Kontrola logu

Zpráva

milav · #1 Příspěvek od **milav** » 30 říj 2017 23:24

Omlouