [Google Update] => C:\Users\petr.hruska\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-13] (Google Inc.)
HKU\S-1-5-21-227463364-3509510608-2868378379-1000\...\Run: [Google Photos Backup] => C:\Users\petr.hruska\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google, Inc)
HKU\S-1-5-21-227463364-3509510608-2868378379-1000\...\Run: [f.lux] => C:\Users\petr.hruska\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)
HKU\S-1-5-21-227463364-3509510608-2868378379-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 18\Program32\ZPSTRAY.EXE [680520 2017-01-09] (ZONER software)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\petr.hruska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-12-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\petr.hruska\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\petr.hruska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2016-07-28]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\petr.hruska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk [2017-02-20]
ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\petr.hruska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2017-02-21]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 80.250.1.166 80.250.1.155
Tcpip\..\Interfaces\{27557f1f-6d28-4837-81b6-44ee6dad7089}: [DhcpNameServer] 80.250.1.166 80.250.1.155
Tcpip\..\Interfaces\{5d19e7ec-91ce-43d4-af1b-89be24326bb1}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{a37e3fe1-0d6d-4a9c-a3ff-8d44a4de5729}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{d0116b63-b446-42ce-9933-b7b090d1095c}: [DhcpNameServer] 80.250.1.166 80.250.1.155

Internet Explorer:
==================
HKU\S-1-5-21-227463364-3509510608-2868378379-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-227463364-3509510608-2868378379-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=27368
SearchScopes: HKU\S-1-5-21-227463364-3509510608-2868378379-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_csCZ533
SearchScopes: HKU\S-1-5-21-227463364-3509510608-2868378379-1000 -> {263614B9-A34C-4E59-9CC7-C703A7D548BE} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-227463364-3509510608-2868378379-1000 -> {38C25A9A-7D60-4E01-BED4-0C5F34AD134B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-227463364-3509510608-2868378379-1000 -> {4D2E334B-5BBC-4D85-9289-4628D5F1A000} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-227463364-3509510608-2868378379-1000 -> {601E313A-D4E6-48C2-BFCC-7126EE258BC7} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_csCZ533
SearchScopes: HKU\S-1-5-21-227463364-3509510608-2868378379-1000 -> {60AD1A84-89C7-41A3-A415-0F290B8842D5} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-227463364-3509510608-2868378379-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_csCZ533
SearchScopes: HKU\S-1-5-21-227463364-3509510608-2868378379-1000 -> {6ADDEB35-76C3-4747-90CD-8DE26F65D5C7} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-227463364-3509510608-2868378379-1000 -> {7EE08296-E554-49CC-89EB-A8CB1563AF08} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-227463364-3509510608-2868378379-1000 -> {81349AD5-1061-4DB7-B301-669C95A453B0} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-227463364-3509510608-2868378379-1000 -> {C84AE9B0-86AA-4592-8037-D844B4D37A2F} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-227463364-3509510608-2868378379-1000 -> {CD096C68-CB4F-4633-B7AB-A00DC108E0E0} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_27368
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation)
BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL [2013-08-07] (AuthenTec Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-04-22] (DVDVideoSoft Ltd.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-06] (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll [2013-08-07] (AuthenTec Inc.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2017-09-20] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: iSkysoft iMedia Converter Deluxe 5.1.0 -> {AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE} -> C:\ProgramData\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-11-22] (Wondershare)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-06] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-05-15] (DVDVideoSoft Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-227463364-3509510608-2868378379-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 -  No File

