zda se mi ze je neco spatne
prosim radeji o kontrolu. DIKY!Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by admin (administrator) on DA (07-09-2016 09:38:17)
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel Corporation) C:\Qoobox\Quarantine\C\Windows\Temp\DPTF\esif_assist_64.exe.vir
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avpui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(forum.viry.cz) C:\Users\admin\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [736552 2015-05-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2015-07-13] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074088 2015-09-03] (The Eraser Project)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7823336 2015-12-07] (Motorola Solutions, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296208 2014-11-04] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1172256 2014-11-10] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25197248 2016-08-30] (Dropbox, Inc.)
HKU\S-1-5-21-715422665-10965421-2657355993-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\admin\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-04] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\admin\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-04] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\admin\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-04] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\admin\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-04] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\admin\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll [2016-08-04] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2016-09-06]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 localhost# 127.0.0.1 http://www.abcsearch.com #[Restricted Zone site]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{31122B2B-AB8F-4D78-B40A-D18FFA03F79F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{45C824B7-5513-459E-9074-B38CFF409473}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{852E34AC-2B8C-47EA-906B-4ADF63C8CAEE}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-715422665-10965421-2657355993-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-715422665-10965421-2657355993-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-715422665-10965421-2657355993-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-715422665-10965421-2657355993-1000 -> DefaultScope {7924DDA5-74FA-45D0-B2CA-B162A034096A} URL =
SearchScopes: HKU\S-1-5-21-715422665-10965421-2657355993-1000 -> {7924DDA5-74FA-45D0-B2CA-B162A034096A} URL =
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default
FF DefaultSearchUrl: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Homepage: hxxp://www.google.cz/
FF Session Restore: -> is enabled.
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "type", 0
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF user.js: detected! => C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\user.js [2016-09-06]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\searchplugins\firmycz.xml [2010-02-18]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\searchplugins\jyxo.xml [2015-01-07]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\searchplugins\jyxocz.xml [2007-09-04]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\searchplugins\majestic-seo.xml [2016-01-04]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\searchplugins\mapycz.xml [2010-02-18]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\searchplugins\s-amazon.xml [2012-01-19]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\searchplugins\zbocz.xml [2010-02-18]
FF Extension: (Live HTTP headers) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2015-11-22]
FF Extension: (HeadingsMap) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\extensions\headings@niquelheadings.net.xpi [2016-02-04]
FF Extension: (Disconnect) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\Extensions\2.0@disconnect.me.xpi [2016-02-18]
FF Extension: (Firebug) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\Extensions\firebug@software.joehewitt.com.xpi [2016-02-04]
FF Extension: (IP Address and Domain Information) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\Extensions\jid0-jJRRRBMgoShUhb07IvnxTBAl29w@jetpack.xpi [2016-02-04]
FF Extension: (Disconnect Search) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\Extensions\search@disconnect.me.xpi [2016-02-18]
FF Extension: (LastPass) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\Extensions\support@lastpass.com [2016-08-03]
FF Extension: (Video DownloadHelper) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hz1950h2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-02-04]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-10-15] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-08-16]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://google.cz/"
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-03]
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-03]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-26]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-19]
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-26]
CHR Extension: (Adobe Acrobat) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-26]
CHR Extension: (Google Sheets) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-03]
CHR Extension: (Google Docs Offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-15]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-30]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-06-29]
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [96000 2015-09-25] (Alps Electric Co., Ltd.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287256 2016-07-04] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-06] (Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [94136 2016-06-02] (Dell Inc.)
