Logfile of random's system information tool 1.10 (written by random/random)
Run by Marketa at 2016-08-26 18:31:28
Microsoft Windows 10 Pro
System drive C: has 8 GB (8%) free of 99 GB
Total RAM: 1977 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:31:43, on 26.08.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0545)
Boot mode: Normal
Running processes:
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Opera\39.0.2256.48\opera.exe
C:\Program Files\Opera\39.0.2256.48\opera.exe
C:\Program Files\Opera\39.0.2256.48\opera.exe
C:\Program Files\Opera\39.0.2256.48\opera.exe
C:\Program Files\Opera\39.0.2256.48\opera.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files\Opera\39.0.2256.48\opera.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Marketa\Desktop\RSIT.exe
C:\Program Files\trend micro\Marketa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Marketa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Marketa\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Marketa\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @oem4.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Broadcom Corporation. - C:\WINDOWS\system32\BtwRSupportService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
--
End of file - 9771 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\simplitec Power Suite (Tray).job - C:\Program Files\simplitec\KMPFaster\ServiceProvider.exe
C:\WINDOWS\tasks\simplitec Power Suite.job - C:\Program Files\simplitec\KMPFaster\PowerSuite.exe -task
=========Mozilla firefox=========
ProfilePath - C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\wgxczffe.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.192 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL [2016-07-12 1741104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-08-16 3519144]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2011-01-25 2729800]
"AcronisTibMounterMonitor"=C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2015-11-10 651560]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2015-11-26 7211112]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2015-11-26 531808]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-07-26 164152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"=C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2016-04-08 1399208]
"OneDrive"=C:\Users\Marketa\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-23 554184]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-04-04 3369152]
"iCloudServices"=C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [2016-07-08 67384]
"iCloudDrive"=C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [2016-07-08 110392]
"iCloudPhotos"=C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe [2016-07-08 356664]
"Spotify Web Helper"=C:\Users\Marketa\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-07-15 1554032]
"Spotify"=C:\Users\Marketa\AppData\Roaming\Spotify\Spotify.exe [2016-07-15 6913648]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.VP80"=vp8vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-08-26 18:31:28 ----D---- C:\rsit
2016-08-26 18:31:28 ----D---- C:\Program Files\trend micro
2016-08-17 21:25:36 ----D---- C:\ProgramData\ESET
2016-08-12 10:05:45 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-08-12 10:05:45 ----A---- C:\WINDOWS\system32\ole32.dll
2016-08-12 10:05:44 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-08-12 10:05:43 ----A---- C:\WINDOWS\system32\wevtutil.exe
2016-08-12 10:05:43 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-12 10:05:42 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2016-08-12 10:05:41 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-08-12 10:05:41 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-08-12 10:05:40 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-08-12 10:05:40 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-08-12 10:05:40 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-08-12 10:05:39 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-12 10:05:39 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-12 10:05:38 ----A---- C:\WINDOWS\system32\wininet.dll
2016-08-12 10:05:38 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-12 10:05:38 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-12 10:05:38 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-12 10:05:36 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-08-12 10:05:36 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-08-12 10:05:34 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-08-12 10:05:34 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-08-12 10:05:33 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-08-12 10:05:33 ----A---- C:\WINDOWS\system32\wmp.dll
2016-08-12 10:05:28 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-08-12 10:05:27 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-08-12 10:05:26 ----A---- C:\WINDOWS\system32\drivers\bthpan.sys
2016-08-12 10:05:23 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-12 10:05:23 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-12 10:05:23 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-12 10:05:22 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-08-12 10:05:22 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-12 10:05:21 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-08-12 10:05:21 ----A---- C:\WINDOWS\system32\tdlrecover.exe
2016-08-12 10:05:20 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-12 10:05:18 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-12 10:05:18 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-08-12 10:05:18 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-08-12 10:05:18 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-08-12 10:05:17 ----A---- C:\WINDOWS\system32\winsrv.dll
2016-08-12 10:05:17 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-08-12 10:05:17 ----A---- C:\WINDOWS\system32\LogonController.dll
2016-08-12 10:05:17 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-08-12 10:05:17 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-08-12 10:05:16 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2016-08-12 10:05:16 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-12 10:05:16 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-08-12 10:05:16 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-12 10:05:16 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-08-12 10:05:15 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-08-12 10:05:15 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-08-12 10:05:15 ----A---- C:\WINDOWS\system32\cdd.dll
2016-08-12 10:05:14 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-08-12 10:05:14 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-12 10:05:14 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-08-12 10:05:14 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-08-12 10:05:14 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2016-08-12 10:05:12 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-08-12 10:05:08 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-08-12 10:05:08 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-08-12 10:05:07 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-08-12 10:05:07 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-12 10:05:07 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-08-12 10:05:06 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-08-12 10:05:06 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-08-12 10:05:05 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-12 10:05:04 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-08-12 10:05:03 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-08-12 10:05:01 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-08-12 10:05:01 ----A---- C:\WINDOWS\system32\dbgeng.dll
2016-08-12 10:04:57 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-08-12 10:04:53 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-12 10:04:53 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-12 10:04:53 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-12 10:04:53 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-08-12 10:04:52 ----A---- C:\WINDOWS\system32\wldp.dll
2016-08-12 10:04:52 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-08-12 10:04:52 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-08-12 10:04:52 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2016-08-12 10:04:52 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2016-08-12 10:04:51 ----A---- C:\WINDOWS\system32\wshbth.dll
2016-08-12 10:04:51 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-08-12 10:04:51 ----A---- C:\WINDOWS\system32\drivers\rfcomm.sys
2016-08-12 10:04:51 ----A---- C:\WINDOWS\system32\bthserv.dll
2016-08-12 10:04:50 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-08-12 10:04:50 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2016-08-08 10:19:16 ----A---- C:\WINDOWS\system32\drivers\ekbdflt.sys
2016-08-08 10:19:16 ----A---- C:\WINDOWS\system32\drivers\eelam.sys
2016-08-04 08:15:10 ----D---- C:\Program Files\iPod
2016-08-04 08:15:09 ----AD---- C:\Program Files\iTunes
2016-08-02 14:33:12 ----N---- C:\WINDOWS\system32\MpSigStub.exe
======List of files/folders modified in the last 1 month======
2016-08-26 18:31:28 ----RD---- C:\Program Files
2016-08-26 18:31:07 ----D---- C:\WINDOWS\Temp
2016-08-26 18:27:02 ----D---- C:\WINDOWS\Prefetch
2016-08-26 18:20:27 ----D---- C:\WINDOWS\system32\config
2016-08-26 17:59:28 ----D---- C:\WINDOWS\AppReadiness
2016-08-26 17:59:27 ----HD---- C:\Program Files\WindowsApps
2016-08-26 17:41:31 ----AD---- C:\RQMONEY
2016-08-26 17:18:53 ----D---- C:\WINDOWS\Microsoft.NET
2016-08-26 16:35:32 ----D---- C:\WINDOWS\system32\sru
2016-08-25 21:22:03 ----D---- C:\WINDOWS\System32
2016-08-24 21:36:09 ----D---- C:\WINDOWS\INF
2016-08-24 21:36:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-24 13:14:41 ----D---- C:\WINDOWS\system32\Tasks
2016-08-23 13:11:25 ----D---- C:\WINDOWS\system32\Microsoft
2016-08-23 13:10:32 ----AD---- C:\Program Files\Opera
2016-08-23 12:05:05 ----D---- C:\WINDOWS\system32\NDF
2016-08-22 13:00:33 ----D---- C:\WINDOWS\debug
2016-08-21 20:26:31 ----D---- C:\Windows
2016-08-21 18:50:17 ----D---- C:\WINDOWS\SoftwareDistribution
2016-08-17 21:28:19 ----SHD---- C:\WINDOWS\Installer
2016-08-17 21:28:14 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-17 21:28:04 ----D---- C:\WINDOWS\system32\drivers
2016-08-17 21:27:24 ----HD---- C:\Config.Msi
2016-08-17 21:27:23 ----HD---- C:\WINDOWS\ELAMBKUP
2016-08-17 21:25:36 ----HD---- C:\ProgramData
2016-08-16 22:00:39 ----D---- C:\ProgramData\Microsoft Help
2016-08-16 21:57:27 ----RSD---- C:\WINDOWS\assembly
2016-08-16 21:51:43 ----AD---- C:\Program Files\KMSpico
2016-08-15 11:22:36 ----D---- C:\WINDOWS\rescache
2016-08-14 21:48:19 ----D---- C:\Users\Marketa\AppData\Roaming\Anvsoft
2016-08-14 18:29:59 ----D---- C:\Users\Marketa\AppData\Roaming\vlc
2016-08-13 18:13:09 ----D---- C:\WINDOWS\WinSxS
2016-08-13 18:11:40 ----D---- C:\WINDOWS\system32\catroot2
2016-08-12 16:27:13 ----D---- C:\WINDOWS\system32\en-US
2016-08-12 16:27:13 ----D---- C:\WINDOWS\system32\cs-CZ
2016-08-12 16:27:13 ----D---- C:\WINDOWS\system32\appraiser
2016-08-12 16:27:10 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-08-12 16:27:10 ----D---- C:\Program Files\Windows Journal
2016-08-12 16:27:10 ----D---- C:\Program Files\Internet Explorer
2016-08-12 14:41:55 ----D---- C:\WINDOWS\system32\MRT
2016-08-12 14:29:16 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-08-12 14:19:02 ----A---- C:\WINDOWS\win.ini
2016-08-12 14:14:39 ----D---- C:\WINDOWS\CbsTemp
2016-08-12 14:14:34 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2016-08-06 08:51:11 ----D---- C:\Users\Marketa\AppData\Roaming\Audacity
2016-08-04 08:15:09 ----D---- C:\Program Files\Common Files\Apple
2016-08-03 11:09:32 ----D---- C:\WINDOWS\twain_32
2016-08-02 14:26:10 ----D---- C:\WINDOWS\system32\WDI
2016-07-30 23:56:42 ----D---- C:\Users\Marketa\AppData\Roaming\uTorrent
2016-07-29 08:42:22 ----D---- C:\WINDOWS\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2016-08-08 161928]
R0 file_tracker;file_tracker; C:\WINDOWS\system32\DRIVERS\file_tracker.sys [2016-06-03 249184]
R0 fltsrv;Acronis Storage Filter Management; C:\WINDOWS\system32\DRIVERS\fltsrv.sys [2016-06-03 123744]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2016-06-03 245088]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2016-08-08 178312]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2016-08-08 137384]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2016-08-08 68256]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2016-08-08 78496]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 76288]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 7680]
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2016-08-08 43144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 36864]
R3 athr;@netathr.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwn.sys [2015-10-30 3205632]
R3 dtlitescsibus;@oem10.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-05-06 26168]
R3 dtliteusbbus;@oem14.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-05-06 40504]
R3 i8042HDR;@oem19.inf,%i8042HDR.SvcDesc%;Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [2006-10-20 13224]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2012-03-23 9036288]
R3 L1C;@netl1c63x86.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x86.sys [2015-10-30 102912]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-08-16 26792]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2016-08-08 14976]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 83288]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 51040]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 51552]
S3 bcbtums;@oem4.inf,%BCBTUMS.SvcDesc%;Bluetooth USB LD Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2015-08-27 175320]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 8192]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-08-03 93184]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-08-03 102912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-08-03 744448]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-08-03 61952]
S3 btwampfl;@oem4.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2015-08-27 144600]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 26624]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 96768]
S3 dot4;@oem8.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 137632]
S3 Dot4Print;@oem7.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 22432]
S3 dot4usb;@oem8.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 42912]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2015-10-30 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 38240]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 66048]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2015-10-30 61936]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 23040]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-08-03 140288]
S4 EpfwLWF;@oem3.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-03-10 37928]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2015-11-26 950584]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2016-06-03 4463960]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 67384]
R2 BcmBtRSupport;@oem4.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2015-08-27 1680088]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 390416]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-08-05 2226392]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R2 NAUpdate;Nero Update; C:\Program Files\Nero\Update\NASvc.exe [2014-07-14 786256]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2015-10-30 37256]
R2 OneSyncSvc_3e7cb;Hostitel synchronizace_3e7cb; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2011-01-25 2336072]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2015-10-30 37256]
R2 PSI_SVC_2;Corel License Validation Service V2, Powered by arvato; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2013-09-13 277360]
R3 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\7.1.355.0\SeaPort.exe [2012-01-25 240408]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2015-10-30 37256]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R3 PimIndexMaintenanceSvc_3e7cb;Data kontaktů_3e7cb; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 BBSvc;BingBar Service; C:\Program Files\Microsoft\BingBar\7.1.355.0\BBSvc.exe [2012-01-25 192792]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [2016-04-08 792592]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-08 144200]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_1f62a3f;Hostitel synchronizace_1f62a3f; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_20a0d14;Hostitel synchronizace_20a0d14; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_20d2fe2;Hostitel synchronizace_20d2fe2; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_22ff5f;Hostitel synchronizace_22ff5f; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_2439f47;Hostitel synchronizace_2439f47; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_2608c83;Hostitel synchronizace_2608c83; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_2c49402;Hostitel synchronizace_2c49402; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_2c8b55d;Hostitel synchronizace_2c8b55d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_34f99;Hostitel synchronizace_34f99; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_3dce6;Hostitel synchronizace_3dce6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_3e33d;Hostitel synchronizace_3e33d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_40bb7;Hostitel synchronizace_40bb7; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_4b136;Hostitel synchronizace_4b136; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_4e69c;Hostitel synchronizace_4e69c; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_4e78cb6;Hostitel synchronizace_4e78cb6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_4fa56;Hostitel synchronizace_4fa56; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_5e233;Hostitel synchronizace_5e233; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_7ee5f1e;Hostitel synchronizace_7ee5f1e; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_82b67c;Hostitel synchronizace_82b67c; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_85b104b;Hostitel synchronizace_85b104b; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_8d5fb00;Hostitel synchronizace_8d5fb00; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_e64566;Hostitel synchronizace_e64566; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_e81133;Hostitel synchronizace_e81133; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_edf972;Hostitel synchronizace_edf972; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-18 270016]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 26112]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-04-04 1125568]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-08 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-07-26 548152]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_1f62a3f;Služba zasílání zpráv_1f62a3f; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_20a0d14;Služba zasílání zpráv_20a0d14; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_20d2fe2;Služba zasílání zpráv_20d2fe2; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_22ff5f;Služba zasílání zpráv_22ff5f; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_2439f47;Služba zasílání zpráv_2439f47; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_2608c83;Služba zasílání zpráv_2608c83; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_2c49402;Služba zasílání zpráv_2c49402; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_2c8b55d;Služba zasílání zpráv_2c8b55d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_34f99;Služba zasílání zpráv_34f99; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_3dce6;Služba zasílání zpráv_3dce6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_3e7cb;Služba zasílání zpráv_3e7cb; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_40bb7;Služba zasílání zpráv_40bb7; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_4e69c;Služba zasílání zpráv_4e69c; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_4e78cb6;Služba zasílání zpráv_4e78cb6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_4fa56;Služba zasílání zpráv_4fa56; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_5e233;Služba zasílání zpráv_5e233; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_7ee5f1e;Služba zasílání zpráv_7ee5f1e; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_82b67c;Služba zasílání zpráv_82b67c; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_85b104b;Služba zasílání zpráv_85b104b; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_8d5fb00;Služba zasílání zpráv_8d5fb00; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_e64566;Služba zasílání zpráv_e64566; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_e81133;Služba zasílání zpráv_e81133; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_edf972;Služba zasílání zpráv_edf972; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-14 146888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_1f62a3f;Data kontaktů_1f62a3f; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_20a0d14;Data kontaktů_20a0d14; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_20d2fe2;Data kontaktů_20d2fe2; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_22ff5f;Data kontaktů_22ff5f; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_2439f47;Data kontaktů_2439f47; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_2608c83;Data kontaktů_2608c83; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_2c49402;Data kontaktů_2c49402; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_2c8b55d;Data kontaktů_2c8b55d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_34f99;Data kontaktů_34f99; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_3dce6;Data kontaktů_3dce6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_40bb7;Data kontaktů_40bb7; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_4b136;Data kontaktů_4b136; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_4e69c;Data kontaktů_4e69c; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_4e78cb6;Data kontaktů_4e78cb6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_4fa56;Data kontaktů_4fa56; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_5e233;Data kontaktů_5e233; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_7ee5f1e;Data kontaktů_7ee5f1e; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_82b67c;Data kontaktů_82b67c; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_85b104b;Data kontaktů_85b104b; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_8d5fb00;Data kontaktů_8d5fb00; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_e64566;Data kontaktů_e64566; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_e81133;Data kontaktů_e81133; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_edf972;Data kontaktů_edf972; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 900096]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S4 mmsminisrv;Acronis Managed Machine Service Mini; C:\Program Files\Common Files\Acronis\Infrastructure\mms_mini.exe [2015-08-11 4884064]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o preventivku
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o preventivku
# AdwCleaner v6.010 - Log soubor vytvořen 01/09/2016 na 18:08:50
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-09-01.1 [Server]
# Operační systém : Windows 10 Pro (X86)
# Uživatelské jméno : Marketa - MIŠKA_PC
# Beží od : C:\Users\Marketa\Desktop\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Adresáře ] *****
[-] Adresář smazán:C:\MPC
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKU\S-1-5-21-2523095765-2521646832-716613247-1001\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[#] Klíč smazán po restartování:HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1122 Bajtů] - [01/09/2016 18:08:50]
C:\AdwCleaner\AdwCleaner[S0].txt - [1585 Bajtů] - [01/09/2016 18:08:11]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1270 Bajtů] ##########
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-09-01.1 [Server]
# Operační systém : Windows 10 Pro (X86)
# Uživatelské jméno : Marketa - MIŠKA_PC
# Beží od : C:\Users\Marketa\Desktop\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Adresáře ] *****
[-] Adresář smazán:C:\MPC
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKU\S-1-5-21-2523095765-2521646832-716613247-1001\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[#] Klíč smazán po restartování:HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1122 Bajtů] - [01/09/2016 18:08:50]
C:\AdwCleaner\AdwCleaner[S0].txt - [1585 Bajtů] - [01/09/2016 18:08:11]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1270 Bajtů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o preventivku
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o preventivku
Zkuste to odtud: http://www.bleepingcomputer.com/downloa ... scan-tool/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o preventivku
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2016
Ran by Marketa (administrator) on MIŠKA_PC (01-09-2016 19:38:00)
Running from C:\Users\Marketa\Desktop
Loaded Profiles: Marketa (Available Profiles: Marketa)
Platform: Microsoft Windows 10 Pro Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Opera Software) C:\Program Files\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files\Opera\39.0.2256.48\opera.exe
(Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.23981.0_x86__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3519144 2015-08-16] (Synaptics Incorporated)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [2729800 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [AcronisTibMounterMonitor] => C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2015-11-10] (Acronis International GmbH)
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [7211112 2015-11-26] ()
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [531808 2015-11-26] (Acronis)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-07-26] (Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3369152 2016-04-04] (Disc Soft Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [iCloudPhotos] => C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [Spotify Web Helper] => C:\Users\Marketa\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-15] (Spotify Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [Spotify] => C:\Users\Marketa\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-15] (Spotify Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1400232 2016-07-31] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [792064 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1400232 2016-07-31] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2015-11-11] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2015-11-11] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2015-11-11] (Acronis)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-05-30]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1
Tcpip\..\Interfaces\{1173f753-17d4-4850-a183-65b85c32fd2b}: [DhcpNameServer] 10.0.0.138 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\wgxczffe.default
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-18] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-16] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: (Firefox Hotfix) - C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\wgxczffe.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-07-26]
Chrome:
=======
CHR Profile: C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-08]
CHR Extension: (Dokumenty Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-08]
CHR Extension: (Disk Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (YouTube) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Tabulky Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-09]
CHR Extension: (Gmail) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-08]
Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Marketa\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-05-16]
OPR Extension: (YouTube Downloader) - C:\Users\Marketa\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2015-05-29]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [950584 2015-11-26] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [4463960 2016-06-03] (Acronis)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [1680088 2015-08-27] (Broadcom Corporation.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1125568 2016-04-04] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2226392 2016-08-05] (ESET)
S2 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [809488 2016-07-31] (Garmin Ltd. or its subsidiaries)
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [696320 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S4 mmsminisrv; C:\Program Files\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-14] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2336072 2011-01-25] (O&O Software GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7637744 2015-11-06] (Acronis)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [208552 2015-08-16] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-07-01] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3205632 2015-10-30] (Qualcomm Atheros Communications, Inc.)
S3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [175320 2015-08-27] (Broadcom Corporation.)