FireFox:
========
FF DefaultProfile: ohmjt0tq.default-1521242922929
FF ProfilePath: C:\Users\petr.hruska\AppData\Roaming\Mozilla\Firefox\Profiles\ohmjt0tq.default-1521242922929 [2018-03-18]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi => not found
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client => not found
FF HKLM-x32\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi
FF Extension: (iSkysoft iMedia Converter Deluxe) - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi [2017-04-02] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-13] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-13] ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll [2013-08-07] (AuthenTec, Inc)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-14] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-14] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2015-04-13] ()
FF Plugin HKU\S-1-5-21-227463364-3509510608-2868378379-1000: @tools.google.com/Google Update;version=3 -> C:\Users\petr.hruska\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-227463364-3509510608-2868378379-1000: @tools.google.com/Google Update;version=9 -> C:\Users\petr.hruska\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-227463364-3509510608-2868378379-1000: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [No File]
FF Plugin HKU\S-1-5-21-227463364-3509510608-2868378379-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.search.ask.com/?gct=hp
CHR StartupUrls: Profile 1 -> "hxxp://farnostcheb.cz/","hxxps://www.facebook.com/"
CHR DefaultSearchURL: Profile 1 -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> search.ask.com
CHR DefaultSuggestURL: Profile 1 -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-03-17]
CHR Profile: C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-03-18]
CHR Extension: (Překladač Google) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (GC little helper) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aimnideehoepfoiniigacdpefnlngnob [2016-07-06]
CHR Extension: (CacheList) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa [2018-03-13]
CHR Extension: (Dokumenty) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-01]
CHR Extension: (ColorZilla) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2016-12-25]
CHR Extension: (YouTube) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Website Logon) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\clglhglbidpdbjffpfcldkifhdegdfle [2014-04-24]
CHR Extension: (Vyhledávání Google) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Tampermonkey) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-01-21]
CHR Extension: (Video Downloader professional) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-08-05]
CHR Extension: (FBDown Video Downloader) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2018-02-20]
CHR Extension: (AdBlock) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-06]
CHR Extension: (Uložit na Disk Google) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-07-12]
CHR Extension: (AirDroid) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2013-09-02]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2018-03-13]
CHR Extension: (Geocaching.com Google Drive™ Notes) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jabhbbbnkmjaoejmdhollfkjkffhiehc [2018-02-22]
CHR Extension: (Google Play) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-02-12]
CHR Extension: (mydlink services plugin) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ldibdoepbjbkkcbgndfljnphngpglhbb [2017-09-13]
CHR Extension: (EXIF Viewer) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck [2015-12-06]
CHR Extension: (DVDVideoSoft) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Check My Links) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf [2017-06-03]
CHR Extension: (Gmail) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-13]
CHR Extension: (Geoseznam) - C:\Users\petr.hruska\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkejgpgaflkeonkliblcplomemekogop [2018-01-04]
CHR HKU\S-1-5-21-227463364-3509510608-2868378379-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-227463364-3509510608-2868378379-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-12-08]
CHR HKU\S-1-5-21-227463364-3509510608-2868378379-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [clglhglbidpdbjffpfcldkifhdegdfle] - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx [2013-04-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-lenovo-abb.crx [2012-02-24]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1075712 2016-03-05] (Digital Care Solutions) [File not signed]
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-12-23] (Lenovo)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1940584 2017-12-18] (ESET)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [169776 2012-01-17] (Lenovo)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139944 2013-08-07] (AuthenTec, Inc)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [68408 2017-11-12] (Lenovo Group Limited)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-05-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-31] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-02] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes)
R2 NitroDriverReadSpool9; C:\Program Files (x86)\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-07-16] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files (x86)\Nitro\Pro 9\Nitro_UpdateService.exe [417800 2014-07-16] ()
S3 scan; C:\Program Files\BDServices\scan.dll [602456 2016-02-22] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-11] (Microsoft Corporation)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23920 2017-12-12] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-10-03] (Synaptics Incorporated)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401704 2013-07-22] (AuthenTec, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [134368 2018-01-19] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107328 2018-01-19] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-16] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [180088 2018-01-19] (ESET)
R2 ekbdflt; C:\WINDOWS\System32\DRIVERS\ekbdflt.sys [50744 2018-01-19] (ESET)
R1 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [81880 2018-01-19] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [106304 2018-01-19] (ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [76200 2018-01-18] ()
S3 Fastboot; C:\WINDOWS\System32\DRIVERS\Fastboot.sys [70416 2012-01-17] (Windows (R) Win 7 DDK provider)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [31136 2013-07-14] (REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193248 2018-03-13] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [109800 2018-03-13] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45960 2018-03-13] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-03-13] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [101600 2018-03-18] (Malwarebytes)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-10-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [452040 2016-02-22] (BitDefender S.R.L.)
R3 TSVAD_PCM; C:\WINDOWS\system32\drivers\tsvadpcm.sys [33552 2016-02-09] (Windows (R) Win 7 DDK provider)
R3 Tvti2c; C:\WINDOWS\system32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\WINDOWS\system32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-18 16:48 - 2018-03-18 17:26 - 000041607 _____ C:\Users\petr.hruska\Desktop\FRST.txt
2018-03-18 16:38 - 2018-03-18 16:48 - 000000000 ____D C:\FRST
2018-03-18 16:32 - 2018-03-18 16:33 - 000112640 _____ (forum.viry.cz) C:\Users\petr.hruska\Desktop\FRSTLauncher.exe
2018-03-18 15:39 - 2018-03-18 15:41 - 002403328 _____ (Farbar) C:\Users\petr.hruska\Desktop\FRST64.exe
2018-03-17 23:04 - 2018-03-17 23:04 - 000001848 _____ C:\Users\petr.hruska\Desktop\PRF tvorba stanov.lnk
2018-03-17 00:28 - 2018-03-17 00:28 - 000000000 ____D C:\Users\petr.hruska\Desktop\Původní data aplikace Firefox
2018-03-16 21:47 - 2018-03-16 21:47 - 000000000 ____D C:\WINDOWS\VDLL.DLL
2018-03-16 21:47 - 2018-03-16 21:47 - 000000000 ____D C:\WINDOWS\SysWOW64\runouce.exe
2018-03-16 21:47 - 2018-03-16 21:47 - 000000000 ____D C:\WINDOWS\rundll16.exe
2018-03-16 21:47 - 2018-03-16 21:47 - 000000000 ____D C:\WINDOWS\RUNDL132.EXE
2018-03-16 21:47 - 2018-03-16 21:47 - 000000000 ____D C:\WINDOWS\logo1_.exe
2018-03-16 21:47 - 2018-03-16 21:47 - 000000000 ____D C:\WINDOWS\logo_1.exe
2018-03-16 21:23 - 2018-03-16 21:47 - 000000054 _____ C:\WINDOWS\Lic.xxx
2018-03-16 21:23 - 2018-03-16 21:23 - 000632064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2018-03-16 21:23 - 2018-03-16 21:23 - 000554240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2018-03-16 21:23 - 2018-03-16 21:23 - 000034048 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe
2018-03-16 21:23 - 2005-09-22 23:22 - 000000522 _____ C:\WINDOWS\SysWOW64\Microsoft.VC80.CRT.manifest
2018-03-16 21:22 - 2018-03-16 21:22 - 000000000 ____D C:\ProgramData\MicroWorld
2018-03-16 11:49 - 2018-03-17 23:04 - 000000000 ____D C:\Users\petr.hruska\Desktop\Chebská monstrance
2018-03-15 21:17 - 2018-03-15 21:18 - 000000000 ____D C:\Users\petr.hruska\Desktop\ACEP 2018 03
2018-03-13 23:58 - 2018-03-13 23:58 - 000045960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-03-13 23:24 - 2018-03-18 15:13 - 000101600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-03-13 23:24 - 2018-03-13 23:58 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-03-13 23:24 - 2018-03-13 23:58 - 000109800 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-03-13 23:24 - 2018-03-13 23:24 - 000193248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-03-13 23:24 - 2018-03-13 23:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-13 23:23 - 2018-03-13 23:23 - 000000000 ____D C:\ProgramData\MB2Migration
2018-03-13 23:23 - 2018-03-13 23:23 - 000000000 ____D C:\Program Files\Malwarebytes