S2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [153960 2016-04-29] (Dell)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1392792 2015-10-30] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [171640 2016-02-27] (Intel Corporation)
S2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [354280 2016-06-09] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel)
S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2015-07-13] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [65536 2014-03-07] (BayHubTech/O2Micro International)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-06-12] (Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{547C595E-AAED-4033-980D-1641D078CBDC}
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87528 2015-10-13] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141800 2015-10-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1545704 2015-10-16] (Motorola Solutions, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 dptf_acpi; C:\Windows\System32\DRIVERS\dptf_acpi.sys [55784 2015-10-30] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\DRIVERS\dptf_cpu.sys [52200 2015-10-30] (Intel Corporation)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [501216 2015-08-05] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 esif_lf; C:\Windows\System32\DRIVERS\esif_lf.sys [260072 2015-10-30] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-06-07] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [306448 2016-02-20] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2015-07-13] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2015-07-13] ()
S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236888 2016-08-16] (AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-09-06] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1001304 2016-08-16] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-05-05] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [110424 2016-08-16] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3425768 2014-11-17] (Intel Corporation)
R3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [210592 2014-05-14] (BayHubTech/O2Micro )
S3 RT-USB; C:\Windows\System32\drivers\RT-USB64.SYS [70984 2010-06-16] (Ross-Tech LLC)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_Accel.sys [75952 2014-04-21] (STMicroelectronics)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [213296 2014-10-15] (Windows (R) Win 7 DDK provider)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [127456 2016-03-04] (Oracle Corporation)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTDVHD64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-07 09:38 - 2016-09-07 09:38 - 00029061 _____ C:\Users\admin\Desktop\FRST.txt
2016-09-07 09:34 - 2016-09-07 09:34 - 00112640 _____ (forum.viry.cz) C:\Users\admin\Desktop\FRSTLauncher.exe
2016-09-07 09:22 - 2016-09-07 09:38 - 00000000 ____D C:\FRST
2016-09-07 09:21 - 2016-09-07 09:22 - 02397696 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2016-09-06 15:33 - 2016-09-06 15:33 - 00000053 _____ C:\Users\admin\Desktop\google23ec57472352ba2c.html
2016-09-06 15:10 - 2016-09-06 15:10 - 00601974 _____ C:\Users\admin\Desktop\1121124648.pdf
2016-09-06 15:10 - 2016-09-06 15:10 - 00228548 _____ C:\Users\admin\Desktop\-471138008.pdf
2016-09-06 13:15 - 2016-09-06 13:15 - 00125303 _____ C:\Users\admin\Desktop\Dominik-bonus.pdf
2016-09-06 12:56 - 2016-09-06 12:56 - 00127403 _____ C:\Users\admin\Desktop\Jitka- bonus.pdf
2016-09-06 11:18 - 2016-09-06 11:18 - 00038077 _____ C:\ComboFix.txt
2016-09-06 10:39 - 2016-09-06 10:39 - 00055109 _____ C:\Users\admin\Desktop\vypis-916776.pdf
2016-09-06 10:29 - 2016-09-06 10:34 - 01332984 _____ C:\Users\admin\Desktop\Jitka Divisova OP.pdf
2016-09-06 09:16 - 2016-09-06 09:37 - 00000000 ____D C:\Users\admin\Desktop\SCAN SAMSUNG
2016-09-06 09:15 - 2016-09-06 09:15 - 00212245 _____ C:\Users\admin\Desktop\plna moc 001.pdf
2016-09-05 15:23 - 2016-09-06 12:22 - 00144068 _____ C:\Users\admin\Desktop\Divišová- invest.složka 100 Kč - KOMENTARE.pdf
2016-09-03 06:50 - 2016-09-03 06:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-31 13:19 - 2016-08-31 13:20 - 121962464 _____ (Oracle Corporation) C:\Users\admin\Desktop\VirtualBox-5.1.4-110228-Win(1).exe
2016-08-31 13:11 - 2016-08-31 13:11 - 00742639 _____ C:\Users\admin\Desktop\srm350_om.pdf