S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [144600 2015-08-27] (Broadcom Corporation.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-05-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-05-06] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [178312 2016-08-08] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [161928 2016-08-08] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14976 2016-08-08] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [137384 2016-08-08] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43144 2016-08-08] (ESET)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [26024 2009-12-18] (Elaborate Bytes AG)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [68256 2016-08-08] (ESET)
U4 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [37928 2015-03-10] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [78496 2016-08-08] (ESET)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [249184 2016-06-03] (Acronis International GmbH)
R3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [13224 2006-10-20] (Chicony)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [26792 2015-08-16] (Synaptics Incorporated)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [685400 2016-06-03] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [156504 2016-06-03] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [398680 2016-06-03] (Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [229720 2016-06-03] (Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-01 19:38 - 2016-09-01 19:40 - 00017696 _____ C:\Users\Marketa\Desktop\FRST.txt
2016-09-01 19:37 - 2016-09-01 19:38 - 00000000 ____D C:\FRST
2016-09-01 18:39 - 2016-09-01 19:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-09-01 18:24 - 2016-09-01 18:25 - 01747968 _____ (Farbar) C:\Users\Marketa\Desktop\FRST.exe
2016-09-01 18:05 - 2016-09-01 18:08 - 00000000 ____D C:\AdwCleaner
2016-09-01 18:05 - 2016-09-01 18:05 - 03826240 _____ C:\Users\Marketa\Desktop\adwcleaner_6.010.exe
2016-08-29 08:38 - 2016-08-29 08:38 - 00001933 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2016-08-29 08:38 - 2016-08-29 08:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-08-28 20:08 - 2016-08-28 20:08 - 00072265 _____ C:\Users\Marketa\Downloads\pravidla pro rodiče (1).pdf
2016-08-28 20:07 - 2016-08-28 20:07 - 00072265 _____ C:\Users\Marketa\Downloads\pravidla pro rodiče.pdf
2016-08-28 13:05 - 2016-08-29 11:09 - 00000000 ____D C:\Users\Marketa\Desktop\Tisk MŠ
2016-08-26 18:31 - 2016-08-26 18:31 - 00000000 ____D C:\rsit
2016-08-26 18:31 - 2016-08-26 18:31 - 00000000 ____D C:\Program Files\trend micro
2016-08-26 18:30 - 2016-08-26 18:31 - 01107968 _____ C:\Users\Marketa\Desktop\RSIT.exe
2016-08-25 21:22 - 2016-08-25 21:22 - 00046731 _____ C:\WINDOWS\system32\epfwdata.bin
2016-08-23 14:31 - 2016-08-23 14:31 - 00405205 _____ C:\Users\Marketa\Downloads\Příloha 8a - manual_mpp.pdf
2016-08-21 15:19 - 2016-08-21 15:24 - 00000000 ____D C:\Users\Marketa\Desktop\Foto - výlety léto 2016
2016-08-17 21:25 - 2016-08-17 21:25 - 00002100 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2016-08-17 21:25 - 2016-08-17 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-08-17 21:25 - 2016-08-17 21:25 - 00000000 ____D C:\ProgramData\ESET
2016-08-15 14:21 - 2016-08-15 14:21 - 00448811 _____ C:\Users\Marketa\Downloads\info_společné_vzdělávání_MŠ_v05-1-1.pdf
2016-08-15 13:33 - 2016-08-15 13:33 - 00295499 _____ C:\Users\Marketa\Downloads\Opatření ministryně.pdf
2016-08-15 13:27 - 2016-08-15 13:27 - 00284754 _____ C:\Users\Marketa\Downloads\20160729_PM_7PSod_09_16_var_1Dupr_stupnice.pdf
2016-08-15 13:15 - 2016-08-15 13:15 - 00322774 _____ C:\Users\Marketa\Downloads\novely_vyhl_o_skolnim_stravovani.pdf
2016-08-15 13:10 - 2016-08-15 13:10 - 00452185 _____ C:\Users\Marketa\Downloads\CENTRA AKTIVIT.pptx
2016-08-15 12:55 - 2016-08-15 12:55 - 09902019 _____ C:\Users\Marketa\Downloads\Startup_presentation_CZ_08.07.pptx
2016-08-14 21:35 - 2016-08-14 21:35 - 09698711 _____ C:\Users\Marketa\Downloads\Lara Fabian Je T'aime Lyrics.mp4
2016-08-14 21:33 - 2016-08-14 21:34 - 13581501 _____ C:\Users\Marketa\Downloads\Lara Fabian - Je suis Malade (enable cc french for lyrics).mp4
2016-08-14 18:46 - 2016-08-14 18:46 - 10514312 _____ C:\Users\Marketa\Downloads\ADELE - 'Make You Feel My Love'.mp4
2016-08-14 18:37 - 2016-08-14 18:37 - 07948533 _____ C:\Users\Marketa\Downloads\Hello (Piano karaoke demo) ADELE.mp4
2016-08-14 18:35 - 2016-08-14 18:35 - 09585033 _____ C:\Users\Marketa\Downloads\Say Something (Piano Karaoke Version) A Great Big World & Christina Aguilera.mp4
2016-08-14 17:37 - 2016-08-14 17:37 - 08082514 _____ C:\Users\Marketa\Downloads\Hurt - Christina Aguilera + lyrics.mp4
2016-08-14 17:34 - 2016-08-14 17:34 - 15770569 _____ C:\Users\Marketa\Downloads\Kelly Clarkson - Because Of You.mp4
2016-08-14 17:31 - 2016-08-14 17:31 - 16492862 _____ C:\Users\Marketa\Downloads\Say Something (I'm Giving Up On You).mp4
2016-08-12 21:07 - 2016-08-12 21:07 - 00319897 _____ C:\Users\Marketa\Downloads\7423.tmp
2016-08-12 21:05 - 2016-08-12 21:05 - 00370999 _____ C:\Users\Marketa\Downloads\C019.tmp
2016-08-12 21:04 - 2016-08-12 21:04 - 00370999 _____ C:\Users\Marketa\Downloads\6EEA.tmp
2016-08-12 10:05 - 2016-08-03 08:27 - 01303744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-12 10:05 - 2016-08-03 08:27 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-12 10:05 - 2016-08-03 08:27 - 00045760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-12 10:05 - 2016-08-03 07:52 - 05793632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-12 10:05 - 2016-08-03 07:52 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-12 10:05 - 2016-08-03 07:43 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-12 10:05 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-12 10:05 - 2016-08-03 07:32 - 00413024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-12 10:05 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-12 10:05 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-12 10:05 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-12 10:05 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-12 10:05 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-12 10:05 - 2016-08-03 07:29 - 01337680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-12 10:05 - 2016-08-03 07:29 - 00633192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-12 10:05 - 2016-08-03 07:28 - 00505136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-12 10:05 - 2016-08-03 07:28 - 00139616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-12 10:05 - 2016-08-03 07:21 - 01712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-12 10:05 - 2016-08-03 07:21 - 00483680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-12 10:05 - 2016-08-03 07:21 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-12 10:05 - 2016-08-03 07:18 - 00346464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-12 10:05 - 2016-08-03 06:58 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-12 10:05 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-12 10:05 - 2016-08-03 06:48 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-12 10:05 - 2016-08-03 06:47 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-12 10:05 - 2016-08-03 06:44 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-08-12 10:05 - 2016-08-03 06:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-12 10:05 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-12 10:05 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-12 10:05 - 2016-08-03 06:43 - 00180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-12 10:05 - 2016-08-03 06:41 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-12 10:05 - 2016-08-03 06:40 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-12 10:05 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-12 10:05 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-12 10:05 - 2016-08-03 06:39 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-12 10:05 - 2016-08-03 06:37 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-12 10:05 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-12 10:05 - 2016-08-03 06:35 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-12 10:05 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-12 10:05 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-12 10:05 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-12 10:05 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-12 10:05 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-12 10:05 - 2016-08-03 06:33 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-12 10:05 - 2016-08-03 06:33 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-12 10:05 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-12 10:05 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-12 10:05 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-12 10:05 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-12 10:05 - 2016-08-03 06:32 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-12 10:05 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-12 10:05 - 2016-08-03 06:32 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-12 10:05 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-12 10:05 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-12 10:05 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-12 10:05 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-12 10:05 - 2016-08-03 06:27 - 02973696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-12 10:05 - 2016-08-03 06:27 - 01903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-12 10:05 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-12 10:05 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-12 10:05 - 2016-08-03 06:24 - 01735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-12 10:05 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-12 10:05 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-12 10:05 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-12 10:05 - 2016-08-03 06:22 - 01900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-12 10:05 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-12 10:05 - 2016-08-03 06:22 - 01086976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-12 10:05 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-12 10:05 - 2016-08-03 06:20 - 03483648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-12 10:05 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-12 10:04 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-12 10:04 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-12 10:04 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-12 10:04 - 2016-08-03 07:32 - 00260448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-12 10:04 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-12 10:04 - 2016-08-03 06:44 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-12 10:04 - 2016-08-03 06:44 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-12 10:04 - 2016-08-03 06:43 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-08-12 10:04 - 2016-08-03 06:43 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-12 10:04 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-12 10:04 - 2016-08-03 06:40 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-12 10:04 - 2016-08-03 06:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-12 10:04 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-12 10:04 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-12 10:04 - 2016-08-03 06:33 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-12 10:04 - 2016-08-03 06:33 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-10 18:46 - 2016-08-10 18:46 - 00952525 _____ C:\Users\Marketa\Downloads\561-2004_zneni_82-2015_ruzna ucinnost.pdf
2016-08-10 18:45 - 2016-08-10 18:45 - 00388745 _____ C:\Users\Marketa\Downloads\metodika_novela ŠZ 82-2015_final (2).pdf
2016-08-10 18:44 - 2016-08-10 18:44 - 01123770 _____ C:\Users\Marketa\Downloads\Oduvodneni k vyhlášce.pdf
2016-08-10 14:14 - 2016-08-10 14:14 - 00310946 _____ C:\Users\Marketa\Downloads\Školní řád MŠ Kaštánek 2014 (2).pdf
2016-08-10 09:37 - 2016-08-10 09:37 - 00229214 _____ C:\Users\Marketa\Downloads\Vnitřní řád MŠ Kaštánek 2014 - pro rodiče (1).pdf
2016-08-10 09:37 - 2016-08-10 09:37 - 00182009 _____ C:\Users\Marketa\Downloads\Vnitřní řád MŠ Kaštánek 2014 - pro personál.pdf
2016-08-10 09:37 - 2016-08-10 09:37 - 00182009 _____ C:\Users\Marketa\Downloads\Vnitřní řád MŠ Kaštánek 2014 - pro personál (1).pdf
2016-08-09 20:33 - 2016-08-09 20:33 - 00480990 _____ C:\Users\Marketa\Downloads\Листовка_A4_EU_cz.pdf
2016-08-09 20:15 - 2016-08-09 20:15 - 00672451 _____ C:\Users\Marketa\Downloads\28. Zubni pasta s zelenym cajem a zensenem sanchi_cz.pptx
2016-08-09 20:14 - 2016-08-09 20:14 - 03780096 _____ C:\Users\Marketa\Downloads\16. ProDental Junior_cz.ppt
2016-08-09 20:12 - 2016-08-09 20:12 - 07341568 _____ C:\Users\Marketa\Downloads\7. Ortophyt_cz.ppt
2016-08-09 20:10 - 2016-08-09 20:10 - 10835968 _____ C:\Users\Marketa\Downloads\12. Zubni pasty a zubni kartac__cz__ej.ppt
2016-08-09 20:03 - 2016-08-09 20:04 - 23714309 _____ C:\Users\Marketa\Downloads\Ćóđíŕë TianDe ą6.pdf
2016-08-09 20:00 - 2016-08-09 20:00 - 02591096 _____ C:\Users\Marketa\Downloads\Starter Package.pdf
2016-08-08 10:19 - 2016-08-08 10:19 - 00043144 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2016-08-08 10:19 - 2016-08-08 10:19 - 00014976 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2016-08-04 08:16 - 2016-08-04 08:16 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-04 08:16 - 2016-08-04 08:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-04 08:15 - 2016-08-04 08:16 - 00000000 ____D C:\Program Files\iTunes
2016-08-04 08:15 - 2016-08-04 08:15 - 00000000 ____D C:\Program Files\iPod
2016-08-02 14:33 - 2016-07-27 21:25 - 00406184 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-01 19:38 - 2016-01-13 23:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-09-01 19:38 - 2015-10-30 17:08 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-01 19:38 - 2015-10-30 17:08 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-01 19:38 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-09-01 19:38 - 2015-08-16 09:01 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-01 19:35 - 2016-07-22 12:39 - 00000000 ____D C:\RQMONEY
2016-09-01 18:53 - 2015-05-28 16:46 - 00000000 ____D C:\Users\Marketa\Documents\Soubory aplikace Outlook
2016-09-01 18:52 - 2016-07-13 21:47 - 00000000 ____D C:\Users\Marketa\AppData\Local\4CDC7379-CC03-4000-81CD-BF9CBA0DE99C.aplzod
2016-09-01 18:47 - 2015-07-08 22:19 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-01 18:14 - 2015-07-08 22:19 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-01 18:11 - 2016-01-26 05:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-01 18:10 - 2015-10-30 07:13 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-01 17:39 - 2015-12-29 21:37 - 00000000 ____D C:\Users\Marketa\Desktop\Úprava ŠVP a TVP 2015
2016-09-01 10:02 - 2015-06-11 16:07 - 00020057 _____ C:\WINDOWS\BRRBCOM.INI
2016-09-01 09:48 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 09:48 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-01 09:43 - 2015-05-28 16:25 - 00000000 ____D C:\Program Files\Opera
2016-09-01 09:35 - 2016-01-26 04:47 - 00000000 ____D C:\Users\Marketa
2016-08-31 20:41 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-31 20:41 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-31 11:06 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-30 13:33 - 2016-06-25 13:37 - 00000000 ____D C:\Users\Marketa\Desktop\TianDe
2016-08-30 13:24 - 2015-05-28 16:18 - 00000000 ____D C:\Users\Marketa\AppData\Local\Packages
2016-08-29 08:39 - 2015-07-08 20:16 - 00000000 ____D C:\Program Files\Garmin
2016-08-29 08:39 - 2014-01-01 23:58 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-17 21:27 - 2015-10-30 07:48 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-16 22:02 - 2015-05-28 16:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-08-16 21:51 - 2015-05-28 22:05 - 00000000 ____D C:\Program Files\KMSpico
2016-08-15 11:22 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-08-14 21:48 - 2014-01-01 23:51 - 00000000 ____D C:\Users\Marketa\AppData\Roaming\Anvsoft
2016-08-14 18:29 - 2015-05-30 21:28 - 00000000 ____D C:\Users\Marketa\AppData\Roaming\vlc
2016-08-14 14:22 - 2016-07-24 17:18 - 00000000 ____D C:\Users\Marketa\AppData\Local\Nero
2016-08-12 16:27 - 2015-10-30 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-12 16:27 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-12 14:41 - 2015-05-28 22:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-12 14:29 - 2015-05-28 22:45 - 144884648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-12 14:19 - 2013-08-22 08:13 - 00000222 _____ C:\WINDOWS\win.ini
2016-08-12 14:14 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-09 18:53 - 2016-07-06 15:24 - 00000000 ____D C:\Users\Marketa\Desktop\Evaluace
2016-08-09 18:43 - 2016-07-24 16:33 - 00000000 ____D C:\Users\Marketa\Desktop\Hudba do mobilu
2016-08-09 18:40 - 2016-07-06 14:51 - 00000000 ____D C:\Users\Marketa\Desktop\Pokojík
2016-08-08 10:19 - 2015-03-10 17:24 - 00178312 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2016-08-08 10:19 - 2015-03-10 17:24 - 00161928 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2016-08-08 10:19 - 2015-03-10 17:24 - 00137384 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2016-08-08 10:19 - 2015-03-10 17:24 - 00078496 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2016-08-08 10:19 - 2015-03-10 17:24 - 00068256 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2016-08-06 08:51 - 2015-10-12 18:58 - 00000000 ____D C:\Users\Marketa\AppData\Roaming\Audacity
2016-08-05 20:21 - 2015-05-28 16:25 - 00001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-08-04 08:15 - 2016-07-13 17:00 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-04 07:51 - 2015-07-08 22:21 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-04 07:44 - 2015-05-31 12:52 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-02 14:22 - 2015-10-30 07:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
==================== Files in the root of some directories =======
2016-06-29 09:26 - 2016-06-29 09:26 - 0000600 _____ () C:\Users\Marketa\AppData\Roaming\winscp.rnd