2018-03-13 23:23 - 2018-01-18 08:03 - 000076200 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-03-13 22:47 - 2018-03-13 23:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-03-13 22:47 - 2018-03-13 23:23 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2018-03-13 19:34 - 2018-03-13 19:34 - 000003065 _____ C:\Users\petr.hruska\Desktop\Kniha jizd.lnk
2018-03-12 01:04 - 2018-03-12 01:04 - 000002625 _____ C:\Users\petr.hruska\Desktop\Monitorovací zpráva 2018.lnk
2018-03-11 17:53 - 2018-03-11 17:54 - 001182211 _____ C:\Users\petr.hruska\Desktop\Zpravodaj_Cheb_2018_03.pdf
2018-03-11 17:52 - 2018-03-11 17:52 - 000000000 ____D C:\Users\petr.hruska\Desktop\VKC 2018
2018-03-10 07:49 - 2018-03-10 11:48 - 000000000 ____D C:\Users\petr.hruska\Desktop\24 hodin pro Pána 2018
2018-03-10 07:45 - 2018-03-10 07:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exif Tag Remover
2018-03-10 07:45 - 2018-03-10 07:55 - 000000000 ____D C:\Program Files (x86)\Exif Tag Remover
2018-03-09 22:40 - 2018-03-10 20:16 - 000000000 ____D C:\Users\petr.hruska\Documents\Lexicon
2018-03-08 00:42 - 2018-02-22 03:13 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-03-08 00:42 - 2018-02-22 03:11 - 000109984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-03-08 00:42 - 2018-02-22 03:10 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-03-08 00:42 - 2018-02-22 03:08 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-03-08 00:42 - 2018-02-22 03:08 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-03-08 00:42 - 2018-02-22 03:07 - 008603040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-03-08 00:42 - 2018-02-22 03:03 - 000733600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-03-08 00:42 - 2018-02-22 03:03 - 000082848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-03-08 00:42 - 2018-02-22 03:02 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-03-08 00:42 - 2018-02-22 03:00 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-03-08 00:42 - 2018-02-22 02:54 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-03-08 00:42 - 2018-02-22 02:51 - 000555424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-03-08 00:42 - 2018-02-22 02:51 - 000045472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-03-08 00:42 - 2018-02-22 02:50 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-03-08 00:42 - 2018-02-22 01:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-03-08 00:42 - 2018-02-22 01:31 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-03-08 00:42 - 2018-02-22 01:30 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-03-08 00:42 - 2018-02-22 01:28 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-03-08 00:42 - 2018-02-22 01:26 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-03-08 00:42 - 2018-02-22 01:22 - 008110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-03-08 00:42 - 2018-02-22 01:12 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-03-08 00:41 - 2018-02-22 03:23 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-03-08 00:41 - 2018-02-22 03:23 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-03-08 00:41 - 2018-02-22 03:14 - 000270752 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-03-08 00:41 - 2018-02-22 03:12 - 000613280 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-03-08 00:41 - 2018-02-22 03:11 - 000138136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-08 00:41 - 2018-02-22 03:10 - 001577880 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-03-08 00:41 - 2018-02-22 03:08 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-03-08 00:41 - 2018-02-22 03:07 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-03-08 00:41 - 2018-02-22 03:07 - 001209248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-03-08 00:41 - 2018-02-22 03:03 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-03-08 00:41 - 2018-02-22 02:59 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-03-08 00:41 - 2018-02-22 01:50 - 025253376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-03-08 00:41 - 2018-02-22 01:41 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-03-08 00:41 - 2018-02-22 01:26 - 023671808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-03-08 00:41 - 2018-02-22 01:25 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-03-08 00:41 - 2018-02-22 01:18 - 019352576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-03-08 00:41 - 2018-02-22 01:18 - 018923008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-03-08 00:41 - 2018-02-22 01:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-03-08 00:40 - 2018-02-22 03:09 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-08 00:40 - 2018-02-22 03:08 - 000758168 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-03-08 00:40 - 2018-02-22 03:08 - 000387488 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-03-08 00:40 - 2018-02-22 03:06 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-03-08 00:40 - 2018-02-22 03:06 - 000662936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-03-08 00:40 - 2018-02-22 03:06 - 000460704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-03-08 