Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Podezření na bordel v NTB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Podezření na bordel v NTB
Dobrý den, mám nainstalované WIN 10. Defender nic nenašel, přesto mám dojem, že není vše v pořádku. Může mi s tím někdo pomoci?
-
Rudy
- Site Admin
- Příspěvky: 119651
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podezření na bordel v NTB
Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podezření na bordel v NTB
Zdravím Rudy, zde je výpis z logu:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by Tomas User (ATTENTION: The user is not administrator) on IBM-PC (22-08-2016 09:34:11)
Running from C:\Users\Tomas User\Desktop
Loaded Profiles: Tomas User & MSSQL$SQLEXPRESS (Available Profiles: IBM & Tomas User & Děti & Eva & Guest & MSSQL$SQLEXPRESS & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> ibmpmsvc.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> dasHost.exe
Failed to access process -> OfficeClickToRun.exe
Failed to access process -> CnxDIAS.exe
Failed to access process -> mDNSResponder.exe
Failed to access process -> AcPrfMgrSvc.exe
Failed to access process -> AppleMobileDeviceService.exe
Failed to access process -> svchost.exe
Failed to access process -> armsvc.exe
Failed to access process -> BtwRSupportService.exe
Failed to access process -> CamMute.exe
Failed to access process -> svchost.exe
Failed to access process -> vss-service-x64.exe
Failed to access process -> svchost.exe
Failed to access process -> TPKNRSVC.exe
Failed to access process -> sqlservr.exe
Failed to access process -> mqsvc.exe
Failed to access process -> sqlservr.exe
Failed to access process -> sqlservr.exe
Failed to access process -> mepService.exe
Failed to access process -> svchost.exe
Failed to access process -> SynTPEnhService.exe
Failed to access process -> svchost.exe
Failed to access process -> AcSvc.exe
Failed to access process -> sqlwriter.exe
Failed to access process -> sqlbrowser.exe
Failed to access process -> tphkload.exe
Failed to access process -> micmute.exe
Failed to access process -> TPHKSVC.exe
Failed to access process -> svchost.exe
Failed to access process -> MsMpEng.exe
Failed to access process -> SMSvcHost.exe
Failed to access process -> splwow64.exe
Failed to access process -> sqlservr.exe
Failed to access process -> svchost.exe
Failed to access process -> SMSvcHost.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> NisSrv.exe
Failed to access process -> LMS.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> UNS.exe
Failed to access process -> SvcGuiHlpr.exe
Failed to access process -> PresentationFontCache.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> dwm.exe
Failed to access process -> tpnumlk.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
Failed to access process -> shtctky.exe
Failed to access process -> tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Akamai Technologies, Inc.) C:\Users\Tomas User\AppData\Local\Akamai\netsession_win.exe
(Dropbox, Inc.) C:\Users\Tomas User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Akamai Technologies, Inc.) C:\Users\Tomas User\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Synology Inc.) C:\Users\Tomas User\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Synology Inc.) C:\Users\Tomas User\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
(Synology Inc.) C:\Users\Tomas User\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
Failed to access process -> MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Failed to access process -> svchost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
Failed to access process -> SearchProtocolHost.exe
Failed to access process -> SearchFilterHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [228744 2012-09-20] (Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-15] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63728 2015-06-08] (Lenovo)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [3091256 2011-12-26] (Lenovo Group Limited)
HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-27] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM\...\Run: [MSCRM] => C:\Program Files\Microsoft Dynamics CRM\Client\ConfigWizard\CrmForOutlookInstaller.exe [50904 2016-02-18] (Microsoft Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111928 2013-05-03] (Intel Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM\...\RunOnce: [Windows10UpgraderApp.exe] => C:\Windows10Upgrade\Windows10UpgraderApp.exe [1233608 2016-08-01] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [googletalk] => C:\Users\Tomas User\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [Akamai NetSession Interface] => C:\Users\Tomas User\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-08-08] (Google Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [Google Update] => C:\Users\Tomas User\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [Dropbox Update] => C:\Users\Tomas User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [FlickrUploadr] => "C:\Users\Tomas User\AppData\Local\FlickrUploadrWindows\Update.exe" --processStart Flickr.exe
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8721624 2016-05-13] (Piriform Ltd)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1079592 2015-06-26] (Apple Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => No File
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => No File
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => No File
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => No File
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File
Startup: C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-08]
ShortcutTarget: Dropbox.lnk -> C:\Users\Tomas User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-08-12]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2016-08-22]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 78.156.32.2
Tcpip\..\Interfaces\{0247b66a-a2ec-4aa1-90bc-570b23ca6a13}: [DhcpNameServer] 192.168.1.1 78.156.32.2
Tcpip\..\Interfaces\{1b9e4fe3-5bd5-4753-8838-c8be4dde810c}: [DhcpNameServer] 192.168.10.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.cz/?gws_rd=ssl
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-3933921734-831850175-2178263004-1003 -> {DBD6B40A-DC7E-4DB4-81F7-A9D86E91921A} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_2
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-08-01] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-01] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-08-01] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-01] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-3933921734-831850175-2178263004-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Edge:
======
Edge Session Restore: HKU\S-1-5-21-3933921734-831850175-2178263004-1003 -> is enabled.
Edge Extension: OneNote Web Clipper -> EdgeExtension_MicrosoftOneNoteWebClipper_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.OneNoteWebClipper_3.2.2.0_neutral__8wekyb3d8bbwe []
FireFox:
========
FF ProfilePath: C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-26] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-26] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-08-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3933921734-831850175-2178263004-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tomas User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3933921734-831850175-2178263004-1003: @talk.google.com/O1DPlugin -> C:\Users\Tomas User\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3933921734-831850175-2178263004-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Tomas User\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-3933921734-831850175-2178263004-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Tomas User\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tomas User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tomas User\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Sage - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\extensions\{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}.xpi [2015-08-19]
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-10-07] [not signed]
FF Extension: German Dictionary - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-01-27]
FF Extension: MEGA - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\firefox@mega.co.nz.xpi [2016-08-17]
FF Extension: iCloud Bookmarks - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\firefoxdav@icloud.com [2016-05-04]
FF Extension: Clip to OneNote (Legacy Edition) - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\jid0-e0l1gzjOmbUL1N6n3j8dBSBMcGE@jetpack.xpi [2016-04-29]
FF Extension: English (GB) Language Pack - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2016-08-15]
FF Extension: British English Dictionary (Marco Pinto) - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\marcoagpinto@mail.telepac.pt [2016-07-29]
FF Extension: RSS Ticker - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\{1f91cde0-c040-11da-a94d-0800200c9a66}.xpi [2016-04-29]
FF Extension: Facebook Messenger - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\{249b4e45-4fb9-4f6b-9754-7c0c1e605d44}.xpi [2016-08-08]
FF Extension: Clip to OneNote - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\{966762eb-7132-4081-ac70-20d20161ad96}.xpi [2016-04-29]
FF Extension: Adblock Plus - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
FF Extension: web_clipper - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2016-04-29]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2015-05-04] [not signed]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_66c900e0bba748a48556d8bfbd461098_39_1007_20140409_DE_cr_sp_"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (W2MO: Logistics Design, Optimization, 3D) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\acbokjkdobbboamnnfehlboekicdhcog [2016-07-29]
CHR Extension: (Web invaders 0.5) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ailkdhmigjiaaddokeppodhahdnjneic [2013-03-21]
CHR Extension: (Civimi) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjmedfffiokonklloiejjpdilkfoaoe [2015-01-23]
CHR Extension: (Angry Birds) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-01-23]
CHR Extension: (ProsperWorks CRM) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\albpjpoeipdaegjahdcjodcgfepninop [2016-07-29]
CHR Extension: (CacheList) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa [2013-10-06]
CHR Extension: (Google Docs) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-16]
CHR Extension: (Google Drive) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-21]
CHR Extension: (iCloud) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjhodfififgcgedifpkenofdhlaafokk [2015-11-06]
CHR Extension: (YouTube) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Yendo Accounting & CRM) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgllmndceblpkjnakpnceoafddbechmp [2016-06-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (SecuStore) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpoecbmhpockipmgfmhmdjjfkloohapi [2015-01-23]
CHR Extension: (Timout - Time Management) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dekpabfaimofbinkbjlgdkkecodejmbf [2015-01-23]
CHR Extension: (Launchpad for icloud) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfngkocjobhcdlknaffekkiafkboehkn [2016-03-22]
CHR Extension: (Google+) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-01-06]
CHR Extension: (Dropbox for Gmail) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-12-09]
CHR Extension: (Gmail Offline) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-01-23]
CHR Extension: (Záložky na iCloudu) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-12-01]
CHR Extension: (Curriculum Vitae) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flioeldgpgjacmincblnnekbckefoimk [2015-01-23]
CHR Extension: (Sage One Payroll) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncbghpihhieeaaeghiponnmdihjjmeb [2015-01-23]
CHR Extension: (Facebook for Chrome) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2015-09-18]
CHR Extension: (Google Kalendář (od Google)) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2016-02-08]
CHR Extension: (Resume (CV) Maker) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpbnepipgmcpkdglgbcfmcecaoflaemc [2015-01-23]
CHR Extension: (Nimbus Notes) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\haafigbapbpbpnmgcknnmilaaaimggpk [2016-03-30]
CHR Extension: (Pomodoro Timer) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfgjlgjnpkpmnpojkkpfkogapiclopop [2016-03-22]
CHR Extension: (KanbanFlow) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhhlbmjihokflibmbfmldajolmkaemhi [2014-01-30]
CHR Extension: (FreshBooks) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbblejpnpdjplgcpfkaacnifipgejjm [2015-01-23]
CHR Extension: (CRM for Gmail) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpfmedbkgaakgagknibnonpkimkibkla [2016-07-29]
CHR Extension: (BookedIN - Appointment Booking and Scheduling) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iheobladblmphoggmehhahdfikpbilnj [2016-02-17]
CHR Extension: (Todo) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikahfffkoooklidnihpjognlfhhjcpop [2013-10-15]
CHR Extension: (HelloSign: Zjednodušuje podepisování online) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajjckmbclbffbpecfbiecehkfgopppd [2015-03-27]
CHR Extension: (BB10 / PlayBook App Manager) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaalodpmjjhpobkgljnelbpblnikkp [2015-01-23]
CHR Extension: (Deutsch Übersetzung) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaknmijfndempchdcfgfamljimjkjm [2015-12-01]
CHR Extension: (Google Play) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-03-27]
CHR Extension: (KanbanTool) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcbdfgcnokicageijdibcbjfljhmgdbo [2013-10-16]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2016-07-29]
CHR Extension: (Currency Converter) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncdobdbibdgoiohgnflmjajfphcnakg [2015-03-27]
CHR Extension: (Mapy Google) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-18]
CHR Extension: (HeapNote Student) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpkjlfphbilckljgefidcggjagliide [2014-01-30]
CHR Extension: (Kashoo Accounting Software) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\neiopiflolnemhanncaicdpgbehnihke [2015-01-23]
CHR Extension: (Do It (Tomorrow)) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2015-01-23]
CHR Extension: (OneDrive) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2015-01-23]
CHR Extension: (Weather Forecasts) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\obffdagikgkkkdmldnoonpaebfnhegnd [2015-01-23]
CHR Extension: (SplashID Safe Password Manager) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijofkgpgcijmhodeaignecmpgginhbc [2013-10-16]
CHR Extension: (Readability) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2015-12-01]
CHR Extension: (Booking.com) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pficdecjkdlnacnnbkociacmdbpmhdoc [2015-01-23]
CHR Extension: (Gmail) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [geempcnjhccnoepfmahaeemnnfnignab] - C:\Program Files (x86)\Lenovo\Password Manager\chrome_npapi_extension.crx [2011-12-26]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2015-10-07] (Broadcom Corporation.)
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [5225312 2014-11-20] (CANON INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2950856 2016-07-25] (Microsoft Corporation)
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2016-07-04] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
R3 lmhosts; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 MSSQL$CRMPLUSSQL; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29263712 2008-11-24] (Microsoft Corporation)
R2 MSSQL$MAMUT; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation)
S2 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29263712 2008-11-24] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [194240 2015-05-05] (Microsoft Corporation)
R2 MSSQLSERVER; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703696 2016-08-08] (SEIKO EPSON CORPORATION)
R2 NlaSvc; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 ose64; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [242224 2016-07-23] (Microsoft Corporation) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation)
S4 SQLAgent$MAMUT; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-05-05] (Microsoft Corporation)
S4 SQLSERVERAGENT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2015-09-29] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-04-21] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2015-10-07] (Broadcom Corporation.)
S3 blackberryncm; C:\Windows\System32\drivers\blackberryncm6_AMD64.sys [36360 2016-04-06] (BlackBerry)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 pelmouse; C:\Windows\system32\DRIVERS\pelmouse.sys [23040 2015-12-17] (TPMX Electronics Ltd.)
R3 pelusblf; C:\Windows\system32\DRIVERS\pelusblf.sys [35328 2015-12-22] (TPMX Electronics Ltd.)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited)
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [337088 2014-05-15] (Microsoft Corporation)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52912 2015-10-07] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 RimUsb; \SystemRoot\System32\Drivers\RimUsb_AMD64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-22 09:34 - 2016-08-22 09:34 - 00039188 _____ C:\Users\Tomas User\Desktop\FRST.txt
2016-08-22 09:30 - 2016-08-22 09:33 - 00047495 _____ C:\Users\Tomas User\Downloads\Addition.txt
2016-08-22 09:30 - 2016-08-22 09:30 - 00029696 _____ C:\Users\Tomas User\AppData\Local\MSGBOX.EXE
2016-08-22 09:30 - 2016-08-22 09:30 - 00015327 _____ C:\Users\Tomas User\Desktop\LM.bat
2016-08-22 09:29 - 2016-08-22 09:30 - 00112640 _____ (forum.viry.cz) C:\Users\Tomas User\Desktop\FRSTLauncher.exe
2016-08-22 09:28 - 2016-08-22 09:33 - 00086235 _____ C:\Users\Tomas User\Downloads\FRST.txt
2016-08-22 09:27 - 2016-08-22 09:28 - 02396672 _____ (Farbar) C:\Users\Tomas User\Desktop\FRST64.exe
2016-08-22 09:06 - 2016-08-22 09:06 - 00000000 ___HD C:\OneDriveTemp
2016-08-19 14:03 - 2016-08-19 14:03 - 00095592 _____ C:\Users\Tomas User\Downloads\vykaz zisku a ztrat_31032012.pdf
2016-08-19 12:20 - 2016-08-19 12:20 - 00002399 _____ C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2016-08-19 12:20 - 2016-08-19 12:20 - 00002391 _____ C:\Users\Tomas User\Desktop\Vivaldi.lnk
2016-08-19 12:20 - 2016-08-19 12:20 - 00000000 ____D C:\Users\Tomas User\AppData\Local\Chromium
2016-08-19 12:19 - 2016-08-19 12:20 - 00000000 ____D C:\Users\Tomas User\AppData\Local\Vivaldi
2016-08-19 12:18 - 2016-08-19 12:19 - 38890616 _____ (Vivaldi Technologies AS) C:\Users\Tomas User\Downloads\Vivaldi.1.3.551.30.exe
2016-08-17 12:54 - 2016-08-17 12:54 - 00001475 _____ C:\Users\Tomas User\Desktop\Opera.lnk
2016-08-17 12:54 - 2016-08-17 12:54 - 00001475 _____ C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-08-17 09:17 - 2016-08-17 09:17 - 00442967 _____ C:\Users\Tomas User\Desktop\Ravago.pdf
2016-08-16 14:19 - 2016-08-16 14:19 - 00649202 _____ C:\Users\Tomas User\Desktop\Optimalizace nákladů na dopravní služby.pdf
2016-08-16 14:17 - 2016-08-16 14:17 - 00961667 _____ C:\Users\Tomas User\Desktop\Řešení pro optimalizaci logistiky.pdf
2016-08-16 11:55 - 2016-08-16 11:55 - 00001172 _____ C:\Users\Public\Desktop\FREE MSG File Viewer.lnk
2016-08-16 11:55 - 2016-08-16 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREE MSG File Viewer
2016-08-16 11:55 - 2016-08-16 11:55 - 00000000 ____D C:\ProgramData\CDTPL
2016-08-16 11:55 - 2016-08-16 11:55 - 00000000 ____D C:\Program Files (x86)\FREE MSG File Viewer
2016-08-15 14:57 - 2016-08-15 15:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-15 12:27 - 2016-08-15 12:27 - 00000000 ____D C:\Users\Tomas User\Desktop\THOMAS
2016-08-12 09:56 - 2016-08-12 09:57 - 00000115 _____ C:\Users\Tomas User\Desktop\Synology_CLOUD.url
2016-08-11 16:32 - 2016-08-11 16:32 - 00040780 _____ C:\Users\Tomas User\Downloads\Vyuctovani_2016_05-0686678858.pdf
2016-08-11 11:59 - 2016-08-11 11:59 - 02315901 _____ C:\Users\Tomas User\Downloads\2014_prooffice_zpravaauditora_vz_komplet_scan.pdf
2016-08-11 11:26 - 2016-08-11 11:27 - 01052329 _____ C:\Users\Tomas User\Downloads\profol czech vyrocni zprava 2015 (1).pdf
2016-08-10 07:11 - 2016-08-10 07:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-08-10 07:11 - 2016-08-10 07:11 - 00000000 ____D C:\Program Files\VS Revo Group
2016-08-10 00:17 - 2016-08-10 00:17 - 00065305 _____ C:\Users\Tomas User\Desktop\schneeberger 11.10. 2016.pptx
2016-08-10 00:15 - 2016-08-10 00:18 - 00065287 _____ C:\Users\Tomas User\Desktop\jansen display 11.10. 2016.pptx
2016-08-09 23:30 - 2016-08-02 10:58 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-09 23:30 - 2016-08-02 10:53 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-09 23:30 - 2016-08-02 10:52 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-09 23:30 - 2016-08-02 10:48 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-09 23:30 - 2016-08-02 10:48 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-09 23:30 - 2016-08-02 10:44 - 00151232 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-09 23:30 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-09 23:30 - 2016-08-02 10:23 - 22572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-09 23:30 - 2016-08-02 10:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-09 23:30 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-09 23:30 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-09 23:30 - 2016-08-02 10:20 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-09 23:30 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-09 23:30 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-09 23:30 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-09 23:30 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-09 23:30 - 2016-08-02 10:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-09 23:30 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-09 23:30 - 2016-08-02 10:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-09 23:30 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-09 23:30 - 2016-08-02 10:09 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-09 23:30 - 2016-08-02 10:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-09 23:30 - 2016-08-02 10:07 - 09125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-09 23:30 - 2016-08-02 10:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-09 23:30 - 2016-08-02 10:00 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-09 23:30 - 2016-08-02 09:59 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-09 23:30 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-09 23:30 - 2016-08-02 09:57 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-09 23:30 - 2016-08-02 09:56 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-09 23:30 - 2016-08-02 09:56 - 01785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-09 23:30 - 2016-08-02 09:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-09 23:30 - 2016-08-02 09:55 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-09 23:30 - 2016-08-02 09:55 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-09 23:30 - 2016-08-02 09:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-09 23:30 - 2016-08-02 06:56 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-09 23:30 - 2016-08-02 06:51 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-09 23:30 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-09 23:30 - 2016-08-02 06:39 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-09 23:30 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-09 23:30 - 2016-08-02 06:37 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-09 23:30 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-09 23:30 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-09 23:30 - 2016-08-02 06:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-09 23:30 - 2016-08-02 06:28 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-09 23:30 - 2016-08-02 06:27 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-09 23:30 - 2016-08-02 06:26 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-09 23:30 - 2016-08-02 06:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-09 23:30 - 2016-08-02 06:25 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-09 23:30 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-09 23:30 - 2016-08-02 06:23 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-09 23:30 - 2016-08-02 06:16 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-09 23:30 - 2016-08-02 06:13 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-09 23:30 - 2016-08-02 06:13 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-09 23:30 - 2016-08-02 06:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-09 23:30 - 2016-08-02 06:09 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-09 15:29 - 2016-08-09 15:29 - 00000000 ____D C:\Users\Tomas User\Desktop\Acema
2016-08-09 15:27 - 2016-08-09 15:27 - 01351355 _____ C:\Users\Tomas User\Downloads\vyrocni zprava + audit + rozvaha a vysledovka 2014_2015.pdf
2016-08-08 08:01 - 2016-08-08 08:01 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-05 12:16 - 2016-08-05 12:16 - 00135168 _____ C:\Users\Tomas User\Desktop\Reference Zeppelin.pub
2016-08-05 11:18 - 2016-08-05 11:18 - 00000000 ____D C:\CLOUD_NAS
2016-08-05 11:16 - 2016-08-22 09:07 - 00000000 ___RD C:\Users\Tomas User\CloudStation
2016-08-05 11:13 - 2016-08-05 11:13 - 00000042 ____H C:\Users\Tomas User\.uuid
2016-08-05 11:12 - 2016-08-09 20:46 - 00000000 ____D C:\Users\Tomas User\AppData\Local\CloudStation
2016-08-05 11:12 - 2016-08-05 11:12 - 00001360 _____ C:\Users\Public\Desktop\Synology Cloud Station Drive.lnk
2016-08-05 11:12 - 2016-08-05 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2016-08-05 11:12 - 2016-08-05 11:12 - 00000000 ____D C:\Program Files (x86)\Synology
2016-08-04 14:56 - 2016-08-04 14:56 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.1.lnk
2016-08-04 14:56 - 2016-08-04 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1
2016-08-04 14:54 - 2016-08-04 14:56 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2016-08-04 00:52 - 2016-08-04 00:53 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-08-03 22:09 - 2016-08-03 22:09 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-03 22:02 - 2016-08-03 22:36 - 00000000 ____D C:\Users\Tomas User\AppData\Local\ConnectedDevicesPlatform
2016-08-03 22:02 - 2016-08-03 22:02 - 00000644 __RSH C:\Users\Tomas User\ntuser.pol
2016-08-03 22:02 - 2016-08-03 22:02 - 00000020 ___SH C:\Users\Tomas User\ntuser.ini
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Šablony
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Poslední
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Okolní síť
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Dokumenty
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Data aplikací
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 ____D C:\ProgramData\USOShared
2016-08-03 21:32 - 2016-08-08 21:29 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2016-08-03 21:32 - 2016-08-08 21:29 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-08-03 21:25 - 2016-08-19 09:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-03 21:20 - 2016-08-10 22:53 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-03 21:14 - 2016-08-03 21:14 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-03 21:14 - 2016-08-03 21:14 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-03 21:14 - 2016-08-03 21:14 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-03 21:14 - 2016-08-03 21:14 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-03 21:14 - 2016-08-03 21:14 - 00000000 ____D C:\Program Files\CMAK
2016-08-03 21:14 - 2016-08-03 21:14 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-08-03 21:13 - 2016-07-15 20:29 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2016-08-03 21:13 - 2016-07-15 20:29 - 11602432 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2016-08-03 21:13 - 2016-07-15 20:29 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-08-03 21:13 - 2016-07-15 20:29 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-08-03 21:13 - 2016-07-15 20:17 - 02083328 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2016-08-03 21:13 - 2016-07-15 20:14 - 06354944 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-08-03 21:13 - 2016-07-15 19:45 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll
2016-08-03 21:13 - 2016-07-15 19:45 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-08-03 21:13 - 2016-07-15 19:31 - 01997312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2016-08-03 21:13 - 2016-07-15 19:29 - 05489664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-08-03 21:09 - 2016-08-03 21:09 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Roaming\ProductData
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Roaming\IObit
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\LocalLow\Sun
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Local\Tvsukernel
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Local\Trusteer
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Local\Lenovo
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Local\Downloaded Installations
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Local\ashampoo
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ProductData
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Roaming\IObit
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\LocalLow\Sun
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Local\Tvsukernel
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Local\Trusteer
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Local\Lenovo
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Local\Downloaded Installations
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Local\ashampoo
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Program Files\MSBuild
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\inetpub
2016-08-03 21:08 - 2016-08-03 21:13 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-03 21:08 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-03 21:08 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-03 21:08 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-03 21:08 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-03 21:08 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-03 21:08 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-03 20:58 - 2016-08-03 20:58 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-08-03 20:48 - 2016-08-22 09:06 - 00000000 ____D C:\Users\Tomas User
2016-08-03 20:48 - 2016-08-17 11:37 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS
2016-08-03 20:48 - 2016-08-16 16:16 - 00000000 ____D C:\Users\IBM
2016-08-03 20:48 - 2016-08-13 13:47 - 00000000 ____D C:\Users\Děti
2016-08-03 20:48 - 2016-08-10 21:57 - 00000000 ____D C:\Users\Eva
2016-08-03 20:48 - 2016-08-03 21:24 - 00000000 ____D C:\Users\Guest
2016-08-03 20:48 - 2016-08-03 21:23 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Šablony
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Soubory cookie
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Poslední
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Okolní tiskárny
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Okolní síť
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Nabídka Start
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Dokumenty
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Documents\Obrázky
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Documents\Hudba
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Documents\Filmy
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Data aplikací
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\AppData\Local\Data aplikací
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\IBM\Documents\Obrázky
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\IBM\Documents\Hudba
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\IBM\Documents\Filmy
2016-08-03 20:47 - 2016-08-11 16:14 - 02651038 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-03 20:47 - 2016-08-03 20:47 - 01451720 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-08-03 20:43 - 2016-08-03 20:58 - 00000000 ____D C:\Program Files\CONEXANT
2016-08-03 20:43 - 2016-08-03 20:58 - 00000000 ____D C:\Program Files\Canon
2016-08-03 20:43 - 2016-08-03 20:43 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2016-08-03 20:43 - 2016-08-03 20:43 - 00000000 ____D C:\Program Files\Synaptics
2016-08-03 20:42 - 2016-08-03 22:01 - 00000000 ___HD C:\$GetCurrent
2016-08-03 20:42 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-03 20:41 - 2016-08-22 09:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-03 20:41 - 2016-08-16 11:55 - 00000738 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník při upgradu na Windows 10.lnk
2016-08-03 20:41 - 2016-08-16 11:55 - 00000000 ____D C:\Windows10Upgrade
2016-08-03 20:41 - 2016-08-10 00:48 - 00457136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-03 20:41 - 2016-08-03 20:41 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-02 18:17 - 2016-08-02 18:17 - 00542537 _____ C:\Users\Tomas User\Downloads\renolit_vyrocni_zprava_2015_200.pdf
2016-08-02 17:55 - 2016-08-02 17:55 - 01052329 _____ C:\Users\Tomas User\Downloads\profol czech vyrocni zprava 2015.pdf
2016-08-02 17:53 - 2016-08-02 17:53 - 00146713 _____ C:\Users\Tomas User\Downloads\beschluss hv profol czech.pdf
2016-08-02 12:18 - 2016-08-02 12:18 - 08271681 ____T C:\Users\Tomas User\Desktop\VOP.pdf
2016-08-01 13:59 - 2016-08-04 14:48 - 00014094 _____ C:\Users\Tomas User\Desktop\Kopie - Kontaktni_informace_vyber.xlsx
2016-08-01 13:58 - 2016-08-08 17:19 - 00122292 _____ C:\Users\Tomas User\Desktop\Kopie - Leady_vyber.xlsx
2016-08-01 12:17 - 2016-08-01 12:17 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-07-31 11:36 - 2016-07-31 11:37 - 00164968 _____ C:\Users\Tomas User\Downloads\7275443.pdf
2016-07-29 17:00 - 2016-07-29 17:00 - 02111518 _____ C:\Users\Tomas User\Downloads\zaverecna_prace (1).pdf
2016-07-26 14:24 - 2016-07-01 05:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-26 14:23 - 2016-07-01 05:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-26 13:55 - 2016-07-26 13:56 - 20466368 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-22 09:34 - 2016-02-16 19:22 - 00000000 ____D C:\FRST
2016-08-22 09:24 - 2013-03-21 09:05 - 00000000 ____D C:\Users\Tomas User\Documents\Soubory aplikace Outlook
2016-08-22 09:06 - 2015-10-07 14:34 - 00000000 ___RD C:\Users\Tomas User\OneDrive
2016-08-22 09:06 - 2015-02-23 12:49 - 00000000 ___RD C:\Users\Tomas User\Dropbox
2016-08-22 09:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-19 14:32 - 2014-10-25 22:25 - 00000000 ____D C:\Users\Tomas User\Desktop\Data Traveller 25.10.2014
2016-08-19 13:52 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-19 13:52 - 2015-10-07 14:16 - 00000000 ____D C:\Users\Tomas User\AppData\Local\Packages
2016-08-19 13:44 - 2015-02-13 12:25 - 00000000 ____D C:\Users\Tomas User\AppData\Local\9D4400D6-2BCF-46CE-8EAB-B1FCC88A1592.aplzod
2016-08-19 13:35 - 2015-02-13 12:25 - 00000000 ___RD C:\Users\Tomas User\iCloudDrive
2016-08-19 12:20 - 2015-07-20 23:08 - 00000000 ____D C:\Users\Tomas User\Documents\Enpass
2016-08-15 15:44 - 2013-03-20 13:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-14 16:20 - 2014-05-23 19:56 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\vlc
2016-08-13 11:30 - 2016-04-20 15:23 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\TeamViewer
2016-08-11 16:14 - 2016-07-17 00:25 - 00870334 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-11 16:14 - 2016-07-17 00:25 - 00252692 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-10 23:25 - 2015-09-01 22:57 - 00000000 ____D C:\AdwCleaner
2016-08-10 22:59 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-10 22:52 - 2016-06-02 15:07 - 00000000 ____D C:\Users\Tomas User\AppData\Local\CrashDumps
2016-08-10 22:00 - 2016-04-15 09:37 - 00000000 ____D C:\Users\Tomas User\Desktop\4PL Lean Logistics
2016-08-10 21:55 - 2015-07-09 13:24 - 00000000 ____D C:\Users\Tomas User\Desktop\CMSS
2016-08-10 10:01 - 2015-09-10 07:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-10 08:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-10 07:20 - 2015-06-22 23:21 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-10 00:20 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-08-09 23:47 - 2013-07-19 09:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-09 23:31 - 2013-03-20 17:24 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-08 22:23 - 2014-12-07 18:40 - 00000000 ____D C:\Users\Tomas User\Downloads\20090819 - moi
2016-08-08 21:31 - 2014-10-07 13:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-08 15:33 - 2014-10-07 13:27 - 00000000 ____D C:\Users\Tomas User\AppData\Local\BlackBerry
2016-08-08 08:01 - 2015-02-23 12:36 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\Dropbox
2016-08-05 10:53 - 2015-09-23 13:51 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-04 04:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-04 00:54 - 2016-04-26 14:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-03 22:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-03 22:12 - 2015-10-07 14:34 - 00002446 _____ C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-03 21:39 - 2016-04-21 16:04 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-03 21:39 - 2013-03-20 13:12 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-03 21:37 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-03 21:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-03 21:31 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-03 21:31 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-03 21:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-03 21:26 - 2015-10-07 14:12 - 00023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-03 21:25 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2016-08-03 21:24 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-03 21:20 - 2016-07-16 13:49 - 00000000 ____D C:\WINDOWS\Setup
2016-08-03 21:13 - 2016-07-17 00:26 - 00000000 ____D C:\WINDOWS\OCR
2016-08-03 21:12 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-03 21:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Help
2016-08-03 21:12 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-03 21:12 - 2016-01-06 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Sync
2016-08-03 21:12 - 2015-12-12 23:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-03 21:12 - 2015-12-12 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-03 21:12 - 2015-12-09 11:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-08-03 21:12 - 2015-10-12 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2016-08-03 21:12 - 2015-09-01 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-03 21:12 - 2015-08-28 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-08-03 21:12 - 2015-08-18 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-08-03 21:12 - 2015-02-06 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\map&guide professional 2010
2016-08-03 21:12 - 2015-02-04 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2016-08-03 21:12 - 2015-02-04 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-08-03 21:12 - 2014-07-30 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-03 21:12 - 2014-05-23 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-03 21:12 - 2014-04-19 00:58 - 00000000 ____D C:\WINDOWS\cs
2016-08-03 21:12 - 2014-04-16 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enpass
2016-08-03 21:12 - 2013-07-12 01:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-03 21:12 - 2013-06-17 00:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Migration
2016-08-03 21:12 - 2013-06-03 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 R2
2016-08-03 21:12 - 2013-05-07 14:34 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2016-08-03 21:12 - 2013-05-07 14:34 - 00000000 ____D C:\WINDOWS\system32\1033
2016-08-03 21:12 - 2013-05-06 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012
2016-08-03 21:12 - 2013-04-10 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage
2016-08-03 21:12 - 2013-03-31 16:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-08-03 21:12 - 2013-03-20 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-03 21:12 - 2013-03-20 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-03 21:12 - 2013-02-20 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWaiting
2016-08-03 21:12 - 2013-02-20 11:59 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-08-03 21:12 - 2013-02-20 10:46 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2016-08-03 21:11 - 2015-12-01 17:44 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2016-08-03 21:11 - 2015-08-16 20:05 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flickr
2016-08-03 21:11 - 2013-03-21 15:09 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
2016-08-03 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-03 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-08-03 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-03 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-08-03 21:09 - 2016-07-16 13:44 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-08-03 21:09 - 2016-07-16 13:44 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-08-03 21:09 - 2016-07-16 13:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-08-03 21:09 - 2016-07-16 13:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-08-03 21:09 - 2016-07-16 13:44 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-08-03 21:09 - 2016-07-16 13:44 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-08-03 21:09 - 2016-07-16 13:43 - 01414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-08-03 21:09 - 2016-07-16 13:43 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-08-03 21:09 - 2016-07-16 13:43 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-08-03 21:09 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-08-03 21:09 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-08-03 21:09 - 2016-07-16 13:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-08-03 21:09 - 2016-07-16 13:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-08-03 21:09 - 2016-07-16 13:43 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-08-03 21:09 - 2016-07-16 13:43 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-08-03 21:09 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-08-03 21:08 - 2014-07-08 14:22 - 00000996 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3933921734-831850175-2178263004-1003UA.job
2016-08-03 21:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Web
2016-08-03 21:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-03 21:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-08-03 21:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-03 21:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-03 21:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-08-03 21:01 - 2013-02-20 12:08 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2016-08-03 20:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\schemas
2016-08-03 20:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Resources
2016-08-03 20:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-03 20:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-03 20:59 - 2015-10-16 12:50 - 00000000 ___HD C:\WINDOWS\system32\CanonMF Uninstaller Information
2016-08-03 20:59 - 2013-04-09 20:50 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-08-03 20:58 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-08-03 20:58 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-08-03 20:58 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\System
2016-08-03 20:58 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-03 20:58 - 2016-04-19 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
2016-08-03 20:58 - 2015-07-30 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LMSS
2016-08-03 20:58 - 2015-06-22 22:46 - 00000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3933921734-831850175-2178263004-1003UA.job
2016-08-03 20:58 - 2015-04-16 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-08-03 20:58 - 2015-02-04 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpsonNet
2016-08-03 20:58 - 2013-05-28 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon
2016-08-03 20:58 - 2013-05-07 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2016-08-03 20:58 - 2012-05-25 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-08-03 20:55 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicyUsers
2016-08-03 20:55 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-08-03 20:53 - 2013-04-09 14:22 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-03 20:51 - 2016-04-05 12:04 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evernote
2016-08-03 20:51 - 2013-08-17 00:05 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DDPB
2016-08-03 20:47 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-03 20:44 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-03 20:44 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-03 19:32 - 2013-03-20 13:12 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-03 10:58 - 2015-06-22 22:46 - 00000886 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3933921734-831850175-2178263004-1003Core.job
2016-08-01 15:45 - 2015-07-30 10:50 - 00039822 _____ C:\Users\Tomas User\Documents\ASped50.wlog
2016-08-01 14:59 - 2015-08-18 11:04 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\EurekaLog
2016-08-01 14:07 - 2014-07-08 14:22 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3933921734-831850175-2178263004-1003Core.job
2016-08-01 12:13 - 2013-03-20 18:52 - 00000000 ____D C:\Program Files\Microsoft Office
2016-08-01 10:50 - 2013-07-12 00:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-08-01 10:50 - 2013-07-12 00:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-29 16:58 - 2014-11-27 14:43 - 00000000 ____D C:\Users\Tomas User\AppData\Local\Apple
2016-07-29 13:06 - 2015-09-01 23:26 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-29 13:03 - 2015-09-01 23:26 - 00001178 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-29 13:03 - 2015-09-01 23:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-29 12:54 - 2016-04-08 16:53 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-27 21:25 - 2010-11-21 05:27 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2013-03-25 16:45 - 2013-03-25 17:24 - 0037725 _____ () C:\Users\Tomas User\AppData\Roaming\Hodnoty oddělené čárkami (DOS).ADR
2013-04-22 14:49 - 2014-10-07 13:09 - 0006723 _____ () C:\Users\Tomas User\AppData\Roaming\Rim.Desktop.Exception.log
2013-04-22 14:50 - 2014-10-07 13:09 - 0003311 _____ () C:\Users\Tomas User\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-10-11 17:42 - 2014-10-07 13:09 - 0002387 _____ () C:\Users\Tomas User\AppData\Roaming\Rim.Transcoder.Exception.log
2013-10-11 17:42 - 2014-11-25 04:16 - 0046592 _____ () C:\Users\Tomas User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-22 09:30 - 2016-08-22 09:30 - 0029696 _____ () C:\Users\Tomas User\AppData\Local\MSGBOX.EXE
2015-11-06 12:06 - 2015-11-06 12:06 - 0000000 _____ () C:\Users\Tomas User\AppData\Local\{34ECD167-DB3D-48B5-8F8D-C32ECBFC2505}
2015-10-14 17:58 - 2015-10-14 17:58 - 0000000 _____ () C:\Users\Tomas User\AppData\Local\{61A2927E-85DE-4519-889E-991E15FB7AE1}
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ==> Could not access BCD. The user is not administrator
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by Tomas User (ATTENTION: The user is not administrator) on IBM-PC (22-08-2016 09:34:11)
Running from C:\Users\Tomas User\Desktop
Loaded Profiles: Tomas User & MSSQL$SQLEXPRESS (Available Profiles: IBM & Tomas User & Děti & Eva & Guest & MSSQL$SQLEXPRESS & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> ibmpmsvc.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> dasHost.exe
Failed to access process -> OfficeClickToRun.exe
Failed to access process -> CnxDIAS.exe
Failed to access process -> mDNSResponder.exe
Failed to access process -> AcPrfMgrSvc.exe
Failed to access process -> AppleMobileDeviceService.exe
Failed to access process -> svchost.exe
Failed to access process -> armsvc.exe
Failed to access process -> BtwRSupportService.exe
Failed to access process -> CamMute.exe
Failed to access process -> svchost.exe
Failed to access process -> vss-service-x64.exe
Failed to access process -> svchost.exe
Failed to access process -> TPKNRSVC.exe
Failed to access process -> sqlservr.exe
Failed to access process -> mqsvc.exe
Failed to access process -> sqlservr.exe
Failed to access process -> sqlservr.exe
Failed to access process -> mepService.exe
Failed to access process -> svchost.exe
Failed to access process -> SynTPEnhService.exe
Failed to access process -> svchost.exe
Failed to access process -> AcSvc.exe
Failed to access process -> sqlwriter.exe
Failed to access process -> sqlbrowser.exe
Failed to access process -> tphkload.exe
Failed to access process -> micmute.exe
Failed to access process -> TPHKSVC.exe
Failed to access process -> svchost.exe
Failed to access process -> MsMpEng.exe
Failed to access process -> SMSvcHost.exe
Failed to access process -> splwow64.exe
Failed to access process -> sqlservr.exe
Failed to access process -> svchost.exe
Failed to access process -> SMSvcHost.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> NisSrv.exe
Failed to access process -> LMS.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> UNS.exe
Failed to access process -> SvcGuiHlpr.exe
Failed to access process -> PresentationFontCache.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> dwm.exe
Failed to access process -> tpnumlk.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
Failed to access process -> shtctky.exe
Failed to access process -> tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Akamai Technologies, Inc.) C:\Users\Tomas User\AppData\Local\Akamai\netsession_win.exe
(Dropbox, Inc.) C:\Users\Tomas User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Akamai Technologies, Inc.) C:\Users\Tomas User\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Synology Inc.) C:\Users\Tomas User\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Synology Inc.) C:\Users\Tomas User\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
(Synology Inc.) C:\Users\Tomas User\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
Failed to access process -> MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Failed to access process -> svchost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
Failed to access process -> SearchProtocolHost.exe
Failed to access process -> SearchFilterHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [228744 2012-09-20] (Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-15] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63728 2015-06-08] (Lenovo)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [3091256 2011-12-26] (Lenovo Group Limited)
HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-27] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM\...\Run: [MSCRM] => C:\Program Files\Microsoft Dynamics CRM\Client\ConfigWizard\CrmForOutlookInstaller.exe [50904 2016-02-18] (Microsoft Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111928 2013-05-03] (Intel Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM\...\RunOnce: [Windows10UpgraderApp.exe] => C:\Windows10Upgrade\Windows10UpgraderApp.exe [1233608 2016-08-01] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [googletalk] => C:\Users\Tomas User\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [Akamai NetSession Interface] => C:\Users\Tomas User\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-08-08] (Google Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [Google Update] => C:\Users\Tomas User\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [Dropbox Update] => C:\Users\Tomas User\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [FlickrUploadr] => "C:\Users\Tomas User\AppData\Local\FlickrUploadrWindows\Update.exe" --processStart Flickr.exe
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8721624 2016-05-13] (Piriform Ltd)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1079592 2015-06-26] (Apple Inc.)
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => No File
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => No File
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => No File
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => No File
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File
Startup: C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-08]
ShortcutTarget: Dropbox.lnk -> C:\Users\Tomas User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-08-12]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2016-08-22]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 78.156.32.2
Tcpip\..\Interfaces\{0247b66a-a2ec-4aa1-90bc-570b23ca6a13}: [DhcpNameServer] 192.168.1.1 78.156.32.2
Tcpip\..\Interfaces\{1b9e4fe3-5bd5-4753-8838-c8be4dde810c}: [DhcpNameServer] 192.168.10.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3933921734-831850175-2178263004-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.cz/?gws_rd=ssl
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-3933921734-831850175-2178263004-1003 -> {DBD6B40A-DC7E-4DB4-81F7-A9D86E91921A} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_2
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-08-01] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-01] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-08-01] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-01] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-3933921734-831850175-2178263004-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-08-01] (Microsoft Corporation)
Edge:
======
Edge Session Restore: HKU\S-1-5-21-3933921734-831850175-2178263004-1003 -> is enabled.
Edge Extension: OneNote Web Clipper -> EdgeExtension_MicrosoftOneNoteWebClipper_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.OneNoteWebClipper_3.2.2.0_neutral__8wekyb3d8bbwe []
FireFox:
========
FF ProfilePath: C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-26] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-26] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-08-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3933921734-831850175-2178263004-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tomas User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3933921734-831850175-2178263004-1003: @talk.google.com/O1DPlugin -> C:\Users\Tomas User\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3933921734-831850175-2178263004-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Tomas User\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-3933921734-831850175-2178263004-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Tomas User\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tomas User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tomas User\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Sage - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\extensions\{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}.xpi [2015-08-19]
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-10-07] [not signed]
FF Extension: German Dictionary - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-01-27]
FF Extension: MEGA - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\firefox@mega.co.nz.xpi [2016-08-17]
FF Extension: iCloud Bookmarks - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\firefoxdav@icloud.com [2016-05-04]
FF Extension: Clip to OneNote (Legacy Edition) - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\jid0-e0l1gzjOmbUL1N6n3j8dBSBMcGE@jetpack.xpi [2016-04-29]
FF Extension: English (GB) Language Pack - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2016-08-15]
FF Extension: British English Dictionary (Marco Pinto) - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\marcoagpinto@mail.telepac.pt [2016-07-29]
FF Extension: RSS Ticker - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\{1f91cde0-c040-11da-a94d-0800200c9a66}.xpi [2016-04-29]
FF Extension: Facebook Messenger - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\{249b4e45-4fb9-4f6b-9754-7c0c1e605d44}.xpi [2016-08-08]
FF Extension: Clip to OneNote - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\{966762eb-7132-4081-ac70-20d20161ad96}.xpi [2016-04-29]
FF Extension: Adblock Plus - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
FF Extension: web_clipper - C:\Users\Tomas User\AppData\Roaming\Mozilla\Firefox\Profiles\altp7wvl.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2016-04-29]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF HKU\S-1-5-21-3933921734-831850175-2178263004-1003\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2015-05-04] [not signed]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_66c900e0bba748a48556d8bfbd461098_39_1007_20140409_DE_cr_sp_"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (W2MO: Logistics Design, Optimization, 3D) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\acbokjkdobbboamnnfehlboekicdhcog [2016-07-29]
CHR Extension: (Web invaders 0.5) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ailkdhmigjiaaddokeppodhahdnjneic [2013-03-21]
CHR Extension: (Civimi) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjmedfffiokonklloiejjpdilkfoaoe [2015-01-23]
CHR Extension: (Angry Birds) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-01-23]
CHR Extension: (ProsperWorks CRM) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\albpjpoeipdaegjahdcjodcgfepninop [2016-07-29]
CHR Extension: (CacheList) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa [2013-10-06]
CHR Extension: (Google Docs) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-16]
CHR Extension: (Google Drive) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-21]
CHR Extension: (iCloud) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjhodfififgcgedifpkenofdhlaafokk [2015-11-06]
CHR Extension: (YouTube) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-06]
CHR Extension: (Yendo Accounting & CRM) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgllmndceblpkjnakpnceoafddbechmp [2016-06-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (SecuStore) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpoecbmhpockipmgfmhmdjjfkloohapi [2015-01-23]
CHR Extension: (Timout - Time Management) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dekpabfaimofbinkbjlgdkkecodejmbf [2015-01-23]
CHR Extension: (Launchpad for icloud) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfngkocjobhcdlknaffekkiafkboehkn [2016-03-22]
CHR Extension: (Google+) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-01-06]
CHR Extension: (Dropbox for Gmail) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-12-09]
CHR Extension: (Gmail Offline) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-01-23]
CHR Extension: (Záložky na iCloudu) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-12-01]
CHR Extension: (Curriculum Vitae) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flioeldgpgjacmincblnnekbckefoimk [2015-01-23]
CHR Extension: (Sage One Payroll) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncbghpihhieeaaeghiponnmdihjjmeb [2015-01-23]
CHR Extension: (Facebook for Chrome) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2015-09-18]
CHR Extension: (Google Kalendář (od Google)) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2016-02-08]
CHR Extension: (Resume (CV) Maker) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpbnepipgmcpkdglgbcfmcecaoflaemc [2015-01-23]
CHR Extension: (Nimbus Notes) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\haafigbapbpbpnmgcknnmilaaaimggpk [2016-03-30]
CHR Extension: (Pomodoro Timer) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfgjlgjnpkpmnpojkkpfkogapiclopop [2016-03-22]
CHR Extension: (KanbanFlow) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhhlbmjihokflibmbfmldajolmkaemhi [2014-01-30]
CHR Extension: (FreshBooks) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbblejpnpdjplgcpfkaacnifipgejjm [2015-01-23]
CHR Extension: (CRM for Gmail) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpfmedbkgaakgagknibnonpkimkibkla [2016-07-29]
CHR Extension: (BookedIN - Appointment Booking and Scheduling) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\iheobladblmphoggmehhahdfikpbilnj [2016-02-17]
CHR Extension: (Todo) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikahfffkoooklidnihpjognlfhhjcpop [2013-10-15]
CHR Extension: (HelloSign: Zjednodušuje podepisování online) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajjckmbclbffbpecfbiecehkfgopppd [2015-03-27]
CHR Extension: (BB10 / PlayBook App Manager) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaalodpmjjhpobkgljnelbpblnikkp [2015-01-23]
CHR Extension: (Deutsch Übersetzung) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaknmijfndempchdcfgfamljimjkjm [2015-12-01]
CHR Extension: (Google Play) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-03-27]
CHR Extension: (KanbanTool) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcbdfgcnokicageijdibcbjfljhmgdbo [2013-10-16]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2016-07-29]
CHR Extension: (Currency Converter) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncdobdbibdgoiohgnflmjajfphcnakg [2015-03-27]
CHR Extension: (Mapy Google) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-18]
CHR Extension: (HeapNote Student) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpkjlfphbilckljgefidcggjagliide [2014-01-30]
CHR Extension: (Kashoo Accounting Software) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\neiopiflolnemhanncaicdpgbehnihke [2015-01-23]
CHR Extension: (Do It (Tomorrow)) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2015-01-23]
CHR Extension: (OneDrive) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2015-01-23]
CHR Extension: (Weather Forecasts) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\obffdagikgkkkdmldnoonpaebfnhegnd [2015-01-23]
CHR Extension: (SplashID Safe Password Manager) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijofkgpgcijmhodeaignecmpgginhbc [2013-10-16]
CHR Extension: (Readability) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2015-12-01]
CHR Extension: (Booking.com) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pficdecjkdlnacnnbkociacmdbpmhdoc [2015-01-23]
CHR Extension: (Gmail) - C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM-x32\...\Chrome\Extension: [geempcnjhccnoepfmahaeemnnfnignab] - C:\Program Files (x86)\Lenovo\Password Manager\chrome_npapi_extension.crx [2011-12-26]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2015-10-07] (Broadcom Corporation.)
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [5225312 2014-11-20] (CANON INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2950856 2016-07-25] (Microsoft Corporation)
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2016-07-04] ()
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
R3 lmhosts; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 MSSQL$CRMPLUSSQL; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29263712 2008-11-24] (Microsoft Corporation)
R2 MSSQL$MAMUT; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation)
S2 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29263712 2008-11-24] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [194240 2015-05-05] (Microsoft Corporation)
R2 MSSQLSERVER; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703696 2016-08-08] (SEIKO EPSON CORPORATION)
R2 NlaSvc; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 ose64; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [242224 2016-07-23] (Microsoft Corporation) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation)
S4 SQLAgent$MAMUT; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-05-05] (Microsoft Corporation)
S4 SQLSERVERAGENT; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2015-09-29] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-04-21] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2015-10-07] (Broadcom Corporation.)
