Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Virus? Phishing

http://www.hoax.cz

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zpráva
Autor
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Virus? Phishing

#16 Příspěvek od Márty84 »

:arrow: Nalezy nechte odstranit.


:arrow: Dejte nove logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

šárka009
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 14 zář 2015 18:13

Re: Virus? Phishing

#17 Příspěvek od šárka009 »

2014-02-13 17:37 - 2015-09-07 14:38 - 0028160 _____ () C:\Users\Šárka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-01 19:33 - 2015-09-01 19:33 - 0022335 _____ () C:\Users\Šárka\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
C:\Users\Šárka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpug_po3.dll
C:\Users\Šárka\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-22 19:15

==================== End of FRST.txt ============================

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Virus? Phishing

#18 Příspěvek od Márty84 »

No ale chtelo by to cely log, ne jen par radku :-)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

šárka009
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 14 zář 2015 18:13

Re: Virus? Phishing

#19 Příspěvek od šárka009 »

to je celý, tam nic jinýho v tom souboru po tom skenu nebylo, ani mi to nevyplivlo 2 soubory jako minule

šárka009
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 14 zář 2015 18:13

Re: Virus? Phishing

#20 Příspěvek od šárka009 »

tak to byl asi nějakej momentální error :D tady je to ze dneška

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
Ran by Šárka (administrator) on SARKA (24-09-2015 17:02:46)
Running from C:\Users\Šárka\Desktop
Loaded Profiles: Šárka (Available Profiles: Šárka)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
() C:\Genius\ioTablet\TabletService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Genius\ioTablet\gTabletTask.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Genius\ioTablet\gTabTaskBar.exe
() C:\Genius\ioTablet\gIoTabletFunMgm.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\Camera\Camera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-02-26] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285832 2013-01-02] (Intel Corporation)
HKLM-x32\...\Run: [CLWCSM] => c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [249096 2013-02-20] (cyberlink)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [13685464 2013-03-06] (Hewlett-Packard)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-02-01] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-02-01] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-11-21] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493088 2012-11-21] (CyberLink Corp.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Users\Šárka\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ioTablet] => C:\Genius\ioTablet\gTabTaskBar.exe [47104 2012-03-23] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [74752 2015-09-02] ()
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [KiesPreload] => C:\Users\Šárka\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [] => C:\Users\Šárka\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-04-23] (Samsung)
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [Facebook Update] => C:\Users\Šárka\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-11-17] (Facebook Inc.)
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372400 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{A96A42E2-9938-4758-9293-B80F5B7F9B8D}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{B374ED45-6B1B-4D3F-A874-5AAA37C323CF}: [DhcpNameServer] 192.168.10.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2013-03-06] (Hewlett-Packard)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-28] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2668706247-16778440-3606748346-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Šárka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "chrome://tukan/"
CHR Profile: C:\Users\Šárka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Šárka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-30]
CHR Extension: (Dokumenty Google) - C:\Users\Šárka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-30]
CHR Extension: (Disk Google) - C:\Users\Šárka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-30]
CHR Extension: (YouTube) - C:\Users\Šárka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Šárka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-30]
CHR Extension: (Tabulky Google) - C:\Users\Šárka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Šárka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-08]
CHR Extension: (AdBlock) - C:\Users\Šárka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-30]
CHR Extension: (Adblock Super) - C:\Users\Šárka\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-05-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Šárka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-30]
CHR Extension: (Gmail) - C:\Users\Šárka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-30]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-21] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-21] (Dropbox, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [556856 2013-03-04] (Hewlett-Packard Company)
S3 HotSpotSrv; C:\Program Files (x86)\Hewlett-Packard\HP Wireless Hotspot\HotSpotSrv.exe [372920 2013-09-18] (Hewlett-Packard Development Company, L.P.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2015-03-03] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-22] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-15] (Electronic Arts)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-02-26] (IDT, Inc.) [File not signed]
R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2921520 2013-04-09] (Samsung Electronics CO., LTD.)
R2 TabletService; C:\Genius\ioTablet\TabletService.exe [25600 2012-02-06] () [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-18] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 clwcsm; C:\Windows\system32\DRIVERS\clwcsm.sys [42944 2013-02-19] (CyberLink Corporation)
S3 DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [65752 2013-02-18] (Hewlett-Packard Company)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 HpqKbFiltr; C:\Windows\System32\drivers\HpqKbFiltr64.sys [28376 2014-05-15] (Hewlett-Packard Company)
R3 ioFakDrv; C:\Windows\System32\drivers\ioFakDrv.sys [23936 2010-12-15] (KYE System Corp.)
R3 ioFakMap; C:\Windows\System32\drivers\ioFakMap.sys [12672 2010-12-15] (KYE System Corp.)
S3 ioTablet; C:\Windows\System32\drivers\ioTablet.sys [35328 2012-04-05] (KYE System Corp.)
S3 ioTblMap; C:\Windows\System32\drivers\ioTblMap.sys [13200 2011-08-25] (KYE System Corp.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-03-18] (WinMagic, Inc.)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1205872 2015-09-08] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [212672 2013-03-27] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131928 2013-01-07] (WinMagic Inc.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-01-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1446904 2013-02-22] (Sunplus)
S3 ssudobex; C:\Windows\system32\DRIVERS\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-02-08] (Hewlett-Packard Development Company, L.P.)
S3 BtAudioBusSrv; \SystemRoot\System32\Drivers\BtAudioBus.sys [X]
S3 BthL2caScoIfSrv; \SystemRoot\System32\Drivers\BtL2caScoIf.sys [X]
S3 btUrbFilterDrv; \SystemRoot\System32\Drivers\IvtUrbBtFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-23 19:13 - 2015-09-23 19:13 - 00000000 ____D C:\Users\Šárka\Desktop\FRST-OlderVersion
2015-09-23 00:20 - 2015-09-23 00:21 - 00443392 _____ C:\Users\Šárka\Desktop\VY_32_INOVACE_MAT_NO_2_04.ppt
2015-09-22 20:57 - 2015-09-22 20:57 - 00001648 _____ C:\Users\Šárka\Desktop\mam.txt
2015-09-22 17:32 - 2015-09-23 19:11 - 00000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForŠárka.job
2015-09-22 17:32 - 2015-09-22 17:32 - 00003158 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForŠárka
2015-09-22 15:18 - 2015-09-23 19:11 - 00021600 _____ C:\WINDOWS\PFRO.log
2015-09-22 15:15 - 2015-09-22 15:15 - 00012943 _____ C:\l.txt
2015-09-22 07:41 - 2015-09-22 07:41 - 00012945 _____ C:\Users\Šárka\Desktop\mal.txt
2015-09-21 20:42 - 2015-09-22 15:22 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-21 20:42 - 2015-09-21 20:42 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-21 20:42 - 2015-09-21 20:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-21 20:42 - 2015-09-21 20:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-21 20:42 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-21 20:42 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-21 20:42 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-21 20:41 - 2015-09-21 20:41 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Šárka\Desktop\mbam-setup-2.1.8.1057.exe
2015-09-21 20:27 - 2015-09-23 19:11 - 00000231 _____ C:\WINDOWS\setupact.log
2015-09-21 20:27 - 2015-09-21 20:27 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-21 20:24 - 2015-09-21 20:25 - 01662976 _____ C:\Users\Šárka\Desktop\adwcleaner_5.008.exe
2015-09-20 21:39 - 2015-09-20 21:40 - 00036829 _____ C:\Users\Šárka\Desktop\Addition.txt
2015-09-20 21:38 - 2015-09-24 17:02 - 00023470 _____ C:\Users\Šárka\Desktop\FRST.txt
2015-09-20 21:38 - 2015-09-24 17:02 - 00000000 ____D C:\FRST
2015-09-18 20:57 - 2015-09-23 19:13 - 02192384 _____ (Farbar) C:\Users\Šárka\Desktop\FRST64.exe
2015-09-14 13:53 - 2015-09-14 13:53 - 01660416 _____ C:\Users\Šárka\Desktop\adwcleaner_5.007.exe
2015-09-13 21:11 - 2015-09-13 21:11 - 00000000 ____D C:\Users\Šárka\AppData\Local\{19CE6C67-1A21-48D2-BCD0-5C171F8FD1B9}
2015-09-11 16:47 - 2015-09-11 16:47 - 00000000 ____D C:\Users\Šárka\AppData\Local\{A23F7EC8-FFB8-47DF-951F-2C22403DFB4C}
2015-09-11 16:47 - 2015-09-11 16:47 - 00000000 ____D C:\Users\Šárka\AppData\Local\{0F328DDF-4BEB-46C9-BDC5-218F8CA17057}
2015-09-11 15:24 - 2015-09-11 15:24 - 00000000 ____D C:\Users\Šárka\AppData\Local\GWX
2015-09-11 01:12 - 2015-09-11 01:12 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-10 22:47 - 2015-09-10 22:56 - 00000000 ____D C:\Users\Šárka\Desktop\Nová složka
2015-09-09 23:37 - 2015-09-09 23:37 - 00000000 ____D C:\Users\Šárka\AppData\Local\{67A739BC-1063-4749-BB43-351E9FADA852}
2015-09-09 17:35 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-09 17:35 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-09 17:35 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-09 17:35 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-09 17:35 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-09 17:35 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-09 17:35 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-09 17:35 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-09 17:35 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-09 17:35 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-09 17:35 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-09 17:35 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-09 17:35 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-09 17:35 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-09 17:35 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-09 17:35 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-09 17:35 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 17:35 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 17:35 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 17:35 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-09 17:35 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 17:35 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-09 17:35 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-09 17:35 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 17:35 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-09 17:35 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-09 17:35 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-09 17:35 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-09 17:35 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-09 17:35 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 17:35 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-09 17:35 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-09 17:35 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-09 17:35 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-09 17:35 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 17:35 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 17:35 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 17:35 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 17:35 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-09 17:35 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-09 17:35 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 17:35 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 17:35 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 17:35 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 17:35 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-09 17:35 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-09 17:35 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-09 17:35 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-09 17:35 - 2015-07-10 21:06 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-09-09 17:35 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-09 17:35 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-09 17:35 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-09 17:35 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-09 17:35 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-09 17:34 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-09 17:34 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 17:34 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 17:34 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 17:34 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 17:34 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 17:34 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 17:34 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 17:34 