00:40 - 2018-02-22 03:06 - 000272792 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-08 00:40 - 2018-02-22 03:00 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-03-08 00:40 - 2018-02-22 01:53 - 000211872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-03-08 00:40 - 2018-02-22 01:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-03-08 00:40 - 2018-02-22 01:27 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-03-08 00:40 - 2018-02-22 01:16 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-03-08 00:40 - 2018-02-22 01:16 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-03-08 00:39 - 2018-02-22 03:13 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-03-08 00:39 - 2018-02-22 03:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-03-08 00:39 - 2018-02-22 03:07 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-03-08 00:39 - 2018-02-22 02:52 - 000103328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-03-08 00:39 - 2018-02-22 02:51 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-03-08 00:39 - 2018-02-22 02:50 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-03-08 00:39 - 2018-02-22 01:30 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-03-08 00:39 - 2018-02-22 01:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-03-08 00:39 - 2018-02-22 01:26 - 000441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2018-03-08 00:39 - 2018-02-22 01:20 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-03-08 00:39 - 2018-02-22 01:18 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-03-08 00:39 - 2018-02-22 01:16 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-03-07 03:25 - 2018-03-09 08:39 - 000000000 ___RD C:\Users\petr.hruska\3D Objects
2018-03-07 03:23 - 2018-03-02 22:09 - 000834552 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-03-07 03:23 - 2018-03-02 22:09 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-06 22:37 - 2018-03-06 22:37 - 000002701 _____ C:\Users\petr.hruska\Desktop\Hlavičkový papír ŘkF.lnk
2018-03-06 11:40 - 2018-03-06 11:40 - 000002340 _____ C:\Users\petr.hruska\Desktop\Nemocní.lnk
2018-03-06 11:38 - 2018-03-06 11:38 - 000001930 _____ C:\Users\petr.hruska\Desktop\Farní web.lnk
2018-03-06 10:09 - 2018-03-17 22:43 - 000000000 ____D C:\Users\petr.hruska\Documents\Vlastní šablony Office
2018-03-06 09:58 - 2018-03-06 09:58 - 000002985 _____ C:\Users\petr.hruska\Desktop\DŽ kostel.lnk
2018-03-06 09:57 - 2018-03-06 09:57 - 000003086 _____ C:\Users\petr.hruska\Desktop\FP pronájem.lnk
2018-03-06 08:32 - 2018-03-06 08:32 - 000000000 ___HD C:\OneDriveTemp
2018-03-05 21:45 - 2018-03-05 21:45 - 000002403 _____ C:\Users\petr.hruska\Desktop\Biřmování 2018.lnk
2018-03-05 21:42 - 2018-03-08 10:06 - 000002163 _____ C:\Users\petr.hruska\Desktop\Děti.lnk
2018-03-05 21:40 - 2018-03-05 21:43 - 000002487 _____ C:\Users\petr.hruska\Desktop\Postní doba 1 - 6.lnk
2018-03-02 09:46 - 2018-03-02 09:46 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2018-02-20 10:37 - 2018-02-20 10:37 - 000001648 _____ C:\Users\petr.hruska\Desktop\KR 2018 01.lnk
2018-02-19 16:03 - 2018-02-19 16:03 - 000001954 _____ C:\Users\petr.hruska\Desktop\SRH 2018 02.lnk
2018-02-16 21:24 - 2018-02-16 21:24 - 000000000 __SHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-02-16 21:24 - 2018-02-16 21:24 - 000000000 ____D C:\ProgramData\ESET
2018-02-16 21:24 - 2018-02-16 21:24 - 000000000 ____D C:\Program Files\ESET
2018-02-16 18:54 - 2018-02-16 18:55 - 000801641 _____ C:\Users\petr.hruska\Desktop\kazdy-den-zkoumali.pdf
2018-02-16 16:10 - 2018-02-16 16:10 - 002559867 _____ C:\Users\petr.hruska\Desktop\evangelium-na-kazdy-den-2018.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-18 17:47 - 2016-12-12 09:49 - 000000000 ____D C:\Users\petr.hruska\AppData\Roaming\AirDroid
2018-03-18 17:46 - 2013-04-23 19:24 - 000000000 ____D C:\Users\petr.hruska\AppData\Roaming\Audacity
2018-03-18 17:03 - 2016-01-23 04:35 - 000000000 ____D C:\Users\petr.hruska\Documents\Soubory aplikace Outlook
2018-03-18 16:27 - 2017-01-11 21:56 - 000000000 ____D C:\Users\petr.hruska\AppData\LocalLow\Mozilla
2018-03-18 16:12 - 2017-01-11 21:55 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-03-18 16:10 - 2013-04-23 23:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-18 15:58 - 2014-11-13 14:27 - 000000000 ___RD C:\Users\petr.hruska\Documents\Zařadit
2018-03-18 14:40 - 2017-04-02 20:39 - 000000000 ____D C:\Program Files (x86)\freac
2018-03-18 14:39 - 2014-11-18 21:50 - 000000000 ____D C:\Program Files (x86)\Avidemux 2.6
2018-03-18 14:37 - 2013-10-07 13:18 - 000000000 ____D C:\Users\petr.hruska\Software
2018-03-18 14:30 - 2015-03-20 00:23 - 000000000 ____D C:\Users\petr.hruska\AppData\Local\CrashDumps
2018-03-18 13:57 - 2017-12-11 23:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-18 12:24 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-03-17 23:03 - 2017-12-12 00:06 - 000000000 ____D C:\Users\petr.hruska\AppData\Local\Packages