S3 blackberryncm; C:\Windows\System32\drivers\blackberryncm6_AMD64.sys [36360 2016-04-06] (BlackBerry)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 pelmouse; C:\Windows\system32\DRIVERS\pelmouse.sys [23040 2015-12-17] (TPMX Electronics Ltd.)
R3 pelusblf; C:\Windows\system32\DRIVERS\pelusblf.sys [35328 2015-12-22] (TPMX Electronics Ltd.)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited)
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [337088 2014-05-15] (Microsoft Corporation)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52912 2015-10-07] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 RimUsb; \SystemRoot\System32\Drivers\RimUsb_AMD64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-22 09:34 - 2016-08-22 09:34 - 00039188 _____ C:\Users\Tomas User\Desktop\FRST.txt
2016-08-22 09:30 - 2016-08-22 09:33 - 00047495 _____ C:\Users\Tomas User\Downloads\Addition.txt
2016-08-22 09:30 - 2016-08-22 09:30 - 00029696 _____ C:\Users\Tomas User\AppData\Local\MSGBOX.EXE
2016-08-22 09:30 - 2016-08-22 09:30 - 00015327 _____ C:\Users\Tomas User\Desktop\LM.bat
2016-08-22 09:29 - 2016-08-22 09:30 - 00112640 _____ (forum.viry.cz) C:\Users\Tomas User\Desktop\FRSTLauncher.exe
2016-08-22 09:28 - 2016-08-22 09:33 - 00086235 _____ C:\Users\Tomas User\Downloads\FRST.txt
2016-08-22 09:27 - 2016-08-22 09:28 - 02396672 _____ (Farbar) C:\Users\Tomas User\Desktop\FRST64.exe
2016-08-22 09:06 - 2016-08-22 09:06 - 00000000 ___HD C:\OneDriveTemp
2016-08-19 14:03 - 2016-08-19 14:03 - 00095592 _____ C:\Users\Tomas User\Downloads\vykaz zisku a ztrat_31032012.pdf
2016-08-19 12:20 - 2016-08-19 12:20 - 00002399 _____ C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2016-08-19 12:20 - 2016-08-19 12:20 - 00002391 _____ C:\Users\Tomas User\Desktop\Vivaldi.lnk
2016-08-19 12:20 - 2016-08-19 12:20 - 00000000 ____D C:\Users\Tomas User\AppData\Local\Chromium
2016-08-19 12:19 - 2016-08-19 12:20 - 00000000 ____D C:\Users\Tomas User\AppData\Local\Vivaldi
2016-08-19 12:18 - 2016-08-19 12:19 - 38890616 _____ (Vivaldi Technologies AS) C:\Users\Tomas User\Downloads\Vivaldi.1.3.551.30.exe
2016-08-17 12:54 - 2016-08-17 12:54 - 00001475 _____ C:\Users\Tomas User\Desktop\Opera.lnk
2016-08-17 12:54 - 2016-08-17 12:54 - 00001475 _____ C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-08-17 09:17 - 2016-08-17 09:17 - 00442967 _____ C:\Users\Tomas User\Desktop\Ravago.pdf
2016-08-16 14:19 - 2016-08-16 14:19 - 00649202 _____ C:\Users\Tomas User\Desktop\Optimalizace nákladů na dopravní služby.pdf
2016-08-16 14:17 - 2016-08-16 14:17 - 00961667 _____ C:\Users\Tomas User\Desktop\Řešení pro optimalizaci logistiky.pdf
2016-08-16 11:55 - 2016-08-16 11:55 - 00001172 _____ C:\Users\Public\Desktop\FREE MSG File Viewer.lnk
2016-08-16 11:55 - 2016-08-16 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREE MSG File Viewer
2016-08-16 11:55 - 2016-08-16 11:55 - 00000000 ____D C:\ProgramData\CDTPL
2016-08-16 11:55 - 2016-08-16 11:55 - 00000000 ____D C:\Program Files (x86)\FREE MSG File Viewer
2016-08-15 14:57 - 2016-08-15 15:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-15 12:27 - 2016-08-15 12:27 - 00000000 ____D C:\Users\Tomas User\Desktop\THOMAS
2016-08-12 09:56 - 2016-08-12 09:57 - 00000115 _____ C:\Users\Tomas User\Desktop\Synology_CLOUD.url
2016-08-11 16:32 - 2016-08-11 16:32 - 00040780 _____ C:\Users\Tomas User\Downloads\Vyuctovani_2016_05-0686678858.pdf
2016-08-11 11:59 - 2016-08-11 11:59 - 02315901 _____ C:\Users\Tomas User\Downloads\2014_prooffice_zpravaauditora_vz_komplet_scan.pdf
2016-08-11 11:26 - 2016-08-11 11:27 - 01052329 _____ C:\Users\Tomas User\Downloads\profol czech vyrocni zprava 2015 (1).pdf
2016-08-10 07:11 - 2016-08-10 07:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-08-10 07:11 - 2016-08-10 07:11 - 00000000 ____D C:\Program Files\VS Revo Group
2016-08-10 00:17 - 2016-08-10 00:17 - 00065305 _____ C:\Users\Tomas User\Desktop\schneeberger 11.10. 2016.pptx
2016-08-10 00:15 - 2016-08-10 00:18 - 00065287 _____ C:\Users\Tomas User\Desktop\jansen display 11.10. 2016.pptx
2016-08-09 23:30 - 2016-08-02 10:58 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-09 23:30 - 2016-08-02 10:53 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-09 23:30 - 2016-08-02 10:52 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-09 23:30 - 2016-08-02 10:48 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-09 23:30 - 2016-08-02 10:48 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-09 23:30 - 2016-08-02 10:44 - 00151232 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-09 23:30 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-09 23:30 - 2016-08-02 10:23 - 22572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-09 23:30 - 2016-08-02 10:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-09 23:30 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-09 23:30 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-09 23:30 - 2016-08-02 10:20 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-09 23:30 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-09 23:30 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-09 23:30 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-09 23:30 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-09 23:30 - 2016-08-02 10:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-09 23:30 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-09 23:30 - 2016-08-02 10:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-09 23:30 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-09 23:30 - 2016-08-02 10:09 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-09 23:30 - 2016-08-02 10:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-09 23:30 - 2016-08-02 10:07 - 09125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-09 23:30 - 2016-08-02 10:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-09 23:30 - 2016-08-02 10:00 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-09 23:30 - 2016-08-02 09:59 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-09 23:30 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-09 23:30 - 2016-08-02 09:57 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-09 23:30 - 2016-08-02 09:56 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-09 23:30 - 2016-08-02 09:56 - 01785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-09 23:30 - 2016-08-02 09:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-09 23:30 - 2016-08-02 09:55 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-09 23:30 - 2016-08-02 09:55 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-09 23:30 - 2016-08-02 09:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-09 23:30 - 2016-08-02 06:56 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-09 23:30 - 2016-08-02 06:51 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-09 23:30 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-09 23:30 - 2016-08-02 06:39 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-09 23:30 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-09 23:30 - 2016-08-02 06:37 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-09 23:30 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-09 23:30 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-09 23:30 - 2016-08-02 06:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-09 23:30 - 2016-08-02 06:28 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-09 23:30 - 2016-08-02 06:27 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-09 23:30 - 2016-08-02 06:26 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-09 23:30 - 2016-08-02 06:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-09 23:30 - 2016-08-02 06:25 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-09 23:30 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-09 23:30 - 2016-08-02 06:23 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-09 23:30 - 2016-08-02 06:16 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-09 23:30 - 2016-08-02 06:13 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-09 23:30 - 2016-08-02 06:13 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-09 23:30 - 2016-08-02 06:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-09 23:30 - 2016-08-02 06:09 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-09 15:29 - 2016-08-09 15:29 - 00000000 ____D C:\Users\Tomas User\Desktop\Acema
2016-08-09 15:27 - 2016-08-09 15:27 - 01351355 _____ C:\Users\Tomas User\Downloads\vyrocni zprava + audit + rozvaha a vysledovka 2014_2015.pdf
2016-08-08 08:01 - 2016-08-08 08:01 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-05 12:16 - 2016-08-05 12:16 - 00135168 _____ C:\Users\Tomas User\Desktop\Reference Zeppelin.pub
2016-08-05 11:18 - 2016-08-05 11:18 - 00000000 ____D C:\CLOUD_NAS
2016-08-05 11:16 - 2016-08-22 09:07 - 00000000 ___RD C:\Users\Tomas User\CloudStation
2016-08-05 11:13 - 2016-08-05 11:13 - 00000042 ____H C:\Users\Tomas User\.uuid
2016-08-05 11:12 - 2016-08-09 20:46 - 00000000 ____D C:\Users\Tomas User\AppData\Local\CloudStation
2016-08-05 11:12 - 2016-08-05 11:12 - 00001360 _____ C:\Users\Public\Desktop\Synology Cloud Station Drive.lnk
2016-08-05 11:12 - 2016-08-05 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2016-08-05 11:12 - 2016-08-05 11:12 - 00000000 ____D C:\Program Files (x86)\Synology
2016-08-04 14:56 - 2016-08-04 14:56 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.1.lnk
2016-08-04 14:56 - 2016-08-04 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1
2016-08-04 14:54 - 2016-08-04 14:56 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2016-08-04 00:52 - 2016-08-04 00:53 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-08-03 22:09 - 2016-08-03 22:09 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-03 22:02 - 2016-08-03 22:36 - 00000000 ____D C:\Users\Tomas User\AppData\Local\ConnectedDevicesPlatform
2016-08-03 22:02 - 2016-08-03 22:02 - 00000644 __RSH C:\Users\Tomas User\ntuser.pol
2016-08-03 22:02 - 2016-08-03 22:02 - 00000020 ___SH C:\Users\Tomas User\ntuser.ini
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Šablony
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Poslední
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Okolní síť
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Dokumenty
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\Data aplikací
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2016-08-03 21:37 - 2016-08-03 21:37 - 00000000 ____D C:\ProgramData\USOShared
2016-08-03 21:32 - 2016-08-08 21:29 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2016-08-03 21:32 - 2016-08-08 21:29 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-08-03 21:25 - 2016-08-19 09:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-03 21:20 - 2016-08-10 22:53 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-03 21:14 - 2016-08-03 21:14 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-03 21:14 - 2016-08-03 21:14 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-03 21:14 - 2016-08-03 21:14 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-03 21:14 - 2016-08-03 21:14 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-03 21:14 - 2016-08-03 21:14 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-03 21:14 - 2016-08-03 21:14 - 00000000 ____D C:\Program Files\CMAK
2016-08-03 21:14 - 2016-08-03 21:14 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-08-03 21:13 - 2016-07-15 20:29 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2016-08-03 21:13 - 2016-07-15 20:29 - 11602432 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2016-08-03 21:13 - 2016-07-15 20:29 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-08-03 21:13 - 2016-07-15 20:29 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-08-03 21:13 - 2016-07-15 20:17 - 02083328 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2016-08-03 21:13 - 2016-07-15 20:14 - 06354944 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-08-03 21:13 - 2016-07-15 19:45 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll
2016-08-03 21:13 - 2016-07-15 19:45 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-08-03 21:13 - 2016-07-15 19:31 - 01997312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2016-08-03 21:13 - 2016-07-15 19:29 - 05489664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-08-03 21:09 - 2016-08-03 21:09 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Roaming\ProductData
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Roaming\IObit
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\LocalLow\Sun
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Local\Tvsukernel
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Local\Trusteer
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Local\Lenovo
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Local\Downloaded Installations
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default\AppData\Local\ashampoo
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ProductData
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Roaming\IObit
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\LocalLow\Sun
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Local\Tvsukernel
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Local\Trusteer