2015-10-30 08:04 - 2015-10-30 08:04 - 0000000 _____ () C:\Users\Marketa\AppData\Local\{554CE765-827A-4AD1-A9C0-F4B29CC961DE}
2015-10-19 12:19 - 2015-10-19 12:19 - 0000000 _____ () C:\Users\Marketa\AppData\Local\{927C9663-A771-4DF6-A3E8-BB82CD825E8A}
2016-01-15 13:00 - 2016-01-15 13:00 - 0000000 _____ () C:\Users\Marketa\AppData\Local\{9B458FB3-3FBA-42E8-8080-4AC1C506B711}
2015-10-07 12:38 - 2015-10-07 12:38 - 0000000 _____ () C:\Users\Marketa\AppData\Local\{E6938C34-BFDB-4CCA-AFCA-4799AA530994}
2015-06-24 08:45 - 2015-07-09 22:47 - 0000085 ___SH () C:\ProgramData\.zreglib
2015-05-30 17:07 - 2015-09-02 22:02 - 0001721 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\Marketa\AppData\Local\Temp\GarminExpressInstaller.exe
C:\Users\Marketa\AppData\Local\Temp\libeay32.dll
C:\Users\Marketa\AppData\Local\Temp\msvcr120.dll
C:\Users\Marketa\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-26 17:18
==================== End of FRST.txt ============================
Ran by Marketa (administrator) on MIŠKA_PC (01-09-2016 19:38:00)
Running from C:\Users\Marketa\Desktop
Loaded Profiles: Marketa (Available Profiles: Marketa)
Platform: Microsoft Windows 10 Pro Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Opera Software) C:\Program Files\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files\Opera\39.0.2256.48\opera.exe
(Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.23981.0_x86__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3519144 2015-08-16] (Synaptics Incorporated)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [2729800 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [AcronisTibMounterMonitor] => C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2015-11-10] (Acronis International GmbH)
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [7211112 2015-11-26] ()
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [531808 2015-11-26] (Acronis)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-07-26] (Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3369152 2016-04-04] (Disc Soft Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [iCloudPhotos] => C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [Spotify Web Helper] => C:\Users\Marketa\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-15] (Spotify Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [Spotify] => C:\Users\Marketa\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-15] (Spotify Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1400232 2016-07-31] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [792064 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1400232 2016-07-31] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2015-11-11] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2015-11-11] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2015-11-11] (Acronis)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-05-30]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1
Tcpip\..\Interfaces\{1173f753-17d4-4850-a183-65b85c32fd2b}: [DhcpNameServer] 10.0.0.138 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\wgxczffe.default
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-18] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-16] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: (Firefox Hotfix) - C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\wgxczffe.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-07-26]
Chrome:
=======
CHR Profile: C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-08]
CHR Extension: (Dokumenty Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-08]
CHR Extension: (Disk Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (YouTube) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Tabulky Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-09]
CHR Extension: (Gmail) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-08]
Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Marketa\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-05-16]
OPR Extension: (YouTube Downloader) - C:\Users\Marketa\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2015-05-29]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [950584 2015-11-26] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [4463960 2016-06-03] (Acronis)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [1680088 2015-08-27] (Broadcom Corporation.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1125568 2016-04-04] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2226392 2016-08-05] (ESET)
S2 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [809488 2016-07-31] (Garmin Ltd. or its subsidiaries)
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [696320 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S4 mmsminisrv; C:\Program Files\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-14] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2336072 2011-01-25] (O&O Software GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7637744 2015-11-06] (Acronis)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [208552 2015-08-16] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2016-07-01] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3205632 2015-10-30] (Qualcomm Atheros Communications, Inc.)
S3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [175320 2015-08-27] (Broadcom Corporation.)
S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [144600 2015-08-27] (Broadcom Corporation.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-05-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-05-06] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [178312 2016-08-08] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [161928 2016-08-08] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14976 2016-08-08] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [137384 2016-08-08] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43144 2016-08-08] (ESET)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [26024 2009-12-18] (Elaborate Bytes AG)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [68256 2016-08-08] (ESET)
U4 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [37928 2015-03-10] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [78496 2016-08-08] (ESET)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [249184 2016-06-03] (Acronis International GmbH)
R3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [13224 2006-10-20] (Chicony)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [26792 2015-08-16] (Synaptics Incorporated)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [685400 2016-06-03] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [156504 2016-06-03] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [398680 2016-06-03] (Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [229720 2016-06-03] (Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-01 19:38 - 2016-09-01 19:40 - 00017696 _____ C:\Users\Marketa\Desktop\FRST.txt
2016-09-01 19:37 - 2016-09-01 19:38 - 00000000 ____D C:\FRST
2016-09-01 18:39 - 2016-09-01 19:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-09-01 18:24 - 2016-09-01 18:25 - 01747968 _____ (Farbar) C:\Users\Marketa\Desktop\FRST.exe
2016-09-01 18:05 - 2016-09-01 18:08 - 00000000 ____D C:\AdwCleaner
2016-09-01 18:05 - 2016-09-01 18:05 - 03826240 _____ C:\Users\Marketa\Desktop\adwcleaner_6.010.exe
2016-08-29 08:38 - 2016-08-29 08:38 - 00001933 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2016-08-29 08:38 - 2016-08-29 08:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-08-28 20:08 - 2016-08-28 20:08 - 00072265 _____ C:\Users\Marketa\Downloads\pravidla pro rodiče (1).pdf
2016-08-28 20:07 - 2016-08-28 20:07 - 00072265 _____ C:\Users\Marketa\Downloads\pravidla pro rodiče.pdf
2016-08-28 13:05 - 2016-08-29 11:09 - 00000000 ____D C:\Users\Marketa\Desktop\Tisk MŠ
2016-08-26 18:31 - 2016-08-26 18:31 - 00000000 ____D C:\rsit
2016-08-26 18:31 - 2016-08-26 18:31 - 00000000 ____D C:\Program Files\trend micro
2016-08-26 18:30 - 2016-08-26 18:31 - 01107968 _____ C:\Users\Marketa\Desktop\RSIT.exe
2016-08-25 21:22 - 2016-08-25 21:22 - 00046731 _____ C:\WINDOWS\system32\epfwdata.bin
2016-08-23 14:31 - 2016-08-23 14:31 - 00405205 _____ C:\Users\Marketa\Downloads\Příloha 8a - manual_mpp.pdf
2016-08-21 15:19 - 2016-08-21 15:24 - 00000000 ____D C:\Users\Marketa\Desktop\Foto - výlety léto 2016
2016-08-17 21:25 - 2016-08-17 21:25 - 00002100 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2016-08-17 21:25 - 2016-08-17 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-08-17 21:25 - 2016-08-17 21:25 - 00000000 ____D C:\ProgramData\ESET
2016-08-15 14:21 - 2016-08-15 14:21 - 00448811 _____ C:\Users\Marketa\Downloads\info_společné_vzdělávání_MŠ_v05-1-1.pdf
2016-08-15 13:33 - 2016-08-15 13:33 - 00295499 _____ C:\Users\Marketa\Downloads\Opatření ministryně.pdf
2016-08-15 13:27 - 2016-08-15 13:27 - 00284754 _____ C:\Users\Marketa\Downloads\20160729_PM_7PSod_09_16_var_1Dupr_stupnice.pdf
2016-08-15 13:15 - 2016-08-15 13:15 - 00322774 _____ C:\Users\Marketa\Downloads\novely_vyhl_o_skolnim_stravovani.pdf
2016-08-15 13:10 - 2016-08-15 13:10 - 00452185 _____ C:\Users\Marketa\Downloads\CENTRA AKTIVIT.pptx
2016-08-15 12:55 - 2016-08-15 12:55 - 09902019 _____ C:\Users\Marketa\Downloads\Startup_presentation_CZ_08.07.pptx
