Ahoj, vubec nevim co s tim.
Operační paměť » C:\ProgramData\eilwz8rl.jss - varianta infiltrace Win32/Reveton.AA trojský kůň - výběr akce byl odložen na konec skenování
Operační paměť » C:\ProgramData\eilwz8rl.jss - varianta infiltrace Win32/Kryptik.BRUS trojský kůň - výběr akce byl odložen na konec skenování
Operační paměť » C:\Users\PROVAZNIK\AppData\Local\Temp\eilwz8rl.jss - varianta infiltrace Win32/Reveton.AA trojský kůň - výběr akce byl odložen na konec skenování
Operační paměť » C:\Users\PROVAZNIK\AppData\Local\Temp\eilwz8rl.jss - varianta infiltrace Win32/Kryptik.BRUS trojský kůň - výběr akce byl odložen na konec skenování
Toto me vyjelo v ESETU. Prosim o radu
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Trojan
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Trojan
Zdravím!
Zkuste nejprve tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Zkuste nejprve tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Trojan
Spustil sem program, ale zasekl se a uz ho ani neotevru.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-12-2013 01
Ran by PROVAZNIK (administrator) on PROVAZNIK-NTB on 25-12-2013 11:41:42
Running from C:\Users\PROVAZNIK\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
toto jedinne me vyjelo do txt.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-12-2013 01
Ran by PROVAZNIK (administrator) on PROVAZNIK-NTB on 25-12-2013 11:41:42
Running from C:\Users\PROVAZNIK\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
toto jedinne me vyjelo do txt.
Re: Trojan
Beru zpet, uz se to rozjelo
Re: Trojan
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-12-2013 01
Ran by PROVAZNIK (administrator) on PROVAZNIK-NTB on 25-12-2013 11:41:42
Running from C:\Users\PROVAZNIK\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
==================== Could not list processes ===============
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-11] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [932000 2011-06-14] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [795808 2011-06-14] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2919168 2011-11-22] (ESET)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [336440 2011-06-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [Google Update] - C:\Users\PROVAZNIK\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-29] (Google Inc.)
Startup: C:\Users\PROVAZNIK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lr8zwlie.lnk
ShortcutTarget: lr8zwlie.lnk -> C:\ProgramData\eilwz8rl.jss (http://tortoisesvn.net)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKLM - {E74ED302-D558-48AD-A72A-CB67D255110B} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKLM-x32 - {E74ED302-D558-48AD-A72A-CB67D255110B} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKCU - {E74ED302-D558-48AD-A72A-CB67D255110B} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\PROVAZNIK\AppData\Roaming\Mozilla\Firefox\Profiles\kzz0g3ip.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler - C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\PROVAZNIK\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\PROVAZNIK\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Users\PROVAZNIK\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\PROVAZNIK\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\PROVAZNIK\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\PROVAZNIK\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U3) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\PROVAZNIK\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\PROVAZNIK\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.5.10_0
CHR Extension: (Google Drive) - C:\Users\PROVAZNIK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Google Wallet) - C:\Users\PROVAZNIK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
==================== Services (Whitelisted) =================
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-06-14] (Atheros)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2011-11-22] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [814264 2011-11-22] (ESET)
S3 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-16] (Hewlett-Packard)
S2 Winmgmt; C:\ProgramData\lr8zwlie.zvv [61024 2013-12-25] (Microsoft Corporation)
S2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [x]
==================== Drivers (Whitelisted) ====================
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171152 2011-11-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2011-11-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [125296 2011-11-21] (ESET)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-25 11:33 - 2013-12-25 11:46 - 00012132 _____ C:\Users\PROVAZNIK\Desktop\FRST.txt
2013-12-25 11:33 - 2013-12-25 11:41 - 00029696 _____ C:\Users\PROVAZNIK\AppData\Local\MSGBOX.EXE
2013-12-25 11:33 - 2013-12-25 11:33 - 00000000 ____D C:\FRST
2013-12-25 11:31 - 2013-12-25 11:31 - 01928636 _____ (Farbar) C:\Users\PROVAZNIK\Desktop\FRST64.exe
2013-12-25 11:31 - 2013-12-25 11:31 - 00112640 _____ (forum.viry.cz) C:\Users\PROVAZNIK\Desktop\FRSTLauncher.exe
2013-12-25 11:07 - 2013-12-25 11:22 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2013-12-25 10:46 - 2013-12-25 10:47 - 00000000 ____D C:\ProgramData\MFAData
2013-12-25 10:46 - 2013-12-25 10:46 - 10806456 _____ C:\Users\PROVAZNIK\Desktop\avg_free.exe
2013-12-25 10:46 - 2013-12-25 10:46 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Local\MFAData
2013-12-25 10:46 - 2013-12-25 10:46 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Local\Avg2014
2013-12-25 10:42 - 2013-11-01 15:54 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\PROVAZNIK\Desktop\TDSSKiller.exe
2013-12-25 10:35 - 2013-12-25 10:35 - 00233056 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\23870412.sys
2013-12-25 10:20 - 2013-12-25 10:25 - 00000000 ____D C:\AdwCleaner
2013-12-25 10:16 - 2013-12-25 10:16 - 00000336 ____H C:\Windows\Tasks\User_Feed_Synchronization-{50E91F72-66C7-471E-BC76-8E18D47F5018}.job
2013-12-25 10:13 - 2013-12-25 10:13 - 00819184 _____ (Google Inc.) C:\Users\PROVAZNIK\Desktop\ChromeSetup.exe
2013-12-25 01:02 - 2013-12-25 11:39 - 95025368 ____T C:\ProgramData\lr8zwlie.fee
2013-12-25 01:02 - 2013-12-25 11:39 - 00000000 _____ C:\ProgramData\lr8zwlie.odd
2013-12-25 01:02 - 2013-12-25 01:02 - 00262656 ____N (http://tortoisesvn.net) C:\ProgramData\eilwz8rl.jss
2013-12-25 01:02 - 2013-12-25 01:02 - 00061024 ____T (Microsoft Corporation) C:\ProgramData\lr8zwlie.zvv
2013-12-25 01:02 - 2013-12-25 01:02 - 00000285 _____ C:\ProgramData\lr8zwlie.reg
2013-12-25 01:02 - 2013-12-25 01:02 - 00000000 ____D C:\Windows\Sun
2013-12-23 17:15 - 2013-12-23 17:16 - 00000000 ____D C:\Users\PROVAZNIK\Desktop\Casino
2013-12-20 22:29 - 2013-12-20 22:30 - 00124928 _____ C:\Users\PROVAZNIK\Desktop\rozpis_2013-12-1_2013-12-31_930.xls
2013-12-20 13:37 - 2013-12-20 13:37 - 00091648 _____ C:\Users\PROVAZNIK\Desktop\BONDUELLE GASTRO DOHODA K PODPOŘE PRODEJE.xls
2013-12-19 15:05 - 2013-12-19 15:05 - 00117248 _____ C:\Users\PROVAZNIK\Desktop\HANMOV (3).xls
2013-12-18 17:45 - 2013-12-18 17:45 - 01782494 _____ C:\Users\PROVAZNIK\Desktop\Prodeje 1.1.-16.12.2013.rar
2013-12-18 17:45 - 2013-12-18 17:45 - 00115200 _____ C:\Users\PROVAZNIK\Desktop\HANMOV (2).xls
2013-12-18 17:42 - 2013-12-18 17:42 - 00012528 _____ C:\Users\PROVAZNIK\Desktop\Weekly report - logistics.xlsx
2013-12-17 19:07 - 2013-12-17 19:07 - 00031744 _____ C:\Users\PROVAZNIK\Desktop\ČEPOS TVC 1Q 2014 (2).xls
2013-12-17 19:07 - 2013-12-17 19:07 - 00031744 _____ C:\Users\PROVAZNIK\Desktop\ČEPOS TVC 1Q 2014 (1).xls
2013-12-17 18:07 - 2013-12-17 18:07 - 00013824 _____ C:\Users\PROVAZNIK\Desktop\JIP.xls
2013-12-17 18:06 - 2013-12-17 18:06 - 00013824 _____ C:\Users\PROVAZNIK\Desktop\Nuget.xls
2013-12-17 17:40 - 2013-12-17 17:40 - 00935004 _____ C:\Users\PROVAZNIK\Desktop\151213 CZK.zip
2013-12-17 17:37 - 2013-12-17 17:37 - 00114688 _____ C:\Users\PROVAZNIK\Desktop\HANMOV (1).xls
2013-12-17 17:37 - 2013-12-17 17:37 - 00033280 _____ C:\Users\PROVAZNIK\Desktop\Kratke zaruky Nagel CZ.xls
2013-12-16 21:10 - 2013-12-16 21:14 - 00035328 _____ C:\Users\PROVAZNIK\Desktop\formulář VO JIP-únor 2014.xls
2013-12-16 21:01 - 2013-12-16 21:07 - 00023040 _____ C:\Users\PROVAZNIK\Desktop\NABIDKA GASTRO 02 - 2014.xls
2013-12-16 20:37 - 2013-12-16 20:55 - 00031744 _____ C:\Users\PROVAZNIK\Desktop\ČEPOS TVC 1Q 2014.xls
2013-12-16 20:35 - 2013-12-16 20:35 - 01022464 _____ C:\Users\PROVAZNIK\Desktop\CZ Promo akce 2S 2013.xls
2013-12-16 19:13 - 2013-12-16 19:13 - 00114688 _____ C:\Users\PROVAZNIK\Desktop\HANMOV.xls
2013-12-15 15:37 - 2013-12-15 15:37 - 00093184 _____ C:\Users\PROVAZNIK\Desktop\BONDUELLE DOHODA K PODPOŘE PRODEJE.xls
2013-12-13 20:51 - 2013-12-13 20:52 - 00000000 ____D C:\Users\PROVAZNIK\Desktop\Plocha 3
2013-12-11 21:47 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 21:47 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 21:47 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 21:47 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 21:45 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 21:45 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 21:45 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 21:45 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 21:45 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 21:45 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 21:45 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 21:45 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 21:45 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 21:45 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 21:45 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 21:45 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 21:45 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 21:45 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 21:45 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 21:45 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 21:45 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 21:45 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 21:45 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 21:45 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 21:45 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 21:45 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 21:45 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 21:45 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 21:45 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 21:45 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 21:45 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 21:45 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 21:45 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 21:45 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 21:45 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 08:27 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 08:27 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 08:27 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 08:27 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 08:27 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 08:27 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 08:27 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 08:27 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 08:27 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 08:27 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 08:27 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 08:27 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 08:27 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 08:27 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 08:27 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 08:27 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 08:27 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 08:27 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 08:27 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 10:27 - 2013-12-10 10:27 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Local\{DD9DA259-4651-4468-B63E-9448E59BE186}
2013-12-09 19:03 - 2013-12-09 19:06 - 00013824 ___SH C:\Users\PROVAZNIK\Thumbs.db
2013-12-02 16:53 - 2013-12-02 16:53 - 00936960 _____ C:\Users\PROVAZNIK\Documents\CZ Promo akce 2S 2013 (1).xls
2013-11-30 10:50 - 2013-11-30 10:51 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Roaming\PSpad
2013-11-30 10:50 - 2013-11-30 10:50 - 00000980 _____ C:\Users\PROVAZNIK\Desktop\PSPad.lnk
2013-11-30 10:50 - 2013-11-30 10:50 - 00000000 ____D C:\Program Files (x86)\PSPad editor
2013-11-26 22:54 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 22:49 - 2013-11-26 22:49 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 22:49 - 2013-11-26 22:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 22:49 - 2013-11-26 22:49 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 22:49 - 2013-11-26 22:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 22:49 - 2013-11-26 22:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 22:49 - 2013-11-26 22:49 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 22:49 - 2013-11-26 22:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 22:48 - 2013-11-26 22:54 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-26 19:09 - 2013-11-26 19:09 - 00677888 _____ C:\Users\PROVAZNIK\Documents\CZ Promo akce 1S 2014.xls
==================== One Month Modified Files and Folders =======
2013-12-25 11:46 - 2013-12-25 11:33 - 00012132 _____ C:\Users\PROVAZNIK\Desktop\FRST.txt
2013-12-25 11:43 - 2011-11-16 04:46 - 01922069 _____ C:\Windows\WindowsUpdate.log
2013-12-25 11:41 - 2013-12-25 11:33 - 00029696 _____ C:\Users\PROVAZNIK\AppData\Local\MSGBOX.EXE
2013-12-25 11:40 - 2013-11-13 10:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-25 11:39 - 2013-12-25 01:02 - 95025368 ____T C:\ProgramData\lr8zwlie.fee
2013-12-25 11:39 - 2013-12-25 01:02 - 00000000 _____ C:\ProgramData\lr8zwlie.odd
2013-12-25 11:39 - 2009-07-14 06:08 - 00032520 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-25 11:39 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-25 11:38 - 2009-07-14 05:51 - 00099733 _____ C:\Windows\setupact.log
2013-12-25 11:33 - 2013-12-25 11:33 - 00000000 ____D C:\FRST
2013-12-25 11:31 - 2013-12-25 11:31 - 01928636 _____ (Farbar) C:\Users\PROVAZNIK\Desktop\FRST64.exe
2013-12-25 11:31 - 2013-12-25 11:31 - 00112640 _____ (forum.viry.cz) C:\Users\PROVAZNIK\Desktop\FRSTLauncher.exe
2013-12-25 11:22 - 2013-12-25 11:07 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2013-12-25 11:13 - 2013-11-13 10:16 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Local\Mozilla
2013-12-25 11:11 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-25 11:11 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-25 10:47 - 2013-12-25 10:46 - 00000000 ____D C:\ProgramData\MFAData
2013-12-25 10:46 - 2013-12-25 10:46 - 10806456 _____ C:\Users\PROVAZNIK\Desktop\avg_free.exe
2013-12-25 10:46 - 2013-12-25 10:46 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Local\MFAData
2013-12-25 10:46 - 2013-12-25 10:46 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Local\Avg2014
2013-12-25 10:35 - 2013-12-25 10:35 - 00233056 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\23870412.sys
2013-12-25 10:25 - 2013-12-25 10:20 - 00000000 ____D C:\AdwCleaner
2013-12-25 10:16 - 2013-12-25 10:16 - 00000336 ____H C:\Windows\Tasks\User_Feed_Synchronization-{50E91F72-66C7-471E-BC76-8E18D47F5018}.job
2013-12-25 10:13 - 2013-12-25 10:13 - 00819184 _____ (Google Inc.) C:\Users\PROVAZNIK\Desktop\ChromeSetup.exe
2013-12-25 01:13 - 2012-04-27 09:57 - 00004006 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{50E91F72-66C7-471E-BC76-8E18D47F5018}
2013-12-25 01:08 - 2013-08-18 17:02 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Roaming\vlc
2013-12-25 01:02 - 2013-12-25 01:02 - 00262656 ____N (http://tortoisesvn.net) C:\ProgramData\eilwz8rl.jss
2013-12-25 01:02 - 2013-12-25 01:02 - 00061024 ____T (Microsoft Corporation) C:\ProgramData\lr8zwlie.zvv
2013-12-25 01:02 - 2013-12-25 01:02 - 00000285 _____ C:\ProgramData\lr8zwlie.reg
2013-12-25 01:02 - 2013-12-25 01:02 - 00000000 ____D C:\Windows\Sun
2013-12-25 01:02 - 2012-04-27 09:57 - 00000000 ___RD C:\Users\PROVAZNIK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 00:55 - 2012-08-29 14:56 - 00000978 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000UA.job
2013-12-25 00:20 - 2013-11-13 10:19 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-24 22:26 - 2013-09-29 19:25 - 00000000 ____D C:\Users\PROVAZNIK\Desktop\BIGJ
2013-12-24 12:12 - 2013-08-29 10:08 - 00000000 ____D C:\Users\PROVAZNIK\Documents\Youcam
2013-12-24 11:36 - 2012-08-29 14:56 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000Core.job
2013-12-23 17:16 - 2013-12-23 17:15 - 00000000 ____D C:\Users\PROVAZNIK\Desktop\Casino
2013-12-23 17:16 - 2011-08-02 04:51 - 00634818 _____ C:\Windows\system32\perfh005.dat
2013-12-23 17:16 - 2011-08-02 04:51 - 00123376 _____ C:\Windows\system32\perfc005.dat
2013-12-23 17:16 - 2009-07-14 06:13 - 01478982 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-20 22:30 - 2013-12-20 22:29 - 00124928 _____ C:\Users\PROVAZNIK\Desktop\rozpis_2013-12-1_2013-12-31_930.xls
2013-12-20 15:02 - 2013-01-11 14:14 - 02903040 _____ C:\Users\PROVAZNIK\Documents\Doporučené ceny PP 2013.xls
2013-12-20 13:45 - 2013-01-07 16:10 - 00287232 _____ C:\Users\PROVAZNIK\Documents\Kniha jízd PP 2013.xls
2013-12-20 13:37 - 2013-12-20 13:37 - 00091648 _____ C:\Users\PROVAZNIK\Desktop\BONDUELLE GASTRO DOHODA K PODPOŘE PRODEJE.xls
2013-12-19 15:05 - 2013-12-19 15:05 - 00117248 _____ C:\Users\PROVAZNIK\Desktop\HANMOV (3).xls
2013-12-18 17:45 - 2013-12-18 17:45 - 01782494 _____ C:\Users\PROVAZNIK\Desktop\Prodeje 1.1.-16.12.2013.rar
2013-12-18 17:45 - 2013-12-18 17:45 - 00115200 _____ C:\Users\PROVAZNIK\Desktop\HANMOV (2).xls
2013-12-18 17:42 - 2013-12-18 17:42 - 00012528 _____ C:\Users\PROVAZNIK\Desktop\Weekly report - logistics.xlsx
2013-12-18 17:33 - 2012-04-27 08:54 - 00000000 ____D C:\Users\PROVAZNIK
2013-12-17 19:45 - 2012-04-27 13:01 - 01496946 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-17 19:07 - 2013-12-17 19:07 - 00031744 _____ C:\Users\PROVAZNIK\Desktop\ČEPOS TVC 1Q 2014 (2).xls
2013-12-17 19:07 - 2013-12-17 19:07 - 00031744 _____ C:\Users\PROVAZNIK\Desktop\ČEPOS TVC 1Q 2014 (1).xls
2013-12-17 18:07 - 2013-12-17 18:07 - 00013824 _____ C:\Users\PROVAZNIK\Desktop\JIP.xls
2013-12-17 18:06 - 2013-12-17 18:06 - 00013824 _____ C:\Users\PROVAZNIK\Desktop\Nuget.xls
2013-12-17 17:40 - 2013-12-17 17:40 - 00935004 _____ C:\Users\PROVAZNIK\Desktop\151213 CZK.zip
2013-12-17 17:37 - 2013-12-17 17:37 - 00114688 _____ C:\Users\PROVAZNIK\Desktop\HANMOV (1).xls
2013-12-17 17:37 - 2013-12-17 17:37 - 00033280 _____ C:\Users\PROVAZNIK\Desktop\Kratke zaruky Nagel CZ.xls
2013-12-16 21:14 - 2013-12-16 21:10 - 00035328 _____ C:\Users\PROVAZNIK\Desktop\formulář VO JIP-únor 2014.xls
2013-12-16 21:07 - 2013-12-16 21:01 - 00023040 _____ C:\Users\PROVAZNIK\Desktop\NABIDKA GASTRO 02 - 2014.xls
2013-12-16 20:55 - 2013-12-16 20:37 - 00031744 _____ C:\Users\PROVAZNIK\Desktop\ČEPOS TVC 1Q 2014.xls
2013-12-16 20:35 - 2013-12-16 20:35 - 01022464 _____ C:\Users\PROVAZNIK\Desktop\CZ Promo akce 2S 2013.xls
2013-12-16 19:13 - 2013-12-16 19:13 - 00114688 _____ C:\Users\PROVAZNIK\Desktop\HANMOV.xls
2013-12-15 23:10 - 2013-08-08 17:10 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 23:08 - 2012-04-27 10:59 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-15 15:37 - 2013-12-15 15:37 - 00093184 _____ C:\Users\PROVAZNIK\Desktop\BONDUELLE DOHODA K PODPOŘE PRODEJE.xls
2013-12-13 20:52 - 2013-12-13 20:51 - 00000000 ____D C:\Users\PROVAZNIK\Desktop\Plocha 3
2013-12-12 19:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-12 05:14 - 2012-04-27 09:57 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Roaming\Atheros
2013-12-12 05:14 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-12 05:14 - 2009-07-14 05:45 - 00299168 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 21:47 - 2009-07-14 03:34 - 00000499 _____ C:\Windows\win.ini
2013-12-11 19:15 - 2012-04-27 09:57 - 00000000 ____D C:\Users\PROVAZNIK\Documents\Bluetooth Folder
2013-12-10 20:20 - 2013-11-13 10:19 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 20:20 - 2013-11-13 10:19 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 20:20 - 2011-08-01 19:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 17:55 - 2013-11-18 17:28 - 00110080 _____ C:\Users\PROVAZNIK\Documents\obj.list _CZ.xls
