Dobrý den, prosím o pomoc se zavirovaným počítačem. Kolegyně byla velmi čilá a otevřela co neměla. V počítači má nyní locky soubory, se kterými se již rozloučila, ale já potřebuji mít jistotu, že je počítač čistý a můžu ho zpět vrátit.
Log z FRST :
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by vesna (administrator) on CKTAGPC4 (15-03-2016 11:42:47)
Running from G:\
Loaded Profiles: vesna (Available Profiles: vesna & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Enigma Software Group USA, LLC.) D:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => D:\WINDOWS\RTHDCPL.EXE [14396416 2005-05-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => D:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [WinVNC] => D:\Program Files\TightVNC\WinVNC.exe [585728 2009-03-05] (TightVNC Group)
HKLM\...\Run: [Adobe ARM] => D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [ESDUSBMon.exe] => D:\WINDOWS\system32\ESDUSBMon.exe [188416 2005-05-26] (SEIKO EPSON Corp.)
HKLM\...\Run: [egui] => D:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [3159744 2013-10-07] (ESET)
HKLM\...\Run: [SunJavaUpdateSched] => D:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [InstallerLauncher] => D:\Program Files\Bitdefender\Antivirus Free Edition\Install\Installer.exe [500328 2016-03-15] (Bitdefender)
HKLM\...\Run: [SpyHunter Security Suite] => D:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe [7252864 2016-03-15] (Enigma Software Group USA, LLC.)
Startup: D:\Documents and Settings\vesna\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.3.lnk [2015-07-09]
ShortcutTarget: OpenOffice.org 3.3.lnk -> D:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B6A86341-B7FE-448A-A41F-B91A192A3210}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-1935655697-343818398-839522115-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
FireFox:
========
FF ProfilePath: D:\Documents and Settings\vesna\Data aplikací\Mozilla\Firefox\Profiles\rz2ynknj.default
FF Plugin: @adobe.com/FlashPlayer -> D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll [2013-06-21] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> D:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> D:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> D:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\cgpcfg.dll [2008-08-16] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\CgpCore.dll [2008-08-16] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\confmgr.dll [2008-08-16] ()
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\ctxlogging.dll [2008-08-16] ()
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\ctxmui.dll [2008-08-16] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\icafile.dll [2008-08-16] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\icalogon.dll [2008-08-16] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\msvcm80.dll [2008-05-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\msvcp80.dll [2008-05-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\msvcr80.dll [2008-05-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npicaN.dll [2008-08-16] ()
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2012-10-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2012-10-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2012-10-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2012-10-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2012-10-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-10-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2012-10-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\sslsdk_b.dll [2008-06-05] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: D:\Program Files\mozilla firefox\plugins\TcpPServ.dll [2008-08-16] (Citrix Systems, Inc.)
FF Extension: Default - D:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-08] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-11-19] [not signed]
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - D:\Program Files\Hewlett-Packard\SmartPrint\QPExtension => not found
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 EhttpSrv; D:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [34296 2013-10-07] (ESET)
S2 ekrn; D:\Program Files\ESET\ESET Endpoint Antivirus\ekrn.exe [1025584 2013-10-07] (ESET)
S2 EPSON ESCPOS Status Service; D:\WINDOWS\system32\EpStsSrv.exe [77824 2006-05-17] (SEIKO EPSON Corp.) [File not signed]
S3 ESHASRV; D:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [185104 2013-10-07] (ESET)
S4 gzserv; D:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [67592 2016-03-15] (Bitdefender)
S3 HP Port Resolver; D:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [81920 2005-05-20] (Hewlett-Packard Company)
S3 HP Status Server; D:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [73728 2004-10-16] (Hewlett-Packard Company)
S2 JavaQuickStarterService; D:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-07-25] (Oracle Corporation)
S2 MDM; D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
S3 OpenVPNService; D:\Program Files\OpenVPN\bin\openvpnserv.exe [14848 2011-04-26] () [File not signed]
S2 SpyHunter 4 Service; D:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [784256 2016-03-15] (Enigma Software Group USA, LLC.)
S2 winvnc; D:\Program Files\TightVNC\WinVNC.exe [585728 2009-03-05] (TightVNC Group) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 avc3; D:\WINDOWS\System32\DRIVERS\avc3.sys [633344 2013-04-17] (BitDefender)
R3 avchv; D:\WINDOWS\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
S3 avckf; D:\WINDOWS\System32\DRIVERS\avckf.sys [486536 2013-04-17] (BitDefender)
S3 Axtmvflt; D:\WINDOWS\System32\DRIVERS\Axtmvflt.sys [3456 2007-09-20] (Axesstel) [File not signed]
S3 Axtmvmdm; D:\WINDOWS\System32\DRIVERS\Axtmvmdm.sys [40064 2007-09-20] (Axesstel) [File not signed]
S3 Axtmvprt; D:\WINDOWS\System32\Drivers\Axtmvprt.sys [38784 2007-09-20] (Axesstel) [File not signed]
S1 bdftdif; D:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys [148600 2013-04-17] (Bitdefender SRL)
S4 bdselfpr; D:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
S3 cmpci; D:\WINDOWS\System32\drivers\cmaudio.sys [373518 2002-03-01] (C-Media Inc) [File not signed]
S1 eamon; D:\WINDOWS\System32\DRIVERS\eamon.sys [166672 2013-10-25] (ESET)
S1 ehdrv; D:\WINDOWS\System32\DRIVERS\ehdrv.sys [128056 2013-09-09] (ESET)
S4 epfwtdir; D:\WINDOWS\System32\DRIVERS\epfwtdir.sys [110552 2013-09-09] (ESET)
S2 Esdpdx01; D:\WINDOWS\system32\Drivers\ESDPDX01.SYS [95485 2003-12-25] (MK Systems CO., LTD.) [File not signed]
S3 EsgScanner; D:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2016-03-15] ()
S3 gameenum; D:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S4 gzflt; D:\WINDOWS\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R3 MTsensor; D:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 Rcphook; D:\WINDOWS\System32\DRIVERS\rcpmini.sys [3264 2005-02-25] (Alchemy Lab) [File not signed]
R3 tap0901; D:\WINDOWS\System32\DRIVERS\tap0901.sys [26624 2011-04-26] (The OpenVPN Project) [File not signed]
S3 TMUSB; D:\WINDOWS\System32\DRIVERS\TMUSBXP.SYS [47616 2007-01-19] (SEIKO EPSON Corp.)
S0 trufos; D:\WINDOWS\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
S4 IntelIde; no ImagePath
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
U5 ScsiPort; D:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-15 11:07 - 2016-03-15 11:07 - 00000000 ____D D:\sh4ldr
2016-03-15 11:07 - 2016-03-15 11:07 - 00000000 ____D D:\Documents and Settings\vesna\Data aplikací\Enigma Software Group
2016-03-15 11:04 - 2016-03-15 11:04 - 00019984 _____ D:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-03-15 11:04 - 2016-03-15 11:04 - 00000000 ____D D:\Program Files\Enigma Software Group
2016-03-15 10:57 - 2016-03-15 11:03 - 00064444 _____ D:\WINDOWS\ntbtlog.txt
2016-03-15 10:56 - 2016-03-15 10:56 - 00184624 _____ D:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2016-03-15 10:55 - 2016-03-15 10:55 - 00009635 _____ D:\Documents and Settings\All Users\Data aplikací\1458035695.3504.bin
2016-03-15 10:54 - 2016-03-15 10:55 - 00042015 _____ D:\Documents and Settings\All Users\Data aplikací\1458035695.1628.bin
2016-03-15 10:54 - 2016-03-15 10:55 - 00002406 _____ D:\Documents and Settings\All Users\Data aplikací\1458035695.3208.bin
2016-03-15 10:54 - 2016-03-15 10:55 - 00001334 _____ D:\Documents and Settings\All Users\Data aplikací\1458035695.2204.bin
2016-03-15 10:54 - 2016-03-15 10:54 - 00037461 _____ D:\Documents and Settings\All Users\Data aplikací\1458035691.bdinstall.bin
2016-03-15 10:52 - 2016-03-15 10:52 - 00218067 _____ D:\Documents and Settings\All Users\Data aplikací\1458035130.bdinstall.bin
2016-03-15 10:52 - 2016-03-15 10:52 - 00000000 ____D D:\Documents and Settings\LocalService\Data aplikací\QuickScan
2016-03-15 10:48 - 2016-03-15 10:48 - 00001872 _____ D:\Documents and Settings\All Users\Plocha\Bitdefender Antivirus Free Edition.lnk
2016-03-15 10:48 - 2016-03-15 10:48 - 00000000 ____H D:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2016-03-15 10:48 - 2016-03-15 10:48 - 00000000 ____H D:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2016-03-15 10:48 - 2016-03-15 10:48 - 00000000 ____D D:\Documents and Settings\All Users\Nabídka Start\Programy\Antivirus Free Edition
2016-03-15 10:47 - 2016-03-15 10:47 - 00000000 __HDC D:\WINDOWS\$NtUninstallWdf01009$
2016-03-15 10:47 - 2016-03-15 10:47 - 00000000 ____D D:\WINDOWS\LastGood
2016-03-15 10:47 - 2013-04-17 14:59 - 00633344 _____ (BitDefender) D:\WINDOWS\system32\Drivers\avc3.sys
2016-03-15 10:47 - 2013-04-17 14:59 - 00486536 _____ (BitDefender) D:\WINDOWS\system32\Drivers\avckf.sys
2016-03-15 10:47 - 2012-11-02 14:17 - 00242504 _____ (BitDefender) D:\WINDOWS\system32\Drivers\avchv.sys
2016-03-15 10:47 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) D:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-03-15 10:46 - 2016-03-15 10:47 - 00048933 _____ D:\Report 2016-03-15 10.46.05.txt
2016-03-15 10:46 - 2016-03-15 10:46 - 00000000 ____D D:\Documents and Settings\vesna\Data aplikací\QuickScan
2016-03-15 10:45 - 2016-03-15 10:48 - 00000000 ____D D:\Program Files\Bitdefender
2016-03-15 10:45 - 2013-05-28 12:11 - 00355744 _____ (BitDefender S.R.L.) D:\WINDOWS\system32\Drivers\trufos.sys
2016-03-15 10:45 - 2013-04-22 13:20 - 00164952 _____ (BitDefender LLC) D:\WINDOWS\system32\Drivers\gzflt.sys
2016-03-15 10:37 - 2016-03-15 11:42 - 00000000 ____D D:\FRST
2016-03-15 10:34 - 2016-03-15 10:34 - 00188392 _____ D:\Documents and Settings\vesna\Local Settings\Data aplikací\census.cache
2016-03-15 10:34 - 2016-03-15 10:34 - 00162689 _____ D:\Documents and Settings\vesna\Local Settings\Data aplikací\ars.cache
2016-03-15 10:15 - 2016-03-15 10:15 - 00000036 _____ D:\Documents and Settings\vesna\Local Settings\Data aplikací\housecall.guid.cache
2016-03-15 10:02 - 2016-03-15 10:10 - 00000000 ____D D:\Program Files\AdwCleaner
2016-03-15 10:00 - 2016-03-15 10:00 - 00000000 ____D D:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2016-03-14 16:58 - 2016-03-14 17:09 - 00026340 _____ D:\Documents and Settings\vesna\Plocha\Příjemky ČR.ods
2016-03-14 15:33 - 2016-03-14 15:33 - 00365482 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4922BF7F37056900F7A.locky
2016-03-14 15:31 - 2016-03-14 15:31 - 00003780 _____ D:\Documents and Settings\All Users\Data aplikací\8A92DE3DCF92D4921CD205F4ECCB8E98.locky
2016-03-14 15:31 - 2016-03-14 15:31 - 00001073 _____ D:\Documents and Settings\All Users\Data aplikací\_Locky_recover_instructions.txt
2016-03-14 15:29 - 2016-03-14 15:29 - 00189038 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D49228D242B27F441D23.locky
2016-03-14 15:28 - 2016-03-14 15:28 - 05364162 ____N D:\Documents and Settings\vesna\Local Settings\Data aplikací\8A92DE3DCF92D492ED1312A5107A2D0C.locky
2016-03-14 15:28 - 2016-03-14 15:28 - 04837850 _____ D:\Documents and Settings\administrator\Local Settings\Data aplikací\8A92DE3DCF92D4922B8F4BE8A9B5AA69.locky
2016-03-14 15:28 - 2016-03-14 15:28 - 00001073 _____ D:\Documents and Settings\vesna\Local Settings\Data aplikací\_Locky_recover_instructions.txt
2016-03-14 15:28 - 2016-03-14 15:28 - 00001073 _____ D:\Documents and Settings\administrator\Local Settings\Data aplikací\_Locky_recover_instructions.txt
2016-03-14 15:27 - 2016-03-14 15:27 - 00597840 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D49253E5D1E3B6A77850.locky
2016-03-14 15:27 - 2016-03-14 15:27 - 00208468 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D4922D9B7E681FC2375D.locky
2016-03-14 15:27 - 2016-03-14 15:27 - 00170290 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4924DD4778DF20B51C7.locky
2016-03-14 15:27 - 2016-03-14 15:27 - 00139338 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492DEC8FD781B5B4262.locky
2016-03-14 15:27 - 2016-03-14 15:27 - 00058293 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4926F7643D4D2D19D6D.locky
2016-03-14 15:27 - 2016-03-14 15:27 - 00044426 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492F857ED9941368380.locky
2016-03-14 15:27 - 2016-03-14 15:27 - 00026287 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D49221E90F7919261029.locky
2016-03-14 15:26 - 2016-03-14 15:26 - 00081246 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492DBCC0DF88E685A6B.locky
2016-03-14 15:25 - 2016-03-14 15:25 - 00001073 _____ D:\Documents and Settings\vesna\_Locky_recover_instructions.txt
2016-03-14 15:25 - 2016-03-14 15:25 - 00000917 _____ D:\Documents and Settings\vesna\8A92DE3DCF92D492EBA9BA681ADB06C8.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00237654 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492D4DA1EB7E5490679.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00075729 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492240E0361359E06FD.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00049139 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492C06C72535FBD27AF.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00049102 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4923E4C3429DA113448.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00028418 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4925E19A22D3FD1A598.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00028414 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D49246C812D8D73882F9.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00027536 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492853A98E04F0ACA68.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00027530 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492C7067B0ED035DA0B.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00026845 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492DAE679459662C37A.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00025554 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4920692B170016A3F64.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00025332 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492CC3CA06645EBE7DD.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00024405 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492384F8B662BFBFD5D.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00024368 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492EF48A209E4C0451B.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00024368 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4928F2CBF6E5E20DDB5.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00024368 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D49244B97B4A1CD5004B.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00024368 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D49242CD54EE7880ADC0.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00024363 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492A8959CBDFB184125.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00023627 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4922F9D45DACE89EE59.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00022828 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4921997400459838EC2.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00019631 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4925687EA5636FB04B2.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00019143 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D4926A4A88522CBC3360.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00018882 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D49272A24FFBD2E6789D.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00018756 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D49269F93887DA016716.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00016103 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D49250431A8A2B407AF6.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00015701 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492627E88E829BD288F.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00015649 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4928B58ED342F636E47.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00015176 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492B09308DB6390B218.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00015041 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492C16F8D326C038636.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00014768 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492F88121D41920AEA8.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00014390 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D49259EA0B6BAFD2FBFA.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00013239 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4927C8A69C9E11CFE5A.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00012754 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4926274FA23B2796EE8.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00012631 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492C0125A2C334E5636.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00012425 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492C99890DF7A2F5FB0.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00011826 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4926B73D9A15657165C.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00011624 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4926E6AE2EF4F489187.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00011573 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492EB191C9E811CC24D.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00010564 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492E07A8576923EA110.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00009986 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D49283E16AF2A947B90B.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00009978 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492EF6AADDB03969AF4.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00008378 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D49276CB3074109D8C9E.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00008377 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492F42C0C2235ACAD4A.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00008377 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4921E9B59B6B5C76C46.locky
2016-03-14 15:23 - 2016-03-14 15:23 - 00008377 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D49207766D73E8EEA916.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00289604 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492C7EBFA33417ACA8A.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00156996 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D4927B817A07B7E627C2.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00043844 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492C897D51C536F9648.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00043844 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492ABADAA4F4A0F0E7B.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00043844 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D4925FDCFE3EB8B4AB93.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00043332 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492AEA9B3D6F42DF697.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00042820 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492613243B906CC3AAD.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00042308 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D49228741F87B2B76B77.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00031044 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492F2543CD9B16BEC36.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00030532 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D4927D68AEB6F1137738.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00028484 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492F210A795ED74F527.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00024395 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492DE5999D6D6127071.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00024363 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492897CA5AEBBD29919.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00023364 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D4923C36F528C0694668.