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Local\Lenovo
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Local\Downloaded Installations
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Users\Default User\AppData\Local\ashampoo
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Program Files\MSBuild
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-03 21:09 - 2016-08-03 21:09 - 00000000 ____D C:\inetpub
2016-08-03 21:08 - 2016-08-03 21:13 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-03 21:08 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-03 21:08 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-03 21:08 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-03 21:08 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-03 21:08 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-03 21:08 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-03 20:58 - 2016-08-03 20:58 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-08-03 20:48 - 2016-08-22 09:06 - 00000000 ____D C:\Users\Tomas User
2016-08-03 20:48 - 2016-08-17 11:37 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS
2016-08-03 20:48 - 2016-08-16 16:16 - 00000000 ____D C:\Users\IBM
2016-08-03 20:48 - 2016-08-13 13:47 - 00000000 ____D C:\Users\Děti
2016-08-03 20:48 - 2016-08-10 21:57 - 00000000 ____D C:\Users\Eva
2016-08-03 20:48 - 2016-08-03 21:24 - 00000000 ____D C:\Users\Guest
2016-08-03 20:48 - 2016-08-03 21:23 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Šablony
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Soubory cookie
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Poslední
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Okolní tiskárny
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Okolní síť
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Nabídka Start
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Dokumenty
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Documents\Obrázky
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Documents\Hudba
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Documents\Filmy
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\Data aplikací
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\Tomas User\AppData\Local\Data aplikací
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\IBM\Documents\Obrázky
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\IBM\Documents\Hudba
2016-08-03 20:48 - 2016-08-03 20:48 - 00000000 _SHDL C:\Users\IBM\Documents\Filmy
2016-08-03 20:47 - 2016-08-11 16:14 - 02651038 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-03 20:47 - 2016-08-03 20:47 - 01451720 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-08-03 20:43 - 2016-08-03 20:58 - 00000000 ____D C:\Program Files\CONEXANT
2016-08-03 20:43 - 2016-08-03 20:58 - 00000000 ____D C:\Program Files\Canon
2016-08-03 20:43 - 2016-08-03 20:43 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2016-08-03 20:43 - 2016-08-03 20:43 - 00000000 ____D C:\Program Files\Synaptics
2016-08-03 20:42 - 2016-08-03 22:01 - 00000000 ___HD C:\$GetCurrent
2016-08-03 20:42 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-03 20:41 - 2016-08-22 09:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-03 20:41 - 2016-08-16 11:55 - 00000738 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník při upgradu na Windows 10.lnk
2016-08-03 20:41 - 2016-08-16 11:55 - 00000000 ____D C:\Windows10Upgrade
2016-08-03 20:41 - 2016-08-10 00:48 - 00457136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-03 20:41 - 2016-08-03 20:41 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-02 18:17 - 2016-08-02 18:17 - 00542537 _____ C:\Users\Tomas User\Downloads\renolit_vyrocni_zprava_2015_200.pdf
2016-08-02 17:55 - 2016-08-02 17:55 - 01052329 _____ C:\Users\Tomas User\Downloads\profol czech vyrocni zprava 2015.pdf
2016-08-02 17:53 - 2016-08-02 17:53 - 00146713 _____ C:\Users\Tomas User\Downloads\beschluss hv profol czech.pdf
2016-08-02 12:18 - 2016-08-02 12:18 - 08271681 ____T C:\Users\Tomas User\Desktop\VOP.pdf
2016-08-01 13:59 - 2016-08-04 14:48 - 00014094 _____ C:\Users\Tomas User\Desktop\Kopie - Kontaktni_informace_vyber.xlsx
2016-08-01 13:58 - 2016-08-08 17:19 - 00122292 _____ C:\Users\Tomas User\Desktop\Kopie - Leady_vyber.xlsx
2016-08-01 12:17 - 2016-08-01 12:17 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-07-31 11:36 - 2016-07-31 11:37 - 00164968 _____ C:\Users\Tomas User\Downloads\7275443.pdf
2016-07-29 17:00 - 2016-07-29 17:00 - 02111518 _____ C:\Users\Tomas User\Downloads\zaverecna_prace (1).pdf
2016-07-26 14:24 - 2016-07-01 05:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-26 14:23 - 2016-07-01 05:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-26 13:55 - 2016-07-26 13:56 - 20466368 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-22 09:34 - 2016-02-16 19:22 - 00000000 ____D C:\FRST
2016-08-22 09:24 - 2013-03-21 09:05 - 00000000 ____D C:\Users\Tomas User\Documents\Soubory aplikace Outlook
2016-08-22 09:06 - 2015-10-07 14:34 - 00000000 ___RD C:\Users\Tomas User\OneDrive
2016-08-22 09:06 - 2015-02-23 12:49 - 00000000 ___RD C:\Users\Tomas User\Dropbox
2016-08-22 09:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-19 14:32 - 2014-10-25 22:25 - 00000000 ____D C:\Users\Tomas User\Desktop\Data Traveller 25.10.2014
2016-08-19 13:52 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-19 13:52 - 2015-10-07 14:16 - 00000000 ____D C:\Users\Tomas User\AppData\Local\Packages
2016-08-19 13:44 - 2015-02-13 12:25 - 00000000 ____D C:\Users\Tomas User\AppData\Local\9D4400D6-2BCF-46CE-8EAB-B1FCC88A1592.aplzod
2016-08-19 13:35 - 2015-02-13 12:25 - 00000000 ___RD C:\Users\Tomas User\iCloudDrive
2016-08-19 12:20 - 2015-07-20 23:08 - 00000000 ____D C:\Users\Tomas User\Documents\Enpass
2016-08-15 15:44 - 2013-03-20 13:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-14 16:20 - 2014-05-23 19:56 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\vlc
2016-08-13 11:30 - 2016-04-20 15:23 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\TeamViewer
2016-08-11 16:14 - 2016-07-17 00:25 - 00870334 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-11 16:14 - 2016-07-17 00:25 - 00252692 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-10 23:25 - 2015-09-01 22:57 - 00000000 ____D C:\AdwCleaner
2016-08-10 22:59 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-10 22:52 - 2016-06-02 15:07 - 00000000 ____D C:\Users\Tomas User\AppData\Local\CrashDumps
2016-08-10 22:00 - 2016-04-15 09:37 - 00000000 ____D C:\Users\Tomas User\Desktop\4PL Lean Logistics
2016-08-10 21:55 - 2015-07-09 13:24 - 00000000 ____D C:\Users\Tomas User\Desktop\CMSS
2016-08-10 10:01 - 2015-09-10 07:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-10 08:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-10 07:20 - 2015-06-22 23:21 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 00:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-10 00:20 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-08-09 23:47 - 2013-07-19 09:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-09 23:31 - 2013-03-20 17:24 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-08 22:23 - 2014-12-07 18:40 - 00000000 ____D C:\Users\Tomas User\Downloads\20090819 - moi
2016-08-08 21:31 - 2014-10-07 13:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-08 15:33 - 2014-10-07 13:27 - 00000000 ____D C:\Users\Tomas User\AppData\Local\BlackBerry
2016-08-08 08:01 - 2015-02-23 12:36 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\Dropbox
2016-08-05 10:53 - 2015-09-23 13:51 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-04 04:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-04 00:54 - 2016-04-26 14:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-03 22:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-03 22:12 - 2015-10-07 14:34 - 00002446 _____ C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-03 21:39 - 2016-04-21 16:04 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-03 21:39 - 2013-03-20 13:12 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-03 21:37 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-03 21:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-03 21:31 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-03 21:31 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-03 21:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-03 21:26 - 2015-10-07 14:12 - 00023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-03 21:25 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2016-08-03 21:24 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-03 21:20 - 2016-07-16 13:49 - 00000000 ____D C:\WINDOWS\Setup
2016-08-03 21:13 - 2016-07-17 00:26 - 00000000 ____D C:\WINDOWS\OCR
2016-08-03 21:12 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-03 21:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Help
2016-08-03 21:12 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-03 21:12 - 2016-01-06 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Sync
2016-08-03 21:12 - 2015-12-12 23:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-03 21:12 - 2015-12-12 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-03 21:12 - 2015-12-09 11:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-08-03 21:12 - 2015-10-12 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2016-08-03 21:12 - 2015-09-01 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-03 21:12 - 2015-08-28 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-08-03 21:12 - 2015-08-18 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-08-03 21:12 - 2015-02-06 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\map&guide professional 2010
2016-08-03 21:12 - 2015-02-04 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2016-08-03 21:12 - 2015-02-04 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-08-03 21:12 - 2014-07-30 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-03 21:12 - 2014-05-23 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-03 21:12 - 2014-04-19 00:58 - 00000000 ____D C:\WINDOWS\cs
2016-08-03 21:12 - 2014-04-16 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enpass
2016-08-03 21:12 - 2013-07-12 01:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-03 21:12 - 2013-06-17 00:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Migration
2016-08-03 21:12 - 2013-06-03 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 R2
2016-08-03 21:12 - 2013-05-07 14:34 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2016-08-03 21:12 - 2013-05-07 14:34 - 00000000 ____D C:\WINDOWS\system32\1033
2016-08-03 21:12 - 2013-05-06 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012
2016-08-03 21:12 - 2013-04-10 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage
2016-08-03 21:12 - 2013-03-31 16:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-08-03 21:12 - 2013-03-20 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-03 21:12 - 2013-03-20 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-03 21:12 - 2013-02-20 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWaiting
2016-08-03 21:12 - 2013-02-20 11:59 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-08-03 21:12 - 2013-02-20 10:46 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2016-08-03 21:11 - 2015-12-01 17:44 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2016-08-03 21:11 - 2015-08-16 20:05 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flickr
2016-08-03 21:11 - 2013-03-21 15:09 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
2016-08-03 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-03 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-08-03 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-03 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-08-03 21:09 - 2016-07-16 13:44 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-08-03 21:09 - 2016-07-16 13:44 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-08-03 21:09 - 2016-07-16 13:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-08-03 21:09 - 2016-07-16 13:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-08-03 21:09 - 2016-07-16 13:44 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-08-03 21:09 - 2016-07-16 13:44 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2016-08-03 21:09 - 2016-07-16 13:44 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-08-03 21:09 - 2016-07-16 13:43 - 01414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-08-03 21:09 - 2016-07-16 13:43 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-08-03 21:09 - 2016-07-16 13:43 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-08-03 21:09 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-08-03 21:09 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-08-03 21:09 - 2016-07-16 13:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-08-03 21:09 - 2016-07-16 13:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-08-03 21:09 - 2016-07-16 13:43 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-08-03 21:09 - 2016-07-16 13:43 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-08-03 21:09 - 2016-07-16 13:43 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-08-03 21:09 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-08-03 21:08 - 2014-07-08 14:22 - 00000996 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3933921734-831850175-2178263004-1003UA.job