2016-08-31 08:47 - 2016-08-31 08:47 - 00702445 _____ C:\Users\admin\Desktop\Vizitky_2016_30_print_bez_adres_01(2).pdf
2016-08-31 08:29 - 2016-08-31 08:29 - 00055458 _____ C:\Users\admin\Desktop\116006779(1).PDF
2016-08-31 07:42 - 2016-08-31 07:42 - 00057149 _____ C:\Users\admin\Desktop\SUB_19382.pdf
2016-08-30 21:24 - 2016-08-30 21:33 - 00328094 _____ C:\Users\admin\Desktop\zadost-o-vydani-dodatkove-karty-dc-cz-20141001-f.pdf
2016-08-30 16:13 - 2016-08-30 16:13 - 00702445 _____ C:\Users\admin\Desktop\Vizitky_2016_30_print_bez_adres_01(1).pdf
2016-08-30 16:11 - 2016-08-30 16:11 - 00057177 _____ C:\Users\admin\Desktop\SUB_18719(1).pdf
2016-08-30 16:08 - 2016-08-30 16:08 - 00130908 _____ C:\Users\admin\Desktop\Divišová- invest.složka 1056 Kč.pdf
2016-08-30 16:08 - 2016-08-30 16:08 - 00128712 _____ C:\Users\admin\Desktop\Divišová- invest.složka 100 Kč.pdf
2016-08-30 15:59 - 2016-08-30 15:59 - 00055458 _____ C:\Users\admin\Desktop\116006779.PDF
2016-08-30 12:12 - 2016-08-30 12:12 - 00057177 _____ C:\Users\admin\Desktop\SUB_18719.pdf
2016-08-30 12:01 - 2016-08-30 12:01 - 00702445 _____ C:\Users\admin\Desktop\Vizitky_2016_30_print_bez_adres_01.pdf
2016-08-30 08:53 - 2016-08-30 08:53 - 121962464 _____ (Oracle Corporation) C:\Users\admin\Desktop\VirtualBox-5.1.4-110228-Win.exe
2016-08-30 08:40 - 2016-08-30 08:40 - 00074625 _____ C:\Users\admin\Desktop\podnajemni_smlouva-sublease.pdf
2016-08-29 16:13 - 2016-08-29 16:13 - 00059725 _____ C:\Users\admin\Desktop\E.roSD.roSALEINFO(1).pdf
2016-08-29 13:35 - 2016-08-29 13:35 - 00000000 ____D C:\Users\admin\Desktop\____FYMC TISKOVINY
2016-08-29 13:02 - 2016-08-29 13:02 - 01548647 _____ C:\Users\admin\Desktop\210x99_fymc_250kc.pdf
2016-08-29 06:47 - 2016-08-29 06:47 - 01854454 _____ C:\Users\admin\Desktop\lookout-pegasus-technical-analysis.pdf
2016-08-28 10:39 - 2016-08-28 10:39 - 00047529 _____ C:\Users\admin\Desktop\Pohyb_10826342410_na_uctu_2000551004.pdf
2016-08-27 15:20 - 2016-08-27 15:22 - 47611856 _____ (Wireshark development team) C:\Users\admin\Desktop\Wireshark-win64-2.0.5.exe
2016-08-25 14:17 - 2016-08-25 14:17 - 00059700 _____ C:\Users\admin\Desktop\E.roSD.roSALEINFO.pdf
2016-08-22 20:44 - 2016-09-02 13:07 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-08-22 11:04 - 2016-08-22 11:04 - 00050430 _____ C:\Users\admin\Desktop\AIR2pronajemdlohodoby.pdf
2016-08-22 11:02 - 2016-08-22 11:02 - 00064532 _____ C:\Users\admin\Desktop\2016105230.pdf
2016-08-22 11:01 - 2016-08-22 11:01 - 00037623 _____ C:\Users\admin\Desktop\invoices_2016_7m.pdf
2016-08-22 10:56 - 2016-08-22 10:56 - 00068064 _____ C:\Users\admin\Desktop\2016906253.pdf
2016-08-22 10:52 - 2016-08-22 10:52 - 00034106 _____ C:\Users\admin\Desktop\DS-EUrope 2Q 2016.pdf
2016-08-22 09:34 - 2016-08-22 09:34 - 00037898 _____ C:\Users\admin\Desktop\invoice_1021516(1).pdf
2016-08-22 09:23 - 2016-08-22 09:23 - 02451766 _____ C:\Users\admin\Desktop\fwdnnpravapojistnochrany.zip
2016-08-22 09:10 - 2016-08-27 08:31 - 00006127 _____ C:\Users\admin\Desktop\výkaz práce TARVOS - ROBENEK.xlsx
2016-08-20 11:16 - 2016-08-20 11:16 - 00000053 _____ C:\Users\admin\Downloads\google150d01513ba41881 (1).html
2016-08-20 11:11 - 2016-08-21 22:33 - 00000108 _____ C:\Users\admin\Desktop\D JUNA pristupy.txt
2016-08-19 15:59 - 2016-08-19 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL
2016-08-19 15:59 - 2016-08-19 15:59 - 00000000 ____D C:\OpenSSL-Win64
2016-08-19 15:59 - 2016-05-03 17:59 - 02084864 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libeay32.dll
2016-08-19 15:59 - 2016-05-03 17:59 - 00350208 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\ssleay32.dll
2016-08-19 15:59 - 2016-05-03 17:59 - 00350208 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libssl32.dll
2016-08-19 15:58 - 2016-08-19 15:58 - 03356130 _____ (OpenSSL Win64 Installer Team ) C:\Users\admin\Desktop\Win64OpenSSL_Light-1_0_2h.exe
2016-08-19 07:47 - 2016-07-08 17:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-19 07:47 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-16 12:06 - 2016-08-16 12:06 - 00055002 _____ C:\Users\admin\Desktop\vypis-187184.pdf
2016-08-16 12:03 - 2016-08-16 12:03 - 00037898 _____ C:\Users\admin\Desktop\invoice_1021516.pdf
2016-08-15 13:37 - 2016-08-15 13:37 - 00000000 ____D C:\Windows\{5CE2B5AB-ED18-49A1-B500-489701E9B898}
2016-08-13 21:56 - 2016-08-13 22:03 - 00000000 ____D C:\Users\admin\Desktop\_____ NEMAZAT - NEVESLO SE DO DB
2016-08-13 08:06 - 2016-08-13 08:23 - 00000000 ____D C:\Users\admin\Desktop\____E.RO - prodej
2016-08-13 08:04 - 2016-08-13 08:04 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-08-13 02:21 - 2016-08-13 02:21 - 00166776 _____ C:\Windows\system32\us008ci.exe
2016-08-13 02:21 - 2016-08-13 02:21 - 00031256 _____ () C:\Windows\system32\us008lm.dll
2016-08-13 02:20 - 2016-08-13 02:20 - 00098328 _____ (SS) C:\Windows\system32\us008ci.dll
2016-08-11 15:15 - 2016-08-02 16:54 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-11 15:15 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-11 15:15 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-11 15:15 - 2016-08-02 08:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-11 15:15 - 2016-08-02 08:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-11 15:15 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-11 15:15 - 2016-08-02 08:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-11 15:15 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-11 15:15 - 2016-08-02 08:31 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-11 15:15 - 2016-08-02 08:31 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-11 15:15 - 2016-08-02 08:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-11 15:15 - 2016-08-02 08:24 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-11 15:15 - 2016-08-02 08:23 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-11 15:15 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-11 15:15 - 2016-08-02 08:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-11 15:15 - 2016-08-02 08:19 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-11 15:15 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-11 15:15 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-11 15:15 - 2016-08-02 08:18 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-11 15:15 - 2016-08-02 08:11 - 00969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-11 15:15 - 2016-08-02 08:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-11 15:15 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-08-11 15:15 - 2016-08-02 08:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-11 15:15 - 2016-08-02 07:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-11 15:15 - 2016-08-02 07:56 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-11 15:15 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-11 15:15 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-11 15:15 - 2016-08-02 07:53 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-11 15:15 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-11 15:15 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-08-11 15:15 - 2016-08-02 07:51 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-11 15:15 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-08-11 15:15 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-08-11 15:15 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-08-11 15:15 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-11 15:15 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-08-11 15:15 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-08-11 15:15 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-08-11 15:15 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-11 15:15 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-08-11 15:15 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-08-11 15:15 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-11 15:15 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-11 15:15 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-11 15:15 - 2016-08-02 07:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-11 15:15 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-11 15:15 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-08-11 15:15 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-11 15:15 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-11 15:15 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-08-11 15:15 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-08-11 15:15 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-08-11 15:15 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-08-11 15:15 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-11 15:15 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-08-11 