2013-12-10 10:27 - 2013-12-10 10:27 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Local\{DD9DA259-4651-4468-B63E-9448E59BE186}
2013-12-09 19:06 - 2013-12-09 19:03 - 00013824 ___SH C:\Users\PROVAZNIK\Thumbs.db
2013-12-05 19:58 - 2012-08-29 14:56 - 00002393 _____ C:\Users\PROVAZNIK\Desktop\Google Chrome.lnk
2013-12-05 09:34 - 2010-11-21 04:47 - 00677894 _____ C:\Windows\PFRO.log
2013-12-04 19:53 - 2013-03-18 18:40 - 00000000 ____D C:\Users\PROVAZNIK\Documents\Ceníky
2013-12-03 19:49 - 2013-11-03 12:48 - 00000012 _____ C:\Users\PROVAZNIK\intlname.ols
2013-12-02 16:55 - 2013-01-03 09:24 - 00000000 ____D C:\Users\PROVAZNIK\Salesy
2013-12-02 16:53 - 2013-12-02 16:53 - 00936960 _____ C:\Users\PROVAZNIK\Documents\CZ Promo akce 2S 2013 (1).xls
2013-12-02 16:44 - 2013-10-19 11:06 - 00000000 ____D C:\Users\PROVAZNIK\Desktop\Plocha 2
2013-12-02 11:08 - 2013-03-01 11:49 - 00017408 _____ C:\Users\PROVAZNIK\Documents\Vyhodnocení veletrhů 2013.xls
2013-12-01 16:07 - 2013-01-02 10:56 - 00455680 _____ C:\Users\PROVAZNIK\Documents\Monthly planning PP 2013.xls
2013-12-01 15:12 - 2013-01-31 16:00 - 00142848 _____ C:\Users\PROVAZNIK\Documents\Sumarizace 2013.xls
2013-12-01 15:12 - 2013-01-11 13:42 - 00663040 _____ C:\Users\PROVAZNIK\Documents\Týdenní zpráva PP 2013.xls
2013-12-01 14:40 - 2013-01-31 17:21 - 00117760 _____ C:\Users\PROVAZNIK\Documents\Měsíční hlášení PP 2013.xls
2013-11-30 11:14 - 2013-01-30 17:42 - 00077824 _____ C:\Users\PROVAZNIK\Documents\Vyúčtování 2013.xls
2013-11-30 10:51 - 2013-11-30 10:50 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Roaming\PSpad
2013-11-30 10:50 - 2013-11-30 10:50 - 00000980 _____ C:\Users\PROVAZNIK\Desktop\PSPad.lnk
2013-11-30 10:50 - 2013-11-30 10:50 - 00000000 ____D C:\Program Files (x86)\PSPad editor
2013-11-30 10:50 - 2012-08-29 14:56 - 00003960 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000UA
2013-11-30 10:50 - 2012-08-29 14:56 - 00003564 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000Core
2013-11-27 07:57 - 2013-02-05 19:19 - 00020992 _____ C:\Users\PROVAZNIK\Documents\VO EXVERFOOD leden 14.xls
2013-11-27 07:35 - 2013-03-25 19:08 - 00023552 _____ C:\Users\PROVAZNIK\Documents\vzorky, zadanka OZ 09 2013.xls
2013-11-27 07:07 - 2012-04-27 09:57 - 00001397 _____ C:\Users\PROVAZNIK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-27 07:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 22:54 - 2013-11-26 22:48 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-26 22:49 - 2013-11-26 22:49 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 22:49 - 2013-11-26 22:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 22:49 - 2013-11-26 22:49 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 22:49 - 2013-11-26 22:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 22:49 - 2013-11-26 22:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 22:49 - 2013-11-26 22:49 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 22:49 - 2013-11-26 22:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 20:46 - 2013-11-03 11:37 - 00050688 _____ C:\Users\PROVAZNIK\Documents\Karty výrobků Bonduelle Vapeur.xls
2013-11-26 19:43 - 2013-01-02 15:04 - 00041472 _____ C:\Users\PROVAZNIK\Documents\Vyúčtování měsíčních výdajů marketing.xls
2013-11-26 19:09 - 2013-11-26 19:09 - 00677888 _____ C:\Users\PROVAZNIK\Documents\CZ Promo akce 1S 2014.xls
2013-11-26 12:54 - 2013-12-11 21:45 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 11:19 - 2013-12-11 21:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 11:18 - 2013-12-11 21:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 11:11 - 2013-12-11 21:45 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 10:48 - 2013-12-11 21:45 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 10:46 - 2013-12-11 21:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 10:41 - 2013-12-11 21:45 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 10:29 - 2013-12-11 21:45 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 10:27 - 2013-12-11 21:45 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 10:23 - 2013-12-11 21:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 10:21 - 2013-12-11 21:45 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 10:18 - 2013-12-11 21:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 10:18 - 2013-12-11 21:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 10:16 - 2013-12-11 21:45 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:57 - 2013-12-11 21:45 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-11 21:45 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 09:38 - 2013-12-11 21:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 09:35 - 2013-12-11 21:45 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:32 - 2013-12-11 21:45 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 09:28 - 2013-12-11 21:45 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 09:16 - 2013-12-11 21:45 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-11 21:45 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-11 21:45 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-11 21:45 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-11 21:45 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-11 21:45 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:40 - 2013-12-11 21:45 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-11 21:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-11 21:45 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-11 21:45 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-11 21:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
Files to move or delete:
====================
C:\ProgramData\lr8zwlie.reg
Some content of TEMP:
====================
C:\Users\PROVAZNIK\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\PROVAZNIK\AppData\Local\Temp\Quarantine.exe
C:\Users\PROVAZNIK\AppData\Local\Temp\SkypeSetup.exe
C:\Users\PROVAZNIK\AppData\Local\Temp\~tmf6898640504163085138.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
nevim no vic toho nevyjelo
Ran by PROVAZNIK (administrator) on PROVAZNIK-NTB on 25-12-2013 11:41:42
Running from C:\Users\PROVAZNIK\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
==================== Could not list processes ===============
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-11] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [932000 2011-06-14] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [795808 2011-06-14] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2919168 2011-11-22] (ESET)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [336440 2011-06-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [Google Update] - C:\Users\PROVAZNIK\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-29] (Google Inc.)