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 17:34 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-09 17:34 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 17:34 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-09 17:34 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-09 17:34 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-09 17:34 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-09 17:34 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-09 17:34 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-09 17:34 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-09 17:34 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-09 17:34 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-09 17:34 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-09 17:34 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-09 17:34 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-09 17:34 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-09 17:34 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-09 17:34 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-08 23:27 - 2015-09-08 23:27 - 00026624 _____ C:\Users\Šárka\Desktop\Seznam-20-lit.-děl-k-maturitě.xls
2015-09-08 21:36 - 2015-09-13 21:16 - 00000000 ____D C:\Users\Šárka\Desktop\finální
2015-09-08 20:06 - 2015-09-08 20:07 - 00000000 ____D C:\Users\Šárka\AppData\Local\{764462DF-3B09-46AB-9232-E8C9070E050F}
2015-09-08 18:38 - 2015-09-08 18:38 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-09-08 18:38 - 2015-09-08 18:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-09-08 18:29 - 2015-09-08 18:29 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-09-08 18:29 - 2015-09-08 18:29 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-09-08 18:08 - 2015-09-08 18:08 - 00000000 ____D C:\Program Files (x86)\Ralink Corporation
2015-09-08 18:08 - 2015-09-08 18:03 - 00382288 _____ C:\WINDOWS\system32\Drivers\FW7650.bin
2015-09-08 18:03 - 2015-09-08 18:03 - 01205872 _____ (Ralink Technology, Corp.) C:\WINDOWS\system32\Drivers\rtbth.sys
2015-09-08 18:03 - 2015-09-08 18:03 - 00040958 _____ C:\WINDOWS\system32\Drivers\rt3298.bin
2015-09-07 19:50 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-09-07 19:50 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-09-07 19:50 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-09-07 19:50 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-09-07 19:50 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-09-07 19:50 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-09-07 19:50 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-09-07 19:50 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-09-07 19:50 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-09-07 19:50 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-09-07 19:50 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-09-07 19:50 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-09-07 19:50 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-09-07 19:50 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-09-07 19:49 - 2015-05-11 20:17 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-07 19:49 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-09-07 19:49 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-09-07 19:49 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-09-07 19:49 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-09-07 19:49 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-09-07 19:49 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-09-07 19:49 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-09-07 19:49 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-09-07 19:49 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-09-07 19:49 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-09-07 19:49 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-09-07 19:49 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-09-07 19:49 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-07 19:49 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-09-07 19:49 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-09-07 19:49 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-09-07 19:49 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-09-07 19:49 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-09-07 19:49 - 2014-11-10 04:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-09-07 19:49 - 2014-11-10 03:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-09-07 19:48 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-09-07 19:48 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-09-07 19:48 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-09-07 19:48 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-09-07 19:48 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-09-07 19:48 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-09-07 19:48 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-07 19:48 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-07 19:48 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-09-07 19:48 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-09-07 19:48 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-09-07 19:48 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-09-07 19:48 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-09-07 19:48 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-09-07 19:48 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-07 19:48 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-07 19:48 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-09-07 19:48 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-09-07 19:48 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-09-07 19:48 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-09-07 19:48 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-09-07 19:48 - 2014-12-19 10:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-09-07 19:48 - 2014-12-19 10:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-09-07 19:48 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-09-07 19:48 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-09-07 19:48 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-09-07 19:48 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-09-07 19:48 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-09-07 19:48 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-09-07 19:48 - 2014-10-31 01:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-09-07 19:48 - 2014-10-31 01:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-09-07 19:48 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2015-09-07 19:48 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2015-09-07 19:48 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2015-09-07 19:48 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2015-09-07 19:47 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-07 19:47 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-07 19:47 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-09-07 19:47 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-07 19:47 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-07 19:47 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-09-07 19:47 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-09-07 19:47 - 2015-04-28 15:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-09-07 19:47 - 2015-04-28 15:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls
2015-09-07 19:47 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-09-07 19:47 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-09-07 19:47 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-09-07 19:47 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-09-07 19:47 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-09-07 19:47 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-09-07 19:47 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-09-07 19:47 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-09-07 19:47 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-09-07 19:47 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-09-07 19:47 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-09-07 19:47 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-09-07 19:47 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-09-07 19:47 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-09-07 19:47 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-09-07 19:47 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-09-07 19:47 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-09-07 19:47 - 2015-01-19 20:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-09-07 19:46 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-09-07 19:46 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-09-07 19:46 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2015-09-07 19:46 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-09-07 19:46 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-09-07 19:46 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-09-07 19:46 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-09-07 19:46 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-09-07 19:46 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-09-07 19:46 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-09-07 19:46 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-09-07 19:46 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-09-07 19:46 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-09-07 19:46 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-09-07 19:46 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-09-07 19:46 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-09-07 19:46 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-09-07 19:46 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-09-07 19:46 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-09-07 19:46 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-09-07 19:46 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-09-07 19:46 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-09-07 19:46 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-09-07 19:46 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-09-07 19:46 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-09-07 19:46 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-09-07 19:46 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-09-07 19:46 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-09-07 19:46 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-09-07 19:46 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-09-07 19:46 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-09-07 19:46 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-09-07 19:46 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-09-07 19:46 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-09-07 19:45 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-09-07 16:04 - 2015-09-07 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-07 16:03 - 2015-09-07 16:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-07 16:03 - 2015-09-07 16:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-07 15:49 - 2015-09-07 15:54 - 403256404 _____ C:\Users\Šárka\Desktop\medialniprojekt.wmv
2015-09-07 15:37 - 2015-09-07 15:41 - 407280404 _____ C:\Users\Šárka\Desktop\say yes to gybot.wmv
2015-09-07 15:11 - 2015-09-11 17:13 - 00057971 _____ C:\Users\Šárka\Desktop\Můj film.wlmp
2015-09-07 14:54 - 2015-09-07 14:54 - 00000000 ____D C:\Users\Šárka\AppData\Local\{1FDD3550-09C9-4558-B36D-73F13DB6F1E7}
2015-09-07 14:53 - 2015-09-23 19:11 - 00000000 ____D C:\WINDOWS\cs
2015-09-07 14:52 - 2015-09-07 14:52 - 00001397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2015-09-07 14:52 - 2015-09-07 14:52 - 00001328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2015-09-07 14:52 - 2015-09-07 14:52 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-09-07 14:50 - 2015-09-11 16:47 - 00000000 ____D C:\Users\Šárka\AppData\Local\Windows Live
2015-09-07 14:50 - 2015-09-07 14:52 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-09-07 14:50 - 2015-09-07 14:50 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-09-07 14:50 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-09-07 14:50 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-09-07 14:50 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-09-07 14:50 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-09-07 14:50 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-09-07 14:50 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-09-07 14:46 - 2015-09-07 14:49 - 228461928 _____ (Microsoft Corporation) C:\Users\Šárka\Desktop\wlsetup-all.exe
2015-09-07 14:33 - 2015-09-07 14:33 - 00000000 ____D C:\Users\Šárka\AppData\Roaming\AVG
2015-09-07 14:31 - 2015-09-07 14:31 - 00000000 ____D C:\Users\Šárka\AppData\Local\Avg
2015-09-07 14:30 - 2015-09-07 14:31 - 00000000 ____D C:\Users\Šárka\Documents\Freemake
2015-09-07 14:30 - 2015-09-07 14:30 - 00000000 ____D C:\Users\Šárka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-09-07 14:29 - 2015-09-07 14:33 - 00000000 ____D C:\ProgramData\AVG
2015-09-07 14:29 - 2015-09-07 14:30 - 00001343 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2015-09-07 14:29 - 2015-09-07 14:30 - 00000000 ____D C:\ProgramData\Freemake
2015-09-07 14:29 - 2015-09-07 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-09-07 14:29 - 2015-09-07 14:29 - 00000000 ____D C:\Program Files (x86)\Freemake
2015-09-07 14:27 - 2015-09-07 14:28 - 01271864 _____ (Ellora Assets Corporation ) C:\Users\Šárka\Desktop\FreemakeVideoConverterSetup.exe
2015-09-05 05:36 - 2015-09-05 05:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 12:14 - 2015-09-08 20:45 - 00000000 ____D C:\Users\Šárka\Desktop\medialní projekt
2015-09-01 19:33 - 2015-09-01 19:33 - 00022335 _____ C:\Users\Šárka\AppData\Local\recently-used.xbel
2015-08-31 22:07 - 2015-08-31 22:09 - 00000000 ____D C:\Users\Šárka\Desktop\ještěd
2015-08-26 11:48 - 2015-08-26 11:48 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-26 11:48 - 2015-08-26 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-25 20:51 - 2015-08-25 21:45 - 517371952 _____ C:\Users\Šárka\Desktop\→Vikings-S01E05-TitCz.avi.crdownload