2018-03-17 18:38 - 2017-12-12 00:32 - 000004212 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EE76DAFB-1923-4D88-9D8A-5D9FB981999C}
2018-03-17 12:24 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-17 12:24 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-17 00:25 - 2013-12-21 13:27 - 000000000 ____D C:\Users\petr.hruska\AppData\Roaming\Mozilla
2018-03-17 00:23 - 2013-12-21 13:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-15 22:37 - 2013-04-23 08:13 - 000000000 ____D C:\Users\petr.hruska\AppData\Roaming\vlc
2018-03-15 13:59 - 2016-07-27 11:31 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-03-14 21:06 - 2013-04-22 15:31 - 000000000 ____D C:\Users\petr.hruska\AppData\LocalLow\AuthenTec
2018-03-14 06:37 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-14 06:36 - 2013-08-15 01:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-14 06:26 - 2017-10-10 23:30 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-14 06:26 - 2016-07-19 23:39 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-03-14 06:26 - 2013-04-23 03:44 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-14 00:11 - 2016-01-23 11:12 - 000000000 ____D C:\Program Files (x86)\AirDroid
2018-03-14 00:04 - 2017-12-11 23:59 - 002347468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-14 00:04 - 2017-09-30 15:30 - 001000600 _____ C:\WINDOWS\system32\perfh005.dat
2018-03-14 00:04 - 2017-09-30 15:30 - 000239838 _____ C:\WINDOWS\system32\perfc005.dat
2018-03-14 00:03 - 2017-01-02 10:28 - 000066556 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2018-03-14 00:01 - 2017-06-21 10:12 - 000000000 ___RD C:\Users\petr.hruska\Římskokatolická farnost Cheb
2018-03-14 00:01 - 2017-06-21 09:55 - 000000000 ___RD C:\Users\petr.hruska\OneDrive - Římskokatolická farnost Cheb
2018-03-13 23:57 - 2016-07-27 11:07 - 000000000 __SHD C:\Users\petr.hruska\IntelGraphicsProfiles
2018-03-13 23:56 - 2017-12-12 00:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-13 23:55 - 2017-09-29 09:45 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2018-03-13 23:54 - 2016-02-12 13:21 - 000000000 ___RD C:\Users\petr.hruska\OneDrive
2018-03-13 23:45 - 2017-12-12 00:32 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-03-13 23:45 - 2014-07-16 12:13 - 000000000 ____D C:\Program Files\CCleaner
2018-03-13 23:22 - 2015-03-16 11:38 - 000000000 ____D C:\ProgramData\APN
2018-03-13 23:22 - 2013-07-23 20:16 - 000000000 ____D C:\Users\petr.hruska\AppData\Roaming\ParetoLogic
2018-03-13 23:22 - 2013-07-23 20:16 - 000000000 ____D C:\ProgramData\ParetoLogic
2018-03-13 23:22 - 2013-07-23 20:16 - 000000000 ____D C:\Program Files (x86)\ParetoLogic
2018-03-12 10:13 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-12 10:13 - 2013-04-23 23:51 - 000000000 ____D C:\Users\petr.hruska\AppData\Roaming\Nitro PDF
2018-03-10 20:56 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-03-09 08:39 - 2016-07-27 05:36 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-03-09 04:47 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-03-09 04:47 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-03-08 12:14 - 2018-02-15 14:54 - 000002946 _____ C:\Users\petr.hruska\Desktop\PRF Cheb.lnk
2018-03-07 03:25 - 2017-12-12 00:05 - 000000000 ____D C:\Users\petr.hruska
2018-03-07 03:22 - 2017-12-11 23:54 - 000480512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-07 03:17 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-03-07 03:17 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-03-07 03:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-03-07 03:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-03-06 08:38 - 2016-07-27 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-03-06 08:38 - 2013-12-06 10:12 - 000000000 ____D C:\ProgramData\Oracle
2018-03-06 08:38 - 2013-08-08 22:43 - 000000000 ____D C:\Program Files (x86)\Java
2018-03-06 08:37 - 2014-07-17 17:48 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-03-06 00:45 - 2013-04-29 21:17 - 000000000 ___RD C:\Users\petr.hruska\Documents\00 PRACOVNÍ
2018-03-06 00:45 - 2013-04-29 12:51 - 000000000 ___RD C:\Users\petr.hruska\Zálohy
2018-03-05 23:43 - 2013-04-23 19:10 - 000000000 ____D C:\Users\petr.hruska\AppData\Roaming\FileZilla
2018-03-02 09:46 - 2017-12-12 00:05 - 000000000 ____D C:\Users\DefaultAppPool
2018-03-01 21:29 - 2017-12-12 00:32 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-227463364-3509510608-2868378379-1000
2018-03-01 21:29 - 2016-07-27 11:35 - 000002457 _____ C:\Users\petr.hruska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-26 13:45 - 2016-07-12 23:41 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-26 13:44 - 2017-12-12 00:32 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-02-26 10:52 - 2018-02-15 14:53 - 000002008 _____ C:\Users\petr.hruska\Desktop\SRH Cheb.lnk
2018-02-22 02:38 - 2016-09-13 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Davar4
2018-02-22 02:38 - 2016-09-13 11:10 - 000000000 ____D C:\Program Files (x86)\Davar4
2018-02-16 21:26 - 2016-11-12 15:41 - 000015872 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys

==================== Files in the root of some directories =======

2013-04-22 15:31 - 2013-04-22 15:31 - 000090624 _____ () C:\Users\Public\AlexaNSISPlugin.4512.dll
2015-05-06 11:35 - 2015-05-06 11:35 - 000037607 _____ () C:\Program Files (x86)\Common Files\license.rtf
2015-05-06 11:35 - 2015-05-06 11:35 - 000008046 _____ () C:\Program Files (x86)\Common Files\setupBanner.jpg
2013-12-29 23:57 - 2014-01-19 00:54 - 000000008 ___SH () C:\Users\petr.hruska\AppData\Roaming\.addit001.dat
2013-12-29 23:57 - 2013-12-29 23:57 - 000000008 ___SH () C:\Users\petr.hruska\AppData\Roaming\.app190905.dat
2013-12-29 23:57 - 2014-01-19 00:54 - 000000008 ___SH () C:\Users\petr.hruska\AppData\Roaming\.data000.dat
2013-12-29 23:57 - 2014-01-19 00:54 - 000000008 ___SH () C:\Users\petr.hruska\AppData\Roaming\.data001.dat
2013-12-29 23:57 - 2013-12-29 23:57 - 000000008 ___SH () C:\Users\petr.hruska\AppData\Roaming\.drv120205.dat
2013-12-29 23:57 - 2013-12-29 23:57 - 000000008 ___SH () C:\Users\petr.hruska\AppData\Roaming\.drv190904.dat
2013-04-22 15:31 - 2013-04-22 15:32 - 000001448 _____ () C:\Users\petr.hruska\AppData\Roaming\AbsoluteReminder.xml
2016-04-29 06:40 - 2016-04-29 06:40 - 000038428 _____ () C:\Users\petr.hruska\AppData\Roaming\Hodnoty oddělené čárkami.ADR
2014-11-29 02:21 - 2016-03-12 15:36 - 000000115 _____ () C:\Users\petr.hruska\AppData\Roaming\LogFile.txt
2016-05-25 00:47 - 2016-10-16 15:54 - 000033803 _____ () C:\Users\petr.hruska\AppData\Roaming\net.telestream.wirecast.xml
2014-08-01 21:55 - 2014-08-01 21:55 - 000003584 _____ () C:\Users\petr.hruska\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-27 21:44 - 2016-06-02 00:41 - 042304896 _____ (Sony) C:\Users\petr.hruska\AppData\Local\pcc.exe
2016-01-12 12:59 - 2016-01-12 12:59 - 000000218 _____ () C:\Users\petr.hruska\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
2018-03-16 21:19 - 2009-10-02 13:36 - 000058648 _____ (BitDefender) C:\Users\petr.hruska\AppData\Local\Temp\avxdisk.dll
2018-03-16 21:19 - 2009-07-15 16:15 - 000091904 _____ (MicroWorld Tech) C:\Users\petr.hruska\AppData\Local\Temp\bdc.exe
2018-03-16 21:19 - 2009-09-14 22:07 - 000107800 _____ (BitDefender) C:\Users\petr.hruska\AppData\Local\Temp\bdcore.dll
2018-03-16 21:19 - 2009-09-17 14:48 - 000231944 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\bdfltlib.dll
2018-03-16 21:19 - 2009-09-17 14:48 - 000231944 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\bdfltlib2k.dll
2018-03-16 21:19 - 2009-07-26 17:01 - 000058624 _____ () C:\Users\petr.hruska\AppData\Local\Temp\bdupdateservice.dll
2018-03-16 21:22 - 2018-03-16 21:22 - 000061184 _____ (Microsoft Corporation) C:\Users\petr.hruska\AppData\Local\Temp\DEVCON.EXE
2018-03-16 21:19 - 2009-11-06 18:46 - 000929800 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\download.exe
2018-03-16 21:23 - 2018-03-16 21:23 - 000034048 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\eEmpty.exe
2018-03-16 21:19 - 2009-11-06 18:46 - 000117768 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\encdec.dll
2018-03-16 21:19 - 2009-11-06 18:47 - 000296456 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\esupdate.exe
2018-03-16 21:19 - 2009-07-17 13:39 - 000043776 _____ (Kaspersky Lab) C:\Users\petr.hruska\AppData\Local\Temp\FSSync.dll
2018-03-16 21:19 - 2009-11-06 18:47 - 000174664 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\Getvlist.exe
2018-03-16 21:19 - 2009-07-17 13:39 - 000070912 _____ () C:\Users\petr.hruska\AppData\Local\Temp\ikave.dll
2018-03-16 21:20 - 2009-11-06 18:47 - 000043592 _____ (Kaspersky Lab.) C:\Users\petr.hruska\AppData\Local\Temp\ipc.dll
2018-03-16 21:20 - 2009-07-17 13:39 - 000283904 _____ (Kaspersky Lab.) C:\Users\petr.hruska\AppData\Local\Temp\kave.dll
2018-03-16 21:20 - 2009-11-06 18:47 - 000109152 _____ () C:\Users\petr.hruska\AppData\Local\Temp\kavvlg.dll
2018-03-16 21:22 - 2018-03-16 21:22 - 000166152 _____ (Kaspersky Lab) C:\Users\petr.hruska\AppData\Local\Temp\KK.EXE
2018-03-16 21:20 - 2009-11-06 18:47 - 000227848 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\msvclnt.dll
2018-03-16 21:23 - 2018-03-16 21:23 - 000554240 _____ (Microsoft Corporation) C:\Users\petr.hruska\AppData\Local\Temp\msvcp80.dll
2018-03-16 21:23 - 2018-03-16 21:23 - 000632064 _____ (Microsoft Corporation) C:\Users\petr.hruska\AppData\Local\Temp\msvcr80.dll
2018-03-16 21:20 - 2009-11-06 18:47 - 002308616 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\msvl64.dll
2018-03-16 21:20 - 2009-11-06 18:47 - 000227848 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\msvlclnt.dll
2018-03-16 21:20 - 2009-11-06 18:47 - 000105992 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\MWAVL.exe
2018-03-16 21:20 - 2009-11-06 18:47 - 000700424 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\MWAVReg.EXE
2018-03-16 21:20 - 2009-11-06 18:48 - 000289288 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\mwunzip.dll
2018-03-16 21:21 - 2009-07-17 13:39 - 000189696 _____ (Kaspersky Lab) C:\Users\petr.hruska\AppData\Local\Temp\prLoader.dll
2018-03-16 21:21 - 2009-11-06 18:48 - 000010248 _____ (Microsoft Corporation) C:\Users\petr.hruska\AppData\Local\Temp\red32.dll
2018-03-16 21:21 - 2009-11-06 18:48 - 000151048 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\reload.exe
2018-03-16 21:21 - 2009-09-17 14:48 - 000330248 _____ (MicroWorld Technologies) C:\Users\petr.hruska\AppData\Local\Temp\scan.dll
2018-03-16 21:21 - 2009-07-17 13:39 - 000144640 _____ (Kaspersky Lab.) C:\Users\petr.hruska\AppData\Local\Temp\ScanningProcess.exe
2018-03-16 21:21 - 2009-11-06 18:48 - 000058888 _____ (MicroWorld Technologies Inc) C:\Users\petr.hruska\AppData\Local\Temp\setpriv.exe
2018-03-16 21:21 - 2009-11-06 18:48 - 000653832 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\test2.exe
2018-03-16 21:22 - 2009-11-06 18:48 - 000060936 _____ (MicroWorld Technologies Inc) C:\Users\petr.hruska\AppData\Local\Temp\unregx.exe
2018-03-16 21:22 - 2009-11-06 18:48 - 000572424 _____ (MicroWorld Technologies Inc.) C:\Users\petr.hruska\AppData\Local\Temp\viewtcp.exe