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00022820 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4922A101E76F271BAAB.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00019273 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492408FBB073B1549A9.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00017144 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492B9E2135EEC67C723.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00016708 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492FA71081B7CCC3EA3.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00015817 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492FF922C2ABB872720.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00014700 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D4921551BA041062550D.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00013431 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D4927670D5B8CF7CC7A6.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00013124 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D492DAFB11A13C31404C.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00012990 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4923562510445962D5A.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00011588 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D4922B4AD5A60CFDD1BC.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00010382 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492C4490BDCF21C89C5.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00010052 _____ D:\Documents and Settings\vesna\Plocha\8A92DE3DCF92D492B531D5B93EE1BA4F.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00007553 _____ D:\Documents and Settings\vesna\Dokumenty\8A92DE3DCF92D4925F2C79D0038B101B.locky
2016-03-14 15:22 - 2016-03-14 15:22 - 00001073 _____ D:\Documents and Settings\vesna\Plocha\_Locky_recover_instructions.txt
2016-03-14 15:22 - 2016-03-14 15:22 - 00001073 _____ D:\Documents and Settings\vesna\Dokumenty\_Locky_recover_instructions.txt
2016-03-08 21:12 - 2016-03-09 09:01 - 00000000 ____D D:\Program Files\Mozilla Firefox
2016-02-23 09:07 - 2016-02-25 15:48 - 00000000 ____D D:\Program Files\Mozilla Thunderbird
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-15 11:43 - 2013-09-17 09:38 - 00000000 ____D D:\Documents and Settings\vesna\Local Settings\Temp
2016-03-15 11:22 - 2005-11-28 11:38 - 00001604 ____C D:\Documents and Settings\Default User\Nabídka Start\Programy\Vzdálená pomoc.lnk
2016-03-15 11:20 - 2005-11-30 12:03 - 00001604 ____C D:\Documents and Settings\administrator\Nabídka Start\Programy\Vzdálená pomoc.lnk
2016-03-15 11:07 - 2013-09-17 09:38 - 00000000 __RHD D:\Documents and Settings\vesna\Data aplikací
2016-03-15 11:07 - 2013-09-17 09:38 - 00000000 ____D D:\Documents and Settings\vesna
2016-03-15 11:07 - 2005-11-28 19:21 - 00000000 ___HD D:\WINDOWS\inf
2016-03-15 10:59 - 2004-08-18 13:00 - 00013646 _____ D:\WINDOWS\system32\wpa.dbl
2016-03-15 10:56 - 2013-09-17 09:38 - 00000178 ___SH D:\Documents and Settings\vesna\ntuser.ini
2016-03-15 10:56 - 2005-11-28 11:42 - 00032318 _____ D:\WINDOWS\SchedLgU.Txt
2016-03-15 10:56 - 2005-11-28 11:42 - 00000006 ____H D:\WINDOWS\Tasks\SA.DAT
2016-03-15 10:56 - 2005-11-28 11:42 - 00000000 ___HD D:\Documents and Settings\LocalService\Local Settings\Data aplikací
2016-03-15 10:54 - 2005-11-28 19:28 - 00000000 __RHD D:\Documents and Settings\All Users\Data aplikací
2016-03-15 10:48 - 2005-11-28 19:28 - 00000000 ___RD D:\Documents and Settings\All Users\Nabídka Start\Programy
2016-03-15 10:48 - 2005-11-28 19:28 - 00000000 ____D D:\Documents and Settings\All Users\Plocha
2016-03-15 10:45 - 2013-11-06 16:24 - 00000000 ____D D:\Documents and Settings\vesna\Dokumenty\Stažené soubory
2016-03-15 10:34 - 2013-09-17 09:38 - 00000000 ___HD D:\Documents and Settings\vesna\Local Settings\Data aplikací
2016-03-15 10:13 - 2013-09-17 09:38 - 00000000 ___RD D:\Documents and Settings\vesna\Nabídka Start\Programy\Po spuštění