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-24 17:00 - 2014-04-01 15:03 - 00000000 ____D C:\Users\Šárka\AppData\Roaming\Skype
2015-09-24 17:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-24 08:01 - 2015-04-07 08:40 - 01551162 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-24 00:34 - 2015-06-21 23:24 - 00000918 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-24 00:31 - 2014-01-22 13:28 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-23 21:52 - 2014-11-17 13:47 - 00000940 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2668706247-16778440-3606748346-1002UA.job
2015-09-23 21:30 - 2014-01-22 13:28 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-23 20:34 - 2015-06-21 23:24 - 00000914 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-23 19:11 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-23 14:41 - 2014-01-20 17:30 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2668706247-16778440-3606748346-1002
2015-09-23 14:33 - 2015-05-30 13:50 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-23 00:21 - 2014-02-10 23:42 - 00146176 _____ C:\Users\Šárka\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-22 17:28 - 2014-01-22 03:01 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-09-22 15:18 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\en-GB
2015-09-22 15:17 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-22 15:15 - 2015-05-30 13:26 - 00000000 ____D C:\Program Files (x86)\14aca696-e811-441c-a0bb-adadd4641f40
2015-09-22 15:15 - 2015-05-30 13:26 - 00000000 ____D C:\Program Files (x86)\03b7601a-c680-46a9-9a85-ab94f6b9392c
2015-09-22 15:15 - 2014-02-18 22:04 - 00000000 ____D C:\Program Files (x86)\Aimersoft
2015-09-22 07:55 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-21 20:33 - 2014-03-18 17:33 - 01938474 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-21 20:33 - 2014-03-18 16:54 - 00803244 _____ C:\WINDOWS\system32\perfh005.dat
2015-09-21 20:33 - 2014-03-18 16:54 - 00184236 _____ C:\WINDOWS\system32\perfc005.dat
2015-09-21 20:25 - 2014-10-26 03:36 - 00000000 ____D C:\AdwCleaner
2015-09-21 07:09 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-18 21:26 - 2014-01-22 13:28 - 00003944 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 21:25 - 2014-01-22 13:28 - 00003708 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-18 20:47 - 2014-01-22 13:28 - 00000000 ____D C:\Users\Šárka\AppData\Local\Google
2015-09-15 03:18 - 2014-09-16 15:14 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2014-09-16 15:14 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 22:12 - 2014-02-01 01:48 - 00000000 ___HD C:\Users\Šárka\Desktop\.picasaoriginals
2015-09-14 12:52 - 2014-11-17 13:47 - 00000918 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2668706247-16778440-3606748346-1002Core.job
2015-09-12 00:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppCompat
2015-09-11 15:29 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-11 07:40 - 2013-08-22 16:44 - 00554048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-11 01:13 - 2014-03-18 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-11 01:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-11 01:12 - 2015-04-29 20:05 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-09-11 01:12 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-09-11 01:12 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-09-11 01:12 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-11 01:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-09-11 01:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-09-11 01:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-09-11 00:11 - 2014-01-22 15:27 - 00000000 ____D C:\Users\Šárka\AppData\Roaming\vlc
2015-09-10 23:24 - 2014-09-19 20:39 - 00000000 ___RD C:\Users\Šárka\Desktop\serials
2015-09-09 21:15 - 2014-02-08 17:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 19:36 - 2014-01-26 13:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-09 18:38 - 2012-07-26 07:26 - 00000269 _____ C:\WINDOWS\win.ini
2015-09-08 18:36 - 2014-02-08 18:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2015-09-08 18:09 - 2013-08-21 06:44 - 00000032 _____ C:\WINDOWS\0
2015-09-08 18:03 - 2012-10-12 05:24 - 00000000 ____D C:\SWSETUP
2015-09-07 21:49 - 2014-01-21 18:57 - 00000000 ____D C:\Users\Šárka\Desktop\Moje škola
2015-09-07 16:01 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-09-07 14:50 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-07 14:38 - 2014-02-13 17:37 - 00028160 _____ C:\Users\Šárka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-05 05:36 - 2015-06-21 23:24 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-09-03 22:49 - 2014-02-13 17:36 - 00000000 ____D C:\Users\Šárka\AppData\Local\WMTools Downloaded Files
2015-09-03 20:50 - 2015-07-22 08:49 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-01 19:34 - 2014-02-21 00:52 - 00000000 ____D C:\Users\Šárka\AppData\Local\gtk-2.0
2015-09-01 19:34 - 2014-02-21 00:50 - 00000000 ____D C:\Users\Šárka\.gimp-2.8
2015-08-31 21:55 - 2015-08-24 21:25 - 00000000 ____D C:\Users\Šárka\Desktop\londýn + sobotka
2015-08-26 18:37 - 2014-01-26 13:44 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-26 11:48 - 2014-04-01 15:03 - 00000000 ____D C:\ProgramData\Skype