15:15 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-11 15:15 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-08-11 15:15 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-11 15:15 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-11 15:15 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-08-11 15:15 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-11 15:15 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-11 15:15 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-11 15:15 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-11 15:15 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-11 15:15 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-11 15:15 - 2016-07-08 17:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-11 15:15 - 2016-07-08 17:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-11 15:15 - 2016-07-08 17:32 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-11 15:15 - 2016-07-08 17:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-11 15:15 - 2016-07-08 17:17 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-08-11 15:15 - 2016-07-08 17:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-08-11 15:15 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-08-11 15:15 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-11 15:15 - 2016-07-08 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-11 15:15 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-11 15:15 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-11 15:15 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-08-11 15:15 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-08-11 15:15 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-08-11 15:15 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-08-11 15:15 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-08-11 15:15 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-08-11 15:15 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-08-11 15:15 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-08-11 15:15 - 2016-07-08 17:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-11 15:15 - 2016-07-08 16:57 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-11 15:15 - 2016-07-08 16:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-11 15:15 - 2016-07-08 16:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-11 15:15 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-08-11 15:15 - 2016-07-08 16:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-11 15:15 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-08-11 15:14 - 2016-07-08 17:01 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-07 09:32 - 2015-07-06 11:25 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-09-07 08:57 - 2015-07-06 11:24 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-09-07 08:56 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-07 08:56 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-07 08:55 - 2016-01-07 23:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-07 08:51 - 2016-07-28 21:46 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-07 08:50 - 2015-07-06 11:24 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-09-06 22:49 - 2016-06-10 11:14 - 00000000 ____D C:\Users\admin\AppData\Roaming\vlc
2016-09-06 22:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-06 22:36 - 2016-07-28 21:46 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-06 16:00 - 2015-12-12 22:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\qBittorrent
2016-09-06 15:40 - 2015-11-21 17:13 - 00007606 _____ C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2016-09-06 15:38 - 2015-07-03 15:23 - 00000000 ____D C:\Users\admin\AppData\Local\Apps\2.0
2016-09-06 11:19 - 2009-07-14 07:13 - 00897266 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-06 11:18 - 2016-06-15 07:57 - 00000000 ____D C:\Qoobox
2016-09-06 11:16 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-09-06 11:12 - 2016-08-05 13:08 - 00000000 ___RD C:\Users\admin\Desktop\CloudStation
2016-09-06 11:12 - 2015-12-13 15:14 - 00000000 ____D C:\Users\admin\AppData\Local\CloudStation
2016-09-06 11:12 - 2015-07-06 15:38 - 00000000 ___RD C:\Users\admin\Desktop\Dropbox
2016-09-06 11:12 - 2015-07-03 14:57 - 00000000 ____D C:\Users\admin