2016-03-15 10:12 - 2014-05-06 13:14 - 00000222 _____ D:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2016-03-15 10:10 - 2013-09-17 09:38 - 00000000 ___RD D:\Documents and Settings\vesna\Nabídka Start\Programy
2016-03-15 10:10 - 2013-09-17 09:38 - 00000000 ____D D:\Documents and Settings\vesna\Plocha
2016-03-15 09:32 - 2013-09-18 10:13 - 00000466 ____H D:\WINDOWS\Tasks\User_Feed_Synchronization-{0BBC05CF-1BC5-4D80-A578-27B0F791C627}.job
2016-03-15 09:15 - 2013-09-17 09:38 - 00001604 _____ D:\Documents and Settings\vesna\Nabídka Start\Programy\Vzdálená pomoc.lnk
2016-03-15 09:15 - 2005-11-28 11:38 - 00001568 _____ D:\Documents and Settings\All Users\Nabídka Start\Přístup a výchozí nastavení programů.lnk
2016-03-15 09:13 - 2013-09-17 09:38 - 00000000 ___HD D:\Documents and Settings\vesna\Okolní síť
2016-03-14 16:46 - 2015-12-30 13:30 - 00000000 ____D D:\Documents and Settings\vesna\Plocha\Leták
2016-03-14 15:33 - 2015-03-02 14:44 - 00000000 ____D D:\Documents and Settings\vesna\Dokumenty\Tesco
2016-03-14 15:33 - 2013-09-17 09:38 - 00000000 ___RD D:\Documents and Settings\vesna\Dokumenty
2016-03-14 15:33 - 2013-09-17 09:38 - 00000000 ___HD D:\Documents and Settings\vesna\Šablony
2016-03-14 15:33 - 2005-11-30 12:03 - 00000000 ___HD D:\Documents and Settings\administrator\Šablony
2016-03-14 15:33 - 2005-11-28 19:28 - 00000000 ___HD D:\Documents and Settings\Default User\Šablony
2016-03-14 15:33 - 2005-11-28 11:36 - 00000000 ___RD D:\Documents and Settings\All Users\Dokumenty\Obrázky
2016-03-14 15:31 - 2013-12-23 14:25 - 00000000 ____D D:\Podpis
2016-03-14 15:29 - 2013-09-17 09:38 - 00000000 ___RD D:\Documents and Settings\vesna\Dokumenty\Obrázky
2016-03-14 15:28 - 2015-12-30 13:29 - 00000000 ____D D:\Documents and Settings\vesna\Plocha\vyřízené
2016-03-14 15:28 - 2014-05-07 08:23 - 00000000 ____D D:\Documents and Settings\vesna\Dokumenty\Radka
2016-03-14 15:28 - 2005-11-30 12:03 - 00000000 ___HD D:\Documents and Settings\administrator\Local Settings\Data aplikací
2016-03-14 15:27 - 2015-12-16 10:52 - 00000000 ____D D:\Documents and Settings\vesna\Plocha\Radka plocha
2016-03-14 15:27 - 2015-12-02 12:35 - 00000000 ____D D:\Documents and Settings\vesna\Plocha\Petra
2016-03-14 15:27 - 2015-05-27 09:37 - 00000000 ____D D:\Documents and Settings\vesna\Dokumenty\invoices Mai 2015
2016-03-14 15:27 - 2015-04-07 10:48 - 00000000 ____D D:\Documents and Settings\vesna\Dokumenty\Credit note SK VESNA
2016-03-14 15:27 - 2005-11-28 15:28 - 00000000 ____D D:\WINGED
2016-03-14 15:23 - 2015-09-14 07:28 - 00000000 ____D D:\Documents and Settings\vesna\Dokumenty\p. PLAČEK
2016-03-14 15:23 - 2015-04-27 12:21 - 00000000 ____D D:\Documents and Settings\vesna\Plocha\AKCE 2015
2016-03-14 15:23 - 2005-11-28 19:28 - 00000000 ___HD D:\Documents and Settings\All Users\Šablony
2016-03-14 15:22 - 2015-06-11 06:29 - 00000000 ____D D:\Documents and Settings\vesna\Dokumenty\ZALISTOVÁNÍ ZBOŽÍ_2015
2016-03-14 15:22 - 2015-01-20 14:08 - 00000000 ____D D:\Documents and Settings\vesna\Plocha\AKCE 2014
2016-03-14 15:22 - 2013-09-18 07:46 - 00000000 ____D D:\vpn
2016-03-14 15:19 - 2008-07-18 06:44 - 00000000 ____D D:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
2016-03-14 07:06 - 2012-09-27 09:43 - 00000000 ____D D:\Program Files\Mozilla Maintenance Service
2016-03-09 12:03 - 2005-11-28 14:04 - 00000212 _____ D:\WINDOWS\Tasks\Nod32lic.job
2016-03-09 03:05 - 2013-08-15 14:20 - 00000000 ____D D:\WINDOWS\system32\MRT
2016-03-09 03:00 - 2007-06-19 12:04 - 141270216 ____C (Microsoft Corporation) D:\WINDOWS\system32\MRT.exe
2016-03-08 15:08 - 2014-05-06 13:14 - 00000216 _____ D:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
==================== Files in the root of some directories =======
2013-09-18 07:15 - 2007-09-20 03:45 - 0090112 ____R (Axesstel) D:\Program Files\axesstel.dll
2013-09-18 07:15 - 2007-09-20 03:45 - 0118784 ____R () D:\Program Files\MSP_Uninstall.exe