==================== Files in the root of some directories =======

2014-02-13 17:37 - 2015-09-07 14:38 - 0028160 _____ () C:\Users\Šárka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-01 19:33 - 2015-09-01 19:33 - 0022335 _____ () C:\Users\Šárka\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
C:\Users\Šárka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpug_po3.dll
C:\Users\Šárka\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-23 19:35

==================== End of FRST.txt ============================

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Virus? Phishing

#21 Příspěvek od Márty84 »

šárka009 píše:tak to byl asi nějakej momentální error :D
To se stava :-)



:arrow: Napiste mi velikost adresare plochy (C:\Users\Šárka\Plocha)




:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [KiesTrayAgent] => C:\Users\Šárka\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [74752 2015-09-02] ()
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [KiesPreload] => C:\Users\Šárka\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [] => C:\Users\Šárka\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-04-23] (Samsung)
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [Facebook Update] => C:\Users\Šárka\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-11-17] (Facebook Inc.)
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)

2015-09-07 14:33 - 2015-09-07 14:33 - 00000000 ____D C:\Users\Šárka\AppData\Roaming\AVG
2015-09-07 14:31 - 2015-09-07 14:31 - 00000000 ____D C:\Users\Šárka\AppData\Local\Avg
2015-09-07 14:29 - 2015-09-07 14:33 - 00000000 ____D C:\ProgramData\AVG

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2668706247-16778440-3606748346-1002Core.job => C:\Users\Šárka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2668706247-16778440-3606748346-1002UA.job => C:\Users\Šárka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