Startup: C:\Users\PROVAZNIK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lr8zwlie.lnk
ShortcutTarget: lr8zwlie.lnk -> C:\ProgramData\eilwz8rl.jss (http://tortoisesvn.net)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKLM - {E74ED302-D558-48AD-A72A-CB67D255110B} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKLM-x32 - {E74ED302-D558-48AD-A72A-CB67D255110B} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKCU - {E74ED302-D558-48AD-A72A-CB67D255110B} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\PROVAZNIK\AppData\Roaming\Mozilla\Firefox\Profiles\kzz0g3ip.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler - C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\PROVAZNIK\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\PROVAZNIK\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Users\PROVAZNIK\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\PROVAZNIK\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\PROVAZNIK\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\PROVAZNIK\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U3) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\PROVAZNIK\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\PROVAZNIK\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.5.10_0
CHR Extension: (Google Drive) - C:\Users\PROVAZNIK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Google Wallet) - C:\Users\PROVAZNIK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
==================== Services (Whitelisted) =================
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-06-14] (Atheros)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2011-11-22] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [814264 2011-11-22] (ESET)
S3 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-16] (Hewlett-Packard)
S2 Winmgmt; C:\ProgramData\lr8zwlie.zvv [61024 2013-12-25] (Microsoft Corporation)
S2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [x]
==================== Drivers (Whitelisted) ====================
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171152 2011-11-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2011-11-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [125296 2011-11-21] (ESET)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-25 11:33 - 2013-12-25 11:46 - 00012132 _____ C:\Users\PROVAZNIK\Desktop\FRST.txt
2013-12-25 11:33 - 2013-12-25 11:41 - 00029696 _____ C:\Users\PROVAZNIK\AppData\Local\MSGBOX.EXE
2013-12-25 11:33 - 2013-12-25 11:33 - 00000000 ____D C:\FRST
2013-12-25 11:31 - 2013-12-25 11:31 - 01928636 _____ (Farbar) C:\Users\PROVAZNIK\Desktop\FRST64.exe
2013-12-25 11:31 - 2013-12-25 11:31 - 00112640 _____ (forum.viry.cz) C:\Users\PROVAZNIK\Desktop\FRSTLauncher.exe
2013-12-25 11:07 - 2013-12-25 11:22 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2013-12-25 10:46 - 2013-12-25 10:47 - 00000000 ____D C:\ProgramData\MFAData
2013-12-25 10:46 - 2013-12-25 10:46 - 10806456 _____ C:\Users\PROVAZNIK\Desktop\avg_free.exe
2013-12-25 10:46 - 2013-12-25 10:46 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Local\MFAData
2013-12-25 10:46 - 2013-12-25 10:46 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Local\Avg2014
2013-12-25 10:42 - 2013-11-01 15:54 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\PROVAZNIK\Desktop\TDSSKiller.exe
2013-12-25 10:35 - 2013-12-25 10:35 - 00233056 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\23870412.sys
2013-12-25 10:20 - 2013-12-25 10:25 - 00000000 ____D C:\AdwCleaner
2013-12-25 10:16 - 2013-12-25 10:16 - 00000336 ____H C:\Windows\Tasks\User_Feed_Synchronization-{50E91F72-66C7-471E-BC76-8E18D47F5018}.job
2013-12-25 10:13 - 2013-12-25 10:13 - 00819184 _____ (Google Inc.) C:\Users\PROVAZNIK\Desktop\ChromeSetup.exe
2013-12-25 01:02 - 2013-12-25 11:39 - 95025368 ____T C:\ProgramData\lr8zwlie.fee
2013-12-25 01:02 - 2013-12-25 11:39 - 00000000 _____ C:\ProgramData\lr8zwlie.odd
2013-12-25 01:02 - 2013-12-25 01:02 - 00262656 ____N (http://tortoisesvn.net) C:\ProgramData\eilwz8rl.jss
2013-12-25 01:02 - 2013-12-25 01:02 - 00061024 ____T (Microsoft Corporation) C:\ProgramData\lr8zwlie.zvv
2013-12-25 01:02 - 2013-12-25 01:02 - 00000285 _____ C:\ProgramData\lr8zwlie.reg
2013-12-25 01:02 - 2013-12-25 01:02 - 00000000 ____D C:\Windows\Sun
2013-12-23 17:15 - 2013-12-23 17:16 - 00000000 ____D C:\Users\PROVAZNIK\Desktop\Casino
2013-12-20 22:29 - 2013-12-20 22:30 - 00124928 _____ C:\Users\PROVAZNIK\Desktop\rozpis_2013-12-1_2013-12-31_930.xls
2013-12-20 13:37 - 2013-12-20 13:37 - 00091648 _____ C:\Users\PROVAZNIK\Desktop\BONDUELLE GASTRO DOHODA K PODPOŘE PRODEJE.xls
2013-12-19 15:05 - 2013-12-19 15:05 - 00117248 _____ C:\Users\PROVAZNIK\Desktop\HANMOV (3).xls
2013-12-18 17:45 - 2013-12-18 17:45 - 01782494 _____ C:\Users\PROVAZNIK\Desktop\Prodeje 1.1.-16.12.2013.rar
2013-12-18 17:45 - 2013-12-18 17:45 - 00115200 _____ C:\Users\PROVAZNIK\Desktop\HANMOV (2).xls
2013-12-18 17:42 - 2013-12-18 17:42 - 00012528 _____ C:\Users\PROVAZNIK\Desktop\Weekly report - logistics.xlsx
2013-12-17 19:07 - 2013-12-17 19:07 - 00031744 _____ C:\Users\PROVAZNIK\Desktop\ČEPOS TVC 1Q 2014 (2).xls
2013-12-17 19:07 - 2013-12-17 19:07 - 00031744 _____ C:\Users\PROVAZNIK\Desktop\ČEPOS TVC 1Q 2014 (1).xls
2013-12-17 18:07 - 2013-12-17 18:07 - 00013824 _____ C:\Users\PROVAZNIK\Desktop\JIP.xls
2013-12-17 18:06 - 2013-12-17 18:06 - 00013824 _____ C:\Users\PROVAZNIK\Desktop\Nuget.xls
2013-12-17 17:40 - 2013-12-17 17:40 - 00935004 _____ C:\Users\PROVAZNIK\Desktop\151213 CZK.zip
2013-12-17 17:37 - 2013-12-17 17:37 - 00114688 _____ C:\Users\PROVAZNIK\Desktop\HANMOV (1).xls
2013-12-17 17:37 - 2013-12-17 17:37 - 00033280 _____ C:\Users\PROVAZNIK\Desktop\Kratke zaruky Nagel CZ.xls
2013-12-16 21:10 - 2013-12-16 21:14 - 00035328 _____ C:\Users\PROVAZNIK\Desktop\formulář VO JIP-únor 2014.xls
2013-12-16 21:01 - 2013-12-16 21:07 - 00023040 _____ C:\Users\PROVAZNIK\Desktop\NABIDKA GASTRO 02 - 2014.xls
2013-12-16 20:37 - 2013-12-16 20:55 - 00031744 _____ C:\Users\PROVAZNIK\Desktop\ČEPOS TVC 1Q 2014.xls
2013-12-16 20:35 - 2013-12-16 20:35 - 01022464 _____ C:\Users\PROVAZNIK\Desktop\CZ Promo akce 2S 2013.xls
2013-12-16 19:13 - 2013-12-16 19:13 - 00114688 _____ C:\Users\PROVAZNIK\Desktop\HANMOV.xls
2013-12-15 15:37 - 2013-12-15 15:37 - 00093184 _____ C:\Users\PROVAZNIK\Desktop\BONDUELLE DOHODA K PODPOŘE PRODEJE.xls
2013-12-13 20:51 - 2013-12-13 20:52 - 00000000 ____D C:\Users\PROVAZNIK\Desktop\Plocha 3
2013-12-11 21:47 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 21:47 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 21:47 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 21:47 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 21:45 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 21:45 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 21:45 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 21:45 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 21:45 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 21:45 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 21:45 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 21:45 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 21:45 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 21:45 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 21:45 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 21:45 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 21:45 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 21:45 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 21:45 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 21:45 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 21:45 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 21:45 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 21:45 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 21:45 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 