2016-03-14 15:28 - 2016-03-14 15:28 - 5364162 ____N () D:\Documents and Settings\vesna\Local Settings\Data aplikací\8A92DE3DCF92D492ED1312A5107A2D0C.locky
2016-03-15 10:34 - 2016-03-15 10:34 - 0162689 _____ () D:\Documents and Settings\vesna\Local Settings\Data aplikací\ars.cache
2016-03-15 10:34 - 2016-03-15 10:34 - 0188392 _____ () D:\Documents and Settings\vesna\Local Settings\Data aplikací\census.cache
2016-03-15 10:15 - 2016-03-15 10:15 - 0000036 _____ () D:\Documents and Settings\vesna\Local Settings\Data aplikací\housecall.guid.cache
2016-03-14 15:28 - 2016-03-14 15:28 - 0001073 _____ () D:\Documents and Settings\vesna\Local Settings\Data aplikací\_Locky_recover_instructions.txt
2006-03-17 07:51 - 2006-03-17 07:51 - 0185872 ____C () D:\Documents and Settings\All Users\NCCD.log
2016-03-15 10:52 - 2016-03-15 10:52 - 0218067 _____ () D:\Documents and Settings\All Users\Data aplikací\1458035130.bdinstall.bin
2016-03-15 10:54 - 2016-03-15 10:54 - 0037461 _____ () D:\Documents and Settings\All Users\Data aplikací\1458035691.bdinstall.bin
2016-03-15 10:54 - 2016-03-15 10:55 - 0042015 _____ () D:\Documents and Settings\All Users\Data aplikací\1458035695.1628.bin
2016-03-15 10:54 - 2016-03-15 10:55 - 0001334 _____ () D:\Documents and Settings\All Users\Data aplikací\1458035695.2204.bin
2016-03-15 10:54 - 2016-03-15 10:55 - 0002406 _____ () D:\Documents and Settings\All Users\Data aplikací\1458035695.3208.bin
2016-03-15 10:55 - 2016-03-15 10:55 - 0009635 _____ () D:\Documents and Settings\All Users\Data aplikací\1458035695.3504.bin
2016-03-14 15:31 - 2016-03-14 15:31 - 0003780 _____ () D:\Documents and Settings\All Users\Data aplikací\8A92DE3DCF92D4921CD205F4ECCB8E98.locky
2007-07-25 12:21 - 2013-09-17 09:03 - 0007563 ____C () D:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
2015-02-27 09:00 - 2012-07-16 16:28 - 0024772 _____ () D:\Documents and Settings\All Users\Data aplikací\P1100DEF.css
2015-02-27 09:00 - 2012-08-13 20:22 - 0004364 ____R () D:\Documents and Settings\All Users\Data aplikací\P1100OS.HTM
2016-03-14 15:31 - 2016-03-14 15:31 - 0001073 _____ () D:\Documents and Settings\All Users\Data aplikací\_Locky_recover_instructions.txt
Some files in TEMP:
====================
D:\Documents and Settings\administrator\Local Settings\Temp\hpzmsi01.exe
D:\Documents and Settings\administrator\Local Settings\Temp\hpzscr01.exe
D:\Documents and Settings\administrator\Local Settings\Temp\Nokia_PC_Suite_683_rel_14_1_cze.exe
D:\Documents and Settings\vesna\Local Settings\Temp\jre-7u67-windows-i586-iftw.exe
D:\Documents and Settings\vesna\Local Settings\Temp\jre-8u73-windows-au.exe
D:\Documents and Settings\vesna\Local Settings\Temp\siinst.exe
D:\Documents and Settings\vesna\Local Settings\Temp\sqlite3.dll
D:\Documents and Settings\vesna\Local Settings\Temp\strings.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
D:\WINDOWS\explorer.exe => File is digitally signed
D:\WINDOWS\system32\winlogon.exe => File is digitally signed
D:\WINDOWS\system32\svchost.exe => File is digitally signed
D:\WINDOWS\system32\services.exe => File is digitally signed
D:\WINDOWS\system32\User32.dll => File is digitally signed
D:\WINDOWS\system32\userinit.exe => File is digitally signed
D:\WINDOWS\system32\rpcss.dll => File is digitally signed
D:\WINDOWS\system32\dnsapi.dll => File is digitally signed
D:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Locky files
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Locky files
Zdravím!
PC je váš soukromý, nebo patří nějaké organizaci/firmě?
PC je váš soukromý, nebo patří nějaké organizaci/firmě?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
petr.dostal
- Návštěvník
- Příspěvky: 11
- Registrován: 12 úno 2013 07:21
Re: Locky files
PC patří organizaci. Můžu ho přeinstalovat, ale předtím jsem chtěl vědět jak na něj.
Petr
Petr
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Locky files
Potom lituji, ale toto fórum slouží pouze home userům. Viz pravidla: http://forum.viry.cz/viewtopic.php?f=12&t=5601 (bod 6).
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?