2016-08-03 21:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Web
2016-08-03 21:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-03 21:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-08-03 21:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-03 21:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-03 21:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-08-03 21:01 - 2013-02-20 12:08 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2016-08-03 20:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\schemas
2016-08-03 20:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Resources
2016-08-03 20:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-03 20:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-03 20:59 - 2015-10-16 12:50 - 00000000 ___HD C:\WINDOWS\system32\CanonMF Uninstaller Information
2016-08-03 20:59 - 2013-04-09 20:50 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-08-03 20:58 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-08-03 20:58 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-08-03 20:58 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\System
2016-08-03 20:58 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-03 20:58 - 2016-04-19 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
2016-08-03 20:58 - 2015-07-30 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LMSS
2016-08-03 20:58 - 2015-06-22 22:46 - 00000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3933921734-831850175-2178263004-1003UA.job
2016-08-03 20:58 - 2015-04-16 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-08-03 20:58 - 2015-02-04 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpsonNet
2016-08-03 20:58 - 2013-05-28 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon
2016-08-03 20:58 - 2013-05-07 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2016-08-03 20:58 - 2012-05-25 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-08-03 20:55 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicyUsers
2016-08-03 20:55 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-08-03 20:53 - 2013-04-09 14:22 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-03 20:51 - 2016-04-05 12:04 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evernote
2016-08-03 20:51 - 2013-08-17 00:05 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DDPB
2016-08-03 20:47 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-03 20:44 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-03 20:44 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-03 19:32 - 2013-03-20 13:12 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-03 10:58 - 2015-06-22 22:46 - 00000886 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3933921734-831850175-2178263004-1003Core.job
2016-08-01 15:45 - 2015-07-30 10:50 - 00039822 _____ C:\Users\Tomas User\Documents\ASped50.wlog
2016-08-01 14:59 - 2015-08-18 11:04 - 00000000 ____D C:\Users\Tomas User\AppData\Roaming\EurekaLog
2016-08-01 14:07 - 2014-07-08 14:22 - 00000944 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3933921734-831850175-2178263004-1003Core.job
2016-08-01 12:13 - 2013-03-20 18:52 - 00000000 ____D C:\Program Files\Microsoft Office
2016-08-01 10:50 - 2013-07-12 00:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-08-01 10:50 - 2013-07-12 00:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-29 16:58 - 2014-11-27 14:43 - 00000000 ____D C:\Users\Tomas User\AppData\Local\Apple
2016-07-29 13:06 - 2015-09-01 23:26 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-29 13:03 - 2015-09-01 23:26 - 00001178 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-29 13:03 - 2015-09-01 23:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-29 12:54 - 2016-04-08 16:53 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-27 21:25 - 2010-11-21 05:27 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2013-03-25 16:45 - 2013-03-25 17:24 - 0037725 _____ () C:\Users\Tomas User\AppData\Roaming\Hodnoty oddělené čárkami (DOS).ADR
2013-04-22 14:49 - 2014-10-07 13:09 - 0006723 _____ () C:\Users\Tomas User\AppData\Roaming\Rim.Desktop.Exception.log
2013-04-22 14:50 - 2014-10-07 13:09 - 0003311 _____ () C:\Users\Tomas User\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-10-11 17:42 - 2014-10-07 13:09 - 0002387 _____ () C:\Users\Tomas User\AppData\Roaming\Rim.Transcoder.Exception.log
2013-10-11 17:42 - 2014-11-25 04:16 - 0046592 _____ () C:\Users\Tomas User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-22 09:30 - 2016-08-22 09:30 - 0029696 _____ () C:\Users\Tomas User\AppData\Local\MSGBOX.EXE
2015-11-06 12:06 - 2015-11-06 12:06 - 0000000 _____ () C:\Users\Tomas User\AppData\Local\{34ECD167-DB3D-48B5-8F8D-C32ECBFC2505}
2015-10-14 17:58 - 2015-10-14 17:58 - 0000000 _____ () C:\Users\Tomas User\AppData\Local\{61A2927E-85DE-4519-889E-991E15FB7AE1}
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ==> Could not access BCD. The user is not administrator
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (11.78 KiB) Staženo 75 x
-
Rudy
- Site Admin
- Příspěvky: 119651
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podezření na bordel v NTB
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podezření na bordel v NTB
# AdwCleaner v6.000 - Logfile created 23/08/2016 at 09:48:31
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-22.1 [Server]
# Operating System : Windows 10 Pro (X64)
# Username : IBM - IBM-PC
# Running from : C:\Users\Tomas User\Desktop\AdwCleaner.exe
# Mode: Scan
# Support : https://toolslib.net/forum
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ekonomika.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ekonomika.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ona.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_revue.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_revue.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_usti.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_usti.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_video.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ekonomika.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ekonomika.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fotbal.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fotbal.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_kraje.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_kraje.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_liborcermak.blog.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_liborcermak.blog.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mobil.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mobil.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_oh.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_oh.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sdeleni.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sdeleni.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sport.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sport.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_usti.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_usti.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_590olympus.rajce.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_590olympus.rajce.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_bydleni.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_bydleni.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ona.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ona.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_revue.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_revue.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_tvprogram.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_tvprogram.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_video.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_video.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage-journal
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious keys found.
***** [ Shortcuts ] *****
No infected shortcut found.
***** [ Scheduled Tasks ] *****
No malicious task found.
***** [ Registry ] *****
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\idnes.cz
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.idnes.cz
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\idnes.cz
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.idnes.cz
***** [ Web browsers ] *****
No malicious Firefox based browser items found.
Chrome pref Found: [C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Web data] - idnes.cz
Chrome pref Found: [C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.yahoo.com
Chrome pref Found: [C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Web data] - tvprogram.idnes.cz
Chrome pref Found: [C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Web data] - idnes.cz
*************************
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-22.1 [Server]
# Operating System : Windows 10 Pro (X64)
# Username : IBM - IBM-PC
# Running from : C:\Users\Tomas User\Desktop\AdwCleaner.exe
# Mode: Scan
# Support : https://toolslib.net/forum
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ekonomika.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ekonomika.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ona.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_revue.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_revue.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_usti.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_usti.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_video.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ekonomika.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ekonomika.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fotbal.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fotbal.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_kraje.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_kraje.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_liborcermak.blog.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_liborcermak.blog.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mobil.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mobil.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_oh.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_oh.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sdeleni.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sdeleni.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sport.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sport.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_usti.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_usti.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_590olympus.rajce.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_590olympus.rajce.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_bydleni.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_bydleni.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_data.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ona.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_ona.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_revue.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_revue.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_technet.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_tvprogram.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_tvprogram.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_video.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_video.idnes.cz_0.localstorage-journal
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage
File Found: C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage-journal
File Found: C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zpravy.idnes.cz_0.localstorage-journal
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious keys found.
***** [ Shortcuts ] *****
No infected shortcut found.
***** [ Scheduled Tasks ] *****
No malicious task found.
***** [ Registry ] *****
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Key Found: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\idnes.cz
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.idnes.cz
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\idnes.cz
Key Found: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.idnes.cz
***** [ Web browsers ] *****
No malicious Firefox based browser items found.
Chrome pref Found: [C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Web data] - idnes.cz
Chrome pref Found: [C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.yahoo.com
Chrome pref Found: [C:\Users\Tomas User\AppData\Local\Google\Chrome\User Data\Default\Web data] - tvprogram.idnes.cz
Chrome pref Found: [C:\Users\Děti\AppData\Local\Google\Chrome\User Data\Default\Web data] - idnes.cz
*************************
-
Rudy
- Site Admin
- Příspěvky: 119651
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podezření na bordel v NTB
Neklikl jste na >cleaning<. ADW nemazal. Zkuste ještě jednou.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?