21:45 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 21:45 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 21:45 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 21:45 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 21:45 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 21:45 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 21:45 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 21:45 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 21:45 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 21:45 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 21:45 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 08:27 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 08:27 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 08:27 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 08:27 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 08:27 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 08:27 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 08:27 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 08:27 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 08:27 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 08:27 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 08:27 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 08:27 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 08:27 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 08:27 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 08:27 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 08:27 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 08:27 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 08:27 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 08:27 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 10:27 - 2013-12-10 10:27 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Local\{DD9DA259-4651-4468-B63E-9448E59BE186}
2013-12-09 19:03 - 2013-12-09 19:06 - 00013824 ___SH C:\Users\PROVAZNIK\Thumbs.db
2013-12-02 16:53 - 2013-12-02 16:53 - 00936960 _____ C:\Users\PROVAZNIK\Documents\CZ Promo akce 2S 2013 (1).xls
2013-11-30 10:50 - 2013-11-30 10:51 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Roaming\PSpad
2013-11-30 10:50 - 2013-11-30 10:50 - 00000980 _____ C:\Users\PROVAZNIK\Desktop\PSPad.lnk
2013-11-30 10:50 - 2013-11-30 10:50 - 00000000 ____D C:\Program Files (x86)\PSPad editor
2013-11-26 22:54 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 22:49 - 2013-11-26 22:49 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 22:49 - 2013-11-26 22:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 22:49 - 2013-11-26 22:49 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 22:49 - 2013-11-26 22:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 22:49 - 2013-11-26 22:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 22:49 - 2013-11-26 22:49 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 22:49 - 2013-11-26 22:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 22:48 - 2013-11-26 22:54 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-26 19:09 - 2013-11-26 19:09 - 00677888 _____ C:\Users\PROVAZNIK\Documents\CZ Promo akce 1S 2014.xls
==================== One Month Modified Files and Folders =======
2013-12-25 11:46 - 2013-12-25 11:33 - 00012132 _____ C:\Users\PROVAZNIK\Desktop\FRST.txt
2013-12-25 11:43 - 2011-11-16 04:46 - 01922069 _____ C:\Windows\WindowsUpdate.log
2013-12-25 11:41 - 2013-12-25 11:33 - 00029696 _____ C:\Users\PROVAZNIK\AppData\Local\MSGBOX.EXE
2013-12-25 11:40 - 2013-11-13 10:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-25 11:39 - 2013-12-25 01:02 - 95025368 ____T C:\ProgramData\lr8zwlie.fee
2013-12-25 11:39 - 2013-12-25 01:02 - 00000000 _____ C:\ProgramData\lr8zwlie.odd
2013-12-25 11:39 - 2009-07-14 06:08 - 00032520 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-25 11:39 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-25 11:38 - 2009-07-14 05:51 - 00099733 _____ C:\Windows\setupact.log
2013-12-25 11:33 - 2013-12-25 11:33 - 00000000 ____D C:\FRST
2013-12-25 11:31 - 2013-12-25 11:31 - 01928636 _____ (Farbar) C:\Users\PROVAZNIK\Desktop\FRST64.exe
2013-12-25 11:31 - 2013-12-25 11:31 - 00112640 _____ (forum.viry.cz) C:\Users\PROVAZNIK\Desktop\FRSTLauncher.exe
2013-12-25 11:22 - 2013-12-25 11:07 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2013-12-25 11:13 - 2013-11-13 10:16 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Local\Mozilla
2013-12-25 11:11 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-25 11:11 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-25 10:47 - 2013-12-25 10:46 - 00000000 ____D C:\ProgramData\MFAData
2013-12-25 10:46 - 2013-12-25 10:46 - 10806456 _____ C:\Users\PROVAZNIK\Desktop\avg_free.exe
2013-12-25 10:46 - 2013-12-25 10:46 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Local\MFAData
2013-12-25 10:46 - 2013-12-25 10:46 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Local\Avg2014
2013-12-25 10:35 - 2013-12-25 10:35 - 00233056 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\23870412.sys
2013-12-25 10:25 - 2013-12-25 10:20 - 00000000 ____D C:\AdwCleaner
2013-12-25 10:16 - 2013-12-25 10:16 - 00000336 ____H C:\Windows\Tasks\User_Feed_Synchronization-{50E91F72-66C7-471E-BC76-8E18D47F5018}.job
2013-12-25 10:13 - 2013-12-25 10:13 - 00819184 _____ (Google Inc.) C:\Users\PROVAZNIK\Desktop\ChromeSetup.exe
2013-12-25 01:13 - 2012-04-27 09:57 - 00004006 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{50E91F72-66C7-471E-BC76-8E18D47F5018}
2013-12-25 01:08 - 2013-08-18 17:02 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Roaming\vlc
2013-12-25 01:02 - 2013-12-25 01:02 - 00262656 ____N (http://tortoisesvn.net) C:\ProgramData\eilwz8rl.jss
2013-12-25 01:02 - 2013-12-25 01:02 - 00061024 ____T (Microsoft Corporation) C:\ProgramData\lr8zwlie.zvv
2013-12-25 01:02 - 2013-12-25 01:02 - 00000285 _____ C:\ProgramData\lr8zwlie.reg
2013-12-25 01:02 - 2013-12-25 01:02 - 00000000 ____D C:\Windows\Sun
2013-12-25 01:02 - 2012-04-27 09:57 - 00000000 ___RD C:\Users\PROVAZNIK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 00:55 - 2012-08-29 14:56 - 00000978 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000UA.job
2013-12-25 00:20 - 2013-11-13 10:19 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-24 22:26 - 2013-09-29 19:25 - 00000000 ____D C:\Users\PROVAZNIK\Desktop\BIGJ
2013-12-24 12:12 - 2013-08-29 10:08 - 00000000 ____D C:\Users\PROVAZNIK\Documents\Youcam
2013-12-24 11:36 - 2012-08-29 14:56 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000Core.job
2013-12-23 17:16 - 2013-12-23 17:15 - 00000000 ____D C:\Users\PROVAZNIK\Desktop\Casino
2013-12-23 17:16 - 2011-08-02 04:51 - 00634818 _____ C:\Windows\system32\perfh005.dat
2013-12-23 17:16 - 2011-08-02 04:51 - 00123376 _____ C:\Windows\system32\perfc005.dat
2013-12-23 17:16 - 2009-07-14 06:13 - 01478982 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-20 22:30 - 2013-12-20 22:29 - 00124928 _____ C:\Users\PROVAZNIK\Desktop\rozpis_2013-12-1_2013-12-31_930.xls
2013-12-20 15:02 - 2013-01-11 14:14 - 02903040 _____ C:\Users\PROVAZNIK\Documents\Doporučené ceny PP 2013.xls
2013-12-20 13:45 - 2013-01-07 16:10 - 00287232 _____ C:\Users\PROVAZNIK\Documents\Kniha jízd PP 2013.xls
2013-12-20 13:37 - 2013-12-20 13:37 - 00091648 _____ C:\Users\PROVAZNIK\Desktop\BONDUELLE GASTRO DOHODA K PODPOŘE PRODEJE.xls
2013-12-19 15:05 - 2013-12-19 15:05 - 00117248 _____ C:\Users\PROVAZNIK\Desktop\HANMOV (3).xls
2013-12-18 17:45 - 2013-12-18 17:45 - 01782494 _____ C:\Users\PROVAZNIK\Desktop\Prodeje 1.1.-16.12.2013.rar
2013-12-18 17:45 - 2013-12-18 17:45 - 00115200 _____ C:\Users\PROVAZNIK\Desktop\HANMOV (2).xls
2013-12-18 17:42 - 2013-12-18 17:42 - 00012528 _____ C:\Users\PROVAZNIK\Desktop\Weekly report - logistics.xlsx
2013-12-18 17:33 - 2012-04-27 08:54 - 00000000 ____D C:\Users\PROVAZNIK