Some zero byte size files/folders:
==========================
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================

Image Resize (HKLM-x32\...\Image Resize_is1) (Version:  - Vision Source)

==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Disabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\petr.hruska\Desktop" je 19458 MB.
 
 
***** Startup Programs *****
 
 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

 
==================== End Of Log ==============================

V příloze přikládám Addition.txt

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
C:\Program Files (x86)\Bonjour
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-227463364-3509510608-2868378379-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-26] (Google Inc.)
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - No File
FF Plugin HKU\S-1-5-21-227463364-3509510608-2868378379-1000: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [No File]
CHR HomePage: Profile 1 -> hxxp://www.search.ask.com/?gct=hp
CHR DefaultSearchURL: Profile 1 -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> search.ask.com
CHR DefaultSuggestURL: Profile 1 -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
U3 idsvc; no ImagePath
C:\Users\petr.hruska\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\petr.hruska\AppData\Local\Temp
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B})
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => -> No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => -> No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => -> No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => -> No File
ContextMenuHandlers1-x32: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} => -> No File
ContextMenuHandlers1-x32: [DefragglerShellExtension] -> [CC]{4380C993-0C43-4E02-9A7A-0D40B6EA7590} => -> No File
ContextMenuHandlers1-x32: [iSkysoftVideoConverterFileOpreation] -> [CC]{BB35DE05-89D6-4D8F-95DE-A27DF8156D91} => -> No File
ContextMenuHandlers1-x32-x32: [SugarSync] -> [CC]{305BC11B-5175-492B-B569-866547FCDA40} => -> No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\petr.hruska\Desktop" je 19458 MB.

To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\petr.hruska novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

[agas]

Díky moc, musím teď na cca 2 hodiny zmizet, mrknu na to v noci a dám vědět.

[Rudy]

OK, budu se těšit.

[agas]

Spustil jsem ten Fix a po jeho zprocesovani se NTB sám restartoval. Pak to na modre obrazovce napsalo:

Probíhá automatická oprava... diagnostika...

Automatická oprava nemůže váš počítač opravit...

Soubor protokolu: E:/WINDOWS/System32/Logfiles/Srt/SrtTrail.txt
SrtTrail.txt

VYPNOUT / UPŘESNIT MOŽNOSTI

Pod volbou UPŘESNIT... jsou pak tři moznosti:

Pokračovat (Ukončit a pokračovat do Windows 10)

Odstranit potíže (Obnovit počítač do továrního nastavení nebo zobrazit upresnujici moznosti)

VYPNOUT počítač

Jak bych měl dal postupovat?

[agas]

Další možnosti po volbě "Odstranit potize" - "Upřesnit moznosti":

Obnovení systému (z bodu obnovení uloženého v pocitaci)

Obnovení z bitové kopie systemu)

Oprava spouštění systému

Příkazový řádek

Nastavení spouštění

Vrátit se k předchozí verzi

[agas]

SOS

[Rudy]

Tak musíte provést některou z oprav. Dále by mna zajímalo, proč stejný problém řešíte souběžně na PC-help.

[agas]

Díky. Bohužel mi to píše, že automatická oprava není možná, bod obnovení nebyl vytvořen, zrcadlovou zálohu nemám a uvádět to do továrního nastavení se mi zatím moc nechce. Tomu dalšímu pak nerozumím (příkazový řádek apod.).

Ad PC Help: Nevšiml jsem si vaší odpovědi, a proto jsem hledal pomoc jinde. Jak jsem zjistil, že komunikace pokračuje, už jsem využíval jenom váš server a na PC Help jsem už nic nevkládal.

[Rudy]

Abyste mohl opravit systém z přílazového řádku, musel byste znát konkrétní soubor, nebo registry klíč, který problém způsobuje. Pravděpodbně vám nezbude nic jiného, než obnova do tov nastavení. Měl byste mít 2 možnosti: Buď kompletní, což je defacto reinstal (musel byste uděla zálohu vlastních dat), nebo částečnou (vlastní data zůstanou zachována, pouze vám zmizí programy, které jse si nainstaloval a které nebyly v tovární instalaci).