šárka009
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 14 zář 2015 18:13

Re: Virus? Phishing

#22 Příspěvek od šárka009 »

plocha 132 GB

Fix result of Farbar Recovery Scan Tool (x64) Version:23-09-2015
Ran by Šárka (2015-09-25 15:36:08) Run:1
Running from C:\Users\Šárka\Desktop
Loaded Profiles: Šárka (Available Profiles: Šárka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [KiesTrayAgent] => C:\Users\Šárka\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [74752 2015-09-02] ()
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [KiesPreload] => C:\Users\Šárka\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [] => C:\Users\Šárka\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-04-23] (Samsung)
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [Facebook Update] => C:\Users\Šárka\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-11-17] (Facebook Inc.)
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)

2015-09-07 14:33 - 2015-09-07 14:33 - 00000000 ____D C:\Users\Šárka\AppData\Roaming\AVG
2015-09-07 14:31 - 2015-09-07 14:31 - 00000000 ____D C:\Users\Šárka\AppData\Local\Avg
2015-09-07 14:29 - 2015-09-07 14:33 - 00000000 ____D C:\ProgramData\AVG

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2668706247-16778440-3606748346-1002Core.job => C:\Users\Šárka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2668706247-16778440-3606748346-1002UA.job => C:\Users\Šárka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ProductUpdater => value removed successfully
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload => value removed successfully
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value removed successfully
HKU\S-1-5-21-2668706247-16778440-3606748346-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
C:\Users\Šárka\AppData\Roaming\AVG => moved successfully
C:\Users\Šárka\AppData\Local\Avg => moved successfully
C:\ProgramData\AVG => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2668706247-16778440-3606748346-1002Core.job => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2668706247-16778440-3606748346-1002UA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 4.1 GB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 15:36:54 ====

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Virus? Phishing

#23 Příspěvek od Márty84 »

šárka009 píše:plocha 132 GB
:arcisit:
:arrow: Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku :)



:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

:arrow: Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak to s pc vypada.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

šárka009
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 14 zář 2015 18:13

Re: Virus? Phishing

#24 Příspěvek od šárka009 »

Plocha 44 MB

# DelFix v1.011 - Logfile created 25/09/2015 at 19:54:58
# Updated 18/08/2015 by Xplode
# Username : Šárka - SARKA
# Operating System : Windows 8.1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Šárka\Desktop\FRST-OlderVersion
Deleted : C:\Users\Šárka\Desktop\adwcleaner_5.008.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

########## - EOF - ##########

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Virus? Phishing

#25 Příspěvek od Márty84 »

šárka009 píše:Plocha 44 MB
Sikulka :idea:

DelFix probehl taky v poradku. Tak pokracujte dale a pak dejte vedet, jak to vypada :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

šárka009
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 14 zář 2015 18:13

Re: Virus? Phishing

#26 Příspěvek od šárka009 »

jojo už defragmentuju :D nemám tušení co to znamená, ale určitě to dělám :D cože jsem to s tim počítačem vlastně měla/mám?

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Virus? Phishing

#27 Příspěvek od Márty84 »

Defragmentace urovna data na disku :-)

Byla tam nejaka havet a zbytecnosti.

Doporucuji pak nainstalovat nejaky antivir. Defender nestoji za nic. (Doporucuji Avast free, Bitdefender free, nebo Aviru)

Jsou jeste nejake problemy? Objevily se nejake nove zpravy?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

šárka009
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 14 zář 2015 18:13

Re: Virus? Phishing

#28 Příspěvek od šárka009 »

Nene, už je všechno v pořádku :) děkuju mockrát, doufám že po tý defragementaci už je to hotový :D a zvolim asi avast

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Virus? Phishing

#29 Příspěvek od Márty84 »

šárka009 píše:doufám že po tý defragementaci už je to hotový :D
Pokud neni nejaky problem, pak ano :-)
šárka009 píše:zvolim asi avast
Dobra volba, pouzivam jej uz 10 let a spokojenost ;-)


Nezaskodilo by pro jistotu zmenit hesla a idealni by bylo, kdyby si holky, od kterych vam ty zpravy prisly, taky nechaly zkontrolovat pocitac :)

A nemate vubec zac, rado se stalo! ;-)

No a kdyby neco, staci se ozvat.

Mejte se krasne a treba zase nekdy :bye:

:closed:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Zamčeno