2013-12-17 19:45 - 2012-04-27 13:01 - 01496946 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-17 19:07 - 2013-12-17 19:07 - 00031744 _____ C:\Users\PROVAZNIK\Desktop\ČEPOS TVC 1Q 2014 (2).xls
2013-12-17 19:07 - 2013-12-17 19:07 - 00031744 _____ C:\Users\PROVAZNIK\Desktop\ČEPOS TVC 1Q 2014 (1).xls
2013-12-17 18:07 - 2013-12-17 18:07 - 00013824 _____ C:\Users\PROVAZNIK\Desktop\JIP.xls
2013-12-17 18:06 - 2013-12-17 18:06 - 00013824 _____ C:\Users\PROVAZNIK\Desktop\Nuget.xls
2013-12-17 17:40 - 2013-12-17 17:40 - 00935004 _____ C:\Users\PROVAZNIK\Desktop\151213 CZK.zip
2013-12-17 17:37 - 2013-12-17 17:37 - 00114688 _____ C:\Users\PROVAZNIK\Desktop\HANMOV (1).xls
2013-12-17 17:37 - 2013-12-17 17:37 - 00033280 _____ C:\Users\PROVAZNIK\Desktop\Kratke zaruky Nagel CZ.xls
2013-12-16 21:14 - 2013-12-16 21:10 - 00035328 _____ C:\Users\PROVAZNIK\Desktop\formulář VO JIP-únor 2014.xls
2013-12-16 21:07 - 2013-12-16 21:01 - 00023040 _____ C:\Users\PROVAZNIK\Desktop\NABIDKA GASTRO 02 - 2014.xls
2013-12-16 20:55 - 2013-12-16 20:37 - 00031744 _____ C:\Users\PROVAZNIK\Desktop\ČEPOS TVC 1Q 2014.xls
2013-12-16 20:35 - 2013-12-16 20:35 - 01022464 _____ C:\Users\PROVAZNIK\Desktop\CZ Promo akce 2S 2013.xls
2013-12-16 19:13 - 2013-12-16 19:13 - 00114688 _____ C:\Users\PROVAZNIK\Desktop\HANMOV.xls
2013-12-15 23:10 - 2013-08-08 17:10 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 23:08 - 2012-04-27 10:59 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-15 15:37 - 2013-12-15 15:37 - 00093184 _____ C:\Users\PROVAZNIK\Desktop\BONDUELLE DOHODA K PODPOŘE PRODEJE.xls
2013-12-13 20:52 - 2013-12-13 20:51 - 00000000 ____D C:\Users\PROVAZNIK\Desktop\Plocha 3
2013-12-12 19:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-12 05:14 - 2012-04-27 09:57 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Roaming\Atheros
2013-12-12 05:14 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-12 05:14 - 2009-07-14 05:45 - 00299168 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 21:47 - 2009-07-14 03:34 - 00000499 _____ C:\Windows\win.ini
2013-12-11 19:15 - 2012-04-27 09:57 - 00000000 ____D C:\Users\PROVAZNIK\Documents\Bluetooth Folder
2013-12-10 20:20 - 2013-11-13 10:19 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 20:20 - 2013-11-13 10:19 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 20:20 - 2011-08-01 19:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 17:55 - 2013-11-18 17:28 - 00110080 _____ C:\Users\PROVAZNIK\Documents\obj.list _CZ.xls
2013-12-10 10:27 - 2013-12-10 10:27 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Local\{DD9DA259-4651-4468-B63E-9448E59BE186}
2013-12-09 19:06 - 2013-12-09 19:03 - 00013824 ___SH C:\Users\PROVAZNIK\Thumbs.db
2013-12-05 19:58 - 2012-08-29 14:56 - 00002393 _____ C:\Users\PROVAZNIK\Desktop\Google Chrome.lnk
2013-12-05 09:34 - 2010-11-21 04:47 - 00677894 _____ C:\Windows\PFRO.log
2013-12-04 19:53 - 2013-03-18 18:40 - 00000000 ____D C:\Users\PROVAZNIK\Documents\Ceníky
2013-12-03 19:49 - 2013-11-03 12:48 - 00000012 _____ C:\Users\PROVAZNIK\intlname.ols
2013-12-02 16:55 - 2013-01-03 09:24 - 00000000 ____D C:\Users\PROVAZNIK\Salesy
2013-12-02 16:53 - 2013-12-02 16:53 - 00936960 _____ C:\Users\PROVAZNIK\Documents\CZ Promo akce 2S 2013 (1).xls
2013-12-02 16:44 - 2013-10-19 11:06 - 00000000 ____D C:\Users\PROVAZNIK\Desktop\Plocha 2
2013-12-02 11:08 - 2013-03-01 11:49 - 00017408 _____ C:\Users\PROVAZNIK\Documents\Vyhodnocení veletrhů 2013.xls
2013-12-01 16:07 - 2013-01-02 10:56 - 00455680 _____ C:\Users\PROVAZNIK\Documents\Monthly planning PP 2013.xls
2013-12-01 15:12 - 2013-01-31 16:00 - 00142848 _____ C:\Users\PROVAZNIK\Documents\Sumarizace 2013.xls
2013-12-01 15:12 - 2013-01-11 13:42 - 00663040 _____ C:\Users\PROVAZNIK\Documents\Týdenní zpráva PP 2013.xls
2013-12-01 14:40 - 2013-01-31 17:21 - 00117760 _____ C:\Users\PROVAZNIK\Documents\Měsíční hlášení PP 2013.xls
2013-11-30 11:14 - 2013-01-30 17:42 - 00077824 _____ C:\Users\PROVAZNIK\Documents\Vyúčtování 2013.xls
2013-11-30 10:51 - 2013-11-30 10:50 - 00000000 ____D C:\Users\PROVAZNIK\AppData\Roaming\PSpad
2013-11-30 10:50 - 2013-11-30 10:50 - 00000980 _____ C:\Users\PROVAZNIK\Desktop\PSPad.lnk
2013-11-30 10:50 - 2013-11-30 10:50 - 00000000 ____D C:\Program Files (x86)\PSPad editor
2013-11-30 10:50 - 2012-08-29 14:56 - 00003960 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000UA
2013-11-30 10:50 - 2012-08-29 14:56 - 00003564 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000Core
2013-11-27 07:57 - 2013-02-05 19:19 - 00020992 _____ C:\Users\PROVAZNIK\Documents\VO EXVERFOOD leden 14.xls
2013-11-27 07:35 - 2013-03-25 19:08 - 00023552 _____ C:\Users\PROVAZNIK\Documents\vzorky, zadanka OZ 09 2013.xls
2013-11-27 07:07 - 2012-04-27 09:57 - 00001397 _____ C:\Users\PROVAZNIK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-27 07:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 22:54 - 2013-11-26 22:48 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-26 22:49 - 2013-11-26 22:49 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 22:49 - 2013-11-26 22:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 22:49 - 2013-11-26 22:49 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 22:49 - 2013-11-26 22:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 22:49 - 2013-11-26 22:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 22:49 - 2013-11-26 22:49 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 22:49 - 2013-11-26 22:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 22:49 - 2013-11-26 22:49 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 22:49 - 2013-11-26 22:49 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 20:46 - 2013-11-03 11:37 - 00050688 _____ C:\Users\PROVAZNIK\Documents\Karty výrobků Bonduelle Vapeur.xls
2013-11-26 19:43 - 2013-01-02 15:04 - 00041472 _____ C:\Users\PROVAZNIK\Documents\Vyúčtování měsíčních výdajů marketing.xls
2013-11-26 19:09 - 2013-11-26 19:09 - 00677888 _____ C:\Users\PROVAZNIK\Documents\CZ Promo akce 1S 2014.xls
2013-11-26 12:54 - 2013-12-11 21:45 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 11:19 - 2013-12-11 21:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 11:18 - 2013-12-11 21:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 11:11 - 2013-12-11 21:45 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 10:48 - 2013-12-11 21:45 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 10:46 - 2013-12-11 21:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 10:41 - 2013-12-11 21:45 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 10:29 - 2013-12-11 21:45 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 10:27 - 2013-12-11 21:45 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 10:23 - 2013-12-11 21:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 10:21 - 2013-12-11 21:45 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 10:18 - 2013-12-11 21:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 10:18 - 2013-12-11 21:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 10:16 - 2013-12-11 21:45 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:57 - 2013-12-11 21:45 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-11 21:45 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 09:38 - 2013-12-11 21:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 09:35 - 2013-12-11 21:45 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:32 - 2013-12-11 21:45 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 09:28 - 2013-12-11 21:45 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 09:16 - 2013-12-11 21:45 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-11 21:45 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-11 21:45 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-11 21:45 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-11 21:45 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-11 21:45 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:40 - 2013-12-11 21:45 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-11 21:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-11 21:45 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-11 21:45 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-11 21:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
Files to move or delete:
====================
C:\ProgramData\lr8zwlie.reg
Some content of TEMP:
====================
C:\Users\PROVAZNIK\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\PROVAZNIK\AppData\Local\Temp\Quarantine.exe
C:\Users\PROVAZNIK\AppData\Local\Temp\SkypeSetup.exe
C:\Users\PROVAZNIK\AppData\Local\Temp\~tmf6898640504163085138.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
nevim no vic toho nevyjelo
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Trojan
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Pak znovu spusťte FRST a klikněte na >Fix<. Zkopírujte sem pak log, který se na závěr vytvoří.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] - [x]
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
C:\ProgramData\lr8zwlie.fee
C:\ProgramData\lr8zwlie.odd
C:\ProgramData\eilwz8rl.jss
C:\ProgramData\lr8zwlie.zvv
C:\ProgramData\lr8zwlie.reg
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000Core.job
C:\Users\PROVAZNIK\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Trojan
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-12-2013 01
Ran by PROVAZNIK at 2013-12-25 12:49:55 Run:1
Running from C:\Users\PROVAZNIK\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] - [x]
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
C:\ProgramData\lr8zwlie.fee
C:\ProgramData\lr8zwlie.odd
C:\ProgramData\eilwz8rl.jss
C:\ProgramData\lr8zwlie.zvv
C:\ProgramData\lr8zwlie.reg
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000Core.job
C:\Users\PROVAZNIK\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} => Key deleted successfully.
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} => Key deleted successfully.
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
HKCR\PROTOCOLS\Filter\text/xml => Key deleted successfully.
HKCR\CLSID\{807553E5-5146-11D5-A672-00B0D022E945} => Key not found.
C:\ProgramData\lr8zwlie.fee => Moved successfully.
Could not move "C:\ProgramData\lr8zwlie.odd" => Scheduled to move on reboot.
C:\ProgramData\eilwz8rl.jss => Moved successfully.
C:\ProgramData\lr8zwlie.zvv => Moved successfully.
C:\ProgramData\lr8zwlie.reg => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000Core.job => Moved successfully.
"C:\Users\PROVAZNIK\AppData\Local\Temp" directory move:
C:\Users\PROVAZNIK\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\AdobeARM_NotLocked.log => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\AdobeSFX.log => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\ads000 => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\au-descriptor-1.7.0_45-b18.xml => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\AUCHECK_PARSER.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\avginfo.id => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_clwireg.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_dotNetFx40LP_Client_x86_x64cs_decompression_log.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_dotNetFx40_Client_x86_x64_decompression_log.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_NDP40-KB2468871-v2-x64_decompression_log.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_SetupUtility.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_vcredistMSI650C.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_vcredistMSI65DA.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_vcredistUI650C.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_vcredistUI65DA.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\DMI29F0.tmp => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\DMI3151.tmp => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\DMIAF33.tmp => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\DMICFB1.tmp => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\DMIFCE5.tmp => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\Donate.ico => Moved successfully.
Could not move "C:\Users\PROVAZNIK\AppData\Local\Temp\eilwz8rl.jss" => Scheduled to move on reboot.
C:\Users\PROVAZNIK\AppData\Local\Temp\EvernoteSetup.log => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\fp_pl_pfs_installer.exe => Moved successfully.
Ran by PROVAZNIK at 2013-12-25 12:49:55 Run:1
Running from C:\Users\PROVAZNIK\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [] - [x]
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CPNTDF
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
C:\ProgramData\lr8zwlie.fee
C:\ProgramData\lr8zwlie.odd
C:\ProgramData\eilwz8rl.jss
C:\ProgramData\lr8zwlie.zvv
C:\ProgramData\lr8zwlie.reg
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000Core.job
C:\Users\PROVAZNIK\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} => Key deleted successfully.
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} => Key deleted successfully.
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
HKCR\PROTOCOLS\Filter\text/xml => Key deleted successfully.
HKCR\CLSID\{807553E5-5146-11D5-A672-00B0D022E945} => Key not found.
C:\ProgramData\lr8zwlie.fee => Moved successfully.
Could not move "C:\ProgramData\lr8zwlie.odd" => Scheduled to move on reboot.
C:\ProgramData\eilwz8rl.jss => Moved successfully.
C:\ProgramData\lr8zwlie.zvv => Moved successfully.
C:\ProgramData\lr8zwlie.reg => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2883749526-2552249446-2298560133-1000Core.job => Moved successfully.
"C:\Users\PROVAZNIK\AppData\Local\Temp" directory move:
C:\Users\PROVAZNIK\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\AdobeARM_NotLocked.log => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\AdobeSFX.log => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\ads000 => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\au-descriptor-1.7.0_45-b18.xml => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\AUCHECK_PARSER.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\avginfo.id => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_clwireg.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_dotNetFx40LP_Client_x86_x64cs_decompression_log.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_dotNetFx40_Client_x86_x64_decompression_log.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_NDP40-KB2468871-v2-x64_decompression_log.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_SetupUtility.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_vcredistMSI650C.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_vcredistMSI65DA.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_vcredistUI650C.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\dd_vcredistUI65DA.txt => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\DMI29F0.tmp => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\DMI3151.tmp => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\DMIAF33.tmp => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\DMICFB1.tmp => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\DMIFCE5.tmp => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\Donate.ico => Moved successfully.
Could not move "C:\Users\PROVAZNIK\AppData\Local\Temp\eilwz8rl.jss" => Scheduled to move on reboot.
C:\Users\PROVAZNIK\AppData\Local\Temp\EvernoteSetup.log => Moved successfully.
C:\Users\PROVAZNIK\AppData\Local\Temp\fp_pl_pfs_installer.exe => Moved successfully.
Re: Trojan
Uz to fachci...eset zahlasil ze to odstranil. Neskutecne diky moc. Vsechno co to delalo, problikavani chromu, vse zpomaleny, vsechno pryc..diky moc!!!!
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Trojan
Ano, vše smazáno. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?