2016-08-14 21:35 - 2016-08-14 21:35 - 09698711 _____ C:\Users\Marketa\Downloads\Lara Fabian Je T'aime Lyrics.mp4
2016-08-14 21:33 - 2016-08-14 21:34 - 13581501 _____ C:\Users\Marketa\Downloads\Lara Fabian - Je suis Malade (enable cc french for lyrics).mp4
2016-08-14 18:46 - 2016-08-14 18:46 - 10514312 _____ C:\Users\Marketa\Downloads\ADELE - 'Make You Feel My Love'.mp4
2016-08-14 18:37 - 2016-08-14 18:37 - 07948533 _____ C:\Users\Marketa\Downloads\Hello (Piano karaoke demo) ADELE.mp4
2016-08-14 18:35 - 2016-08-14 18:35 - 09585033 _____ C:\Users\Marketa\Downloads\Say Something (Piano Karaoke Version) A Great Big World & Christina Aguilera.mp4
2016-08-14 17:37 - 2016-08-14 17:37 - 08082514 _____ C:\Users\Marketa\Downloads\Hurt - Christina Aguilera + lyrics.mp4
2016-08-14 17:34 - 2016-08-14 17:34 - 15770569 _____ C:\Users\Marketa\Downloads\Kelly Clarkson - Because Of You.mp4
2016-08-14 17:31 - 2016-08-14 17:31 - 16492862 _____ C:\Users\Marketa\Downloads\Say Something (I'm Giving Up On You).mp4
2016-08-12 21:07 - 2016-08-12 21:07 - 00319897 _____ C:\Users\Marketa\Downloads\7423.tmp
2016-08-12 21:05 - 2016-08-12 21:05 - 00370999 _____ C:\Users\Marketa\Downloads\C019.tmp
2016-08-12 21:04 - 2016-08-12 21:04 - 00370999 _____ C:\Users\Marketa\Downloads\6EEA.tmp
2016-08-12 10:05 - 2016-08-03 08:27 - 01303744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-12 10:05 - 2016-08-03 08:27 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-12 10:05 - 2016-08-03 08:27 - 00045760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-12 10:05 - 2016-08-03 07:52 - 05793632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-12 10:05 - 2016-08-03 07:52 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-12 10:05 - 2016-08-03 07:43 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-12 10:05 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-12 10:05 - 2016-08-03 07:32 - 00413024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-12 10:05 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-12 10:05 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-12 10:05 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-12 10:05 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-12 10:05 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-12 10:05 - 2016-08-03 07:29 - 01337680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-12 10:05 - 2016-08-03 07:29 - 00633192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-12 10:05 - 2016-08-03 07:28 - 00505136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-12 10:05 - 2016-08-03 07:28 - 00139616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-12 10:05 - 2016-08-03 07:21 - 01712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-12 10:05 - 2016-08-03 07:21 - 00483680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-12 10:05 - 2016-08-03 07:21 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-12 10:05 - 2016-08-03 07:18 - 00346464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-12 10:05 - 2016-08-03 06:58 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-12 10:05 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-12 10:05 - 2016-08-03 06:48 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-12 10:05 - 2016-08-03 06:47 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-12 10:05 - 2016-08-03 06:44 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-08-12 10:05 - 2016-08-03 06:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-12 10:05 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-12 10:05 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-12 10:05 - 2016-08-03 06:43 - 00180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-12 10:05 - 2016-08-03 06:41 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-12 10:05 - 2016-08-03 06:40 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-12 10:05 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-12 10:05 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-12 10:05 - 2016-08-03 06:39 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-12 10:05 - 2016-08-03 06:37 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-12 10:05 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-12 10:05 - 2016-08-03 06:35 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-12 10:05 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-12 10:05 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-12 10:05 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-12 10:05 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-12 10:05 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-12 10:05 - 2016-08-03 06:33 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-12 10:05 - 2016-08-03 06:33 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-12 10:05 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-12 10:05 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-12 10:05 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-12 10:05 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-12 10:05 - 2016-08-03 06:32 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-12 10:05 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-12 10:05 - 2016-08-03 06:32 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-12 10:05 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-12 10:05 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-12 10:05 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-12 10:05 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-12 10:05 - 2016-08-03 06:27 - 02973696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-12 10:05 - 2016-08-03 06:27 - 01903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-12 10:05 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-12 10:05 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-12 10:05 - 2016-08-03 06:24 - 01735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-12 10:05 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-12 10:05 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-12 10:05 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-12 10:05 - 2016-08-03 06:22 - 01900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-12 10:05 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-12 10:05 - 2016-08-03 06:22 - 01086976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-12 10:05 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-12 10:05 - 2016-08-03 06:20 - 03483648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-12 10:05 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-12 10:04 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-12 10:04 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-12 10:04 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-12 10:04 - 2016-08-03 07:32 - 00260448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-12 10:04 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-12 10:04 - 2016-08-03 06:44 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-12 10:04 - 2016-08-03 06:44 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-12 10:04 - 2016-08-03 06:43 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-08-12 10:04 - 2016-08-03 06:43 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-12 10:04 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-12 10:04 - 2016-08-03 06:40 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-12 10:04 - 2016-08-03 06:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-12 10:04 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-12 10:04 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-12 10:04 - 2016-08-03 06:33 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-12 10:04 - 2016-08-03 06:33 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-10 18:46 - 2016-08-10 18:46 - 00952525 _____ C:\Users\Marketa\Downloads\561-2004_zneni_82-2015_ruzna ucinnost.pdf
2016-08-10 18:45 - 2016-08-10 18:45 - 00388745 _____ C:\Users\Marketa\Downloads\metodika_novela ŠZ 82-2015_final (2).pdf
2016-08-10 18:44 - 2016-08-10 18:44 - 01123770 _____ C:\Users\Marketa\Downloads\Oduvodneni k vyhlášce.pdf
2016-08-10 14:14 - 2016-08-10 14:14 - 00310946 _____ C:\Users\Marketa\Downloads\Školní řád MŠ Kaštánek 2014 (2).pdf
2016-08-10 09:37 - 2016-08-10 09:37 - 00229214 _____ C:\Users\Marketa\Downloads\Vnitřní řád MŠ Kaštánek 2014 - pro rodiče (1).pdf
2016-08-10 09:37 - 2016-08-10 09:37 - 00182009 _____ C:\Users\Marketa\Downloads\Vnitřní řád MŠ Kaštánek 2014 - pro personál.pdf
2016-08-10 09:37 - 2016-08-10 09:37 - 00182009 _____ C:\Users\Marketa\Downloads\Vnitřní řád MŠ Kaštánek 2014 - pro personál (1).pdf
2016-08-09 20:33 - 2016-08-09 20:33 - 00480990 _____ C:\Users\Marketa\Downloads\Листовка_A4_EU_cz.pdf
2016-08-09 20:15 - 2016-08-09 20:15 - 00672451 _____ C:\Users\Marketa\Downloads\28. Zubni pasta s zelenym cajem a zensenem sanchi_cz.pptx
2016-08-09 20:14 - 2016-08-09 20:14 - 03780096 _____ C:\Users\Marketa\Downloads\16. ProDental Junior_cz.ppt
2016-08-09 20:12 - 2016-08-09 20:12 - 07341568 _____ C:\Users\Marketa\Downloads\7. Ortophyt_cz.ppt
2016-08-09 20:10 - 2016-08-09 20:10 - 10835968 _____ C:\Users\Marketa\Downloads\12. Zubni pasty a zubni kartac__cz__ej.ppt