2016-09-06 11:12 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-06 11:10 - 2015-06-12 08:14 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-09-06 11:10 - 2015-06-12 08:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-06 11:09 - 2015-09-11 21:49 - 00000000 ____D C:\ProgramData\Skype
2016-09-06 10:58 - 2016-07-09 07:22 - 05658674 ____R (Swearware) C:\Users\admin\Desktop\ComboFix.exe
2016-09-06 10:57 - 2015-07-11 21:53 - 00000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2016-09-03 09:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-09-03 06:50 - 2015-07-06 11:23 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-09-01 11:55 - 2015-10-23 18:11 - 00000000 ____D C:\Users\admin\AppData\Local\WEB2Print
2016-08-31 09:13 - 2010-11-21 09:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-08-30 16:35 - 2015-07-04 16:38 - 00000000 ____D C:\Program Files\CCleaner
2016-08-30 11:59 - 2016-04-26 11:04 - 00000000 ____D C:\Users\admin\Desktop\____BALI FIRMA
2016-08-29 09:14 - 2015-07-03 15:29 - 00000000 ____D C:\Windows\System32\Tasks\Dell
2016-08-29 06:49 - 2016-04-08 13:27 - 00000000 ____D C:\Users\admin\AppData\LocalLow\LastPass
2016-08-28 16:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration
2016-08-25 14:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-08-25 14:10 - 2016-02-23 21:00 - 00000000 ____D C:\Users\admin\AppData\Roaming\TeamViewer
2016-08-25 14:04 - 2015-07-06 11:32 - 00000000 ____D C:\Program Files (x86)\Opera
2016-08-16 11:42 - 2016-07-29 12:04 - 01001304 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-08-16 11:42 - 2015-12-03 11:10 - 00110424 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2016-08-16 11:41 - 2016-05-05 03:43 - 00236888 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-08-15 17:09 - 2015-10-22 10:23 - 00000000 ____D C:\Users\admin\AppData\Roaming\Samsung
2016-08-14 13:24 - 2015-09-11 21:49 - 00000000 ____D C:\Users\admin\AppData\Roaming\Skype
2016-08-13 20:47 - 2016-07-30 17:37 - 00000000 ____D C:\Users\admin\Desktop\____SVATBA FOTO
2016-08-12 10:00 - 2015-11-12 08:51 - 00000000 ____D C:\Users\admin\Desktop\LABELS POST
2016-08-11 15:20 - 2015-07-03 15:35 - 00000000 ____D C:\Windows\system32\MRT
2016-08-11 15:16 - 2015-07-03 15:35 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-10 09:22 - 2015-07-06 11:09 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2016-08-08 21:56 - 2015-07-03 15:26 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories =======
2015-09-12 22:21 - 2015-09-12 22:21 - 0003584 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-07 14:54 - 2015-12-07 14:54 - 0000729 _____ () C:\Users\admin\AppData\Local\recently-used.xbel
2015-11-21 17:13 - 2016-09-06 15:40 - 0007606 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2015-07-06 15:55 - 2015-07-06 15:55 - 0000032 RSHOT () C:\Users\admin\AppData\Local\t60.dat
2015-10-08 13:34 - 2015-10-08 13:34 - 0000032 RSHOT () C:\Users\admin\AppData\Local\t70rc.dat
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-05 07:54
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:226.7 GB) (Free:10.28 GB) NTFS
Available physical RAM: 12564.86 MB
Total physical RAM: 16256.3 MB
Percentage of memory in use: 22%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 238.5 GB) (Disk ID: 557A88AA)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.7 GB) - (Type=27)
Partition 3: (Not Active) - (Size=226.7 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Windows\system32\usbaaplrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:4519 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:4571 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:4669 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:748 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:925 [0]
AlternateDataStreams: C:\Windows\system32\Drivers\ikbevent.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\imsevent.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\usbaapl64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\admin\Desktop\Jitka Divisova OP.pdf:com.dropbox.attributes [168]
==================== Security Center ==================
AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\admin\Desktop" je 65241 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiLogger
"C:\Program Files (x86)\AntiLogger\AntiLogger.exe" /minimized [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Přispějete na provoz fóra?