2016-08-09 20:03 - 2016-08-09 20:04 - 23714309 _____ C:\Users\Marketa\Downloads\Ćóđíŕë TianDe ą6.pdf
2016-08-09 20:00 - 2016-08-09 20:00 - 02591096 _____ C:\Users\Marketa\Downloads\Starter Package.pdf
2016-08-08 10:19 - 2016-08-08 10:19 - 00043144 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2016-08-08 10:19 - 2016-08-08 10:19 - 00014976 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2016-08-04 08:16 - 2016-08-04 08:16 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-08-04 08:16 - 2016-08-04 08:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-04 08:15 - 2016-08-04 08:16 - 00000000 ____D C:\Program Files\iTunes
2016-08-04 08:15 - 2016-08-04 08:15 - 00000000 ____D C:\Program Files\iPod
2016-08-02 14:33 - 2016-07-27 21:25 - 00406184 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-01 19:38 - 2016-01-13 23:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-09-01 19:38 - 2015-10-30 17:08 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-01 19:38 - 2015-10-30 17:08 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-01 19:38 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-09-01 19:38 - 2015-08-16 09:01 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-01 19:35 - 2016-07-22 12:39 - 00000000 ____D C:\RQMONEY
2016-09-01 18:53 - 2015-05-28 16:46 - 00000000 ____D C:\Users\Marketa\Documents\Soubory aplikace Outlook
2016-09-01 18:52 - 2016-07-13 21:47 - 00000000 ____D C:\Users\Marketa\AppData\Local\4CDC7379-CC03-4000-81CD-BF9CBA0DE99C.aplzod
2016-09-01 18:47 - 2015-07-08 22:19 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-01 18:14 - 2015-07-08 22:19 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-01 18:11 - 2016-01-26 05:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-01 18:10 - 2015-10-30 07:13 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-01 17:39 - 2015-12-29 21:37 - 00000000 ____D C:\Users\Marketa\Desktop\Úprava ŠVP a TVP 2015
2016-09-01 10:02 - 2015-06-11 16:07 - 00020057 _____ C:\WINDOWS\BRRBCOM.INI
2016-09-01 09:48 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 09:48 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-01 09:43 - 2015-05-28 16:25 - 00000000 ____D C:\Program Files\Opera
2016-09-01 09:35 - 2016-01-26 04:47 - 00000000 ____D C:\Users\Marketa
2016-08-31 20:41 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-31 20:41 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-31 11:06 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-30 13:33 - 2016-06-25 13:37 - 00000000 ____D C:\Users\Marketa\Desktop\TianDe
2016-08-30 13:24 - 2015-05-28 16:18 - 00000000 ____D C:\Users\Marketa\AppData\Local\Packages
2016-08-29 08:39 - 2015-07-08 20:16 - 00000000 ____D C:\Program Files\Garmin
2016-08-29 08:39 - 2014-01-01 23:58 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-17 21:27 - 2015-10-30 07:48 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-16 22:02 - 2015-05-28 16:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-08-16 21:51 - 2015-05-28 22:05 - 00000000 ____D C:\Program Files\KMSpico
2016-08-15 11:22 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-08-14 21:48 - 2014-01-01 23:51 - 00000000 ____D C:\Users\Marketa\AppData\Roaming\Anvsoft
2016-08-14 18:29 - 2015-05-30 21:28 - 00000000 ____D C:\Users\Marketa\AppData\Roaming\vlc
2016-08-14 14:22 - 2016-07-24 17:18 - 00000000 ____D C:\Users\Marketa\AppData\Local\Nero
2016-08-12 16:27 - 2015-10-30 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-12 16:27 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-12 14:41 - 2015-05-28 22:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-12 14:29 - 2015-05-28 22:45 - 144884648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-12 14:19 - 2013-08-22 08:13 - 00000222 _____ C:\WINDOWS\win.ini
2016-08-12 14:14 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-09 18:53 - 2016-07-06 15:24 - 00000000 ____D C:\Users\Marketa\Desktop\Evaluace
2016-08-09 18:43 - 2016-07-24 16:33 - 00000000 ____D C:\Users\Marketa\Desktop\Hudba do mobilu
2016-08-09 18:40 - 2016-07-06 14:51 - 00000000 ____D C:\Users\Marketa\Desktop\Pokojík
2016-08-08 10:19 - 2015-03-10 17:24 - 00178312 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2016-08-08 10:19 - 2015-03-10 17:24 - 00161928 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2016-08-08 10:19 - 2015-03-10 17:24 - 00137384 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2016-08-08 10:19 - 2015-03-10 17:24 - 00078496 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2016-08-08 10:19 - 2015-03-10 17:24 - 00068256 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2016-08-06 08:51 - 2015-10-12 18:58 - 00000000 ____D C:\Users\Marketa\AppData\Roaming\Audacity
2016-08-05 20:21 - 2015-05-28 16:25 - 00001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-08-04 08:15 - 2016-07-13 17:00 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-04 07:51 - 2015-07-08 22:21 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-04 07:44 - 2015-05-31 12:52 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-02 14:22 - 2015-10-30 07:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
==================== Files in the root of some directories =======
2016-06-29 09:26 - 2016-06-29 09:26 - 0000600 _____ () C:\Users\Marketa\AppData\Roaming\winscp.rnd
2015-10-30 08:04 - 2015-10-30 08:04 - 0000000 _____ () C:\Users\Marketa\AppData\Local\{554CE765-827A-4AD1-A9C0-F4B29CC961DE}
2015-10-19 12:19 - 2015-10-19 12:19 - 0000000 _____ () C:\Users\Marketa\AppData\Local\{927C9663-A771-4DF6-A3E8-BB82CD825E8A}
2016-01-15 13:00 - 2016-01-15 13:00 - 0000000 _____ () C:\Users\Marketa\AppData\Local\{9B458FB3-3FBA-42E8-8080-4AC1C506B711}
2015-10-07 12:38 - 2015-10-07 12:38 - 0000000 _____ () C:\Users\Marketa\AppData\Local\{E6938C34-BFDB-4CCA-AFCA-4799AA530994}
2015-06-24 08:45 - 2015-07-09 22:47 - 0000085 ___SH () C:\ProgramData\.zreglib
2015-05-30 17:07 - 2015-09-02 22:02 - 0001721 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\Marketa\AppData\Local\Temp\GarminExpressInstaller.exe
C:\Users\Marketa\AppData\Local\Temp\libeay32.dll
C:\Users\Marketa\AppData\Local\Temp\msvcr120.dll
C:\Users\Marketa\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-26 17:18
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o preventivku
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
C:\Program Files\Microsoft\BingBar
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
C:\Users\Marketa\Downloads\7423.tmp
C:\Users\Marketa\Downloads\C019.tmp
C:\Users\Marketa\Downloads\6EEA.tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Marketa\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o preventivku
Fix result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016
Ran by Marketa (01-09-2016 21:47:32) Run:1
Running from C:\Users\Marketa\Desktop
Loaded Profiles: Marketa (Available Profiles: Marketa)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
C:\Program Files\Microsoft\BingBar
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
C:\Users\Marketa\Downloads\7423.tmp
C:\Users\Marketa\Downloads\C019.tmp
C:\Users\Marketa\Downloads\6EEA.tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Marketa\AppData\Local\Temp
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully.
"HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully.
C:\Program Files\Microsoft\BingBar => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully.
"HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => key removed successfully.
C:\Users\Marketa\Downloads\7423.tmp => moved successfully
C:\Users\Marketa\Downloads\C019.tmp => moved successfully
C:\Users\Marketa\Downloads\6EEA.tmp => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
"C:\Users\Marketa\AppData\Local\Temp" folder move:
Could not move "C:\Users\Marketa\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 01-09-2016 21:53:34)
C:\Users\Marketa\AppData\Local\Temp => moved successfully
==== End of Fixlog 21:53:35 ====
Ran by Marketa (01-09-2016 21:47:32) Run:1
Running from C:\Users\Marketa\Desktop
Loaded Profiles: Marketa (Available Profiles: Marketa)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
C:\Program Files\Microsoft\BingBar
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
C:\Users\Marketa\Downloads\7423.tmp
C:\Users\Marketa\Downloads\C019.tmp
C:\Users\Marketa\Downloads\6EEA.tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Marketa\AppData\Local\Temp
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully.
"HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully.
C:\Program Files\Microsoft\BingBar => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully.
"HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => key removed successfully.
C:\Users\Marketa\Downloads\7423.tmp => moved successfully
C:\Users\Marketa\Downloads\C019.tmp => moved successfully
C:\Users\Marketa\Downloads\6EEA.tmp => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
"C:\Users\Marketa\AppData\Local\Temp" folder move:
Could not move "C:\Users\Marketa\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 01-09-2016 21:53:34)
C:\Users\Marketa\AppData\Local\Temp => moved successfully
==== End of Fixlog 21:53:35 ====
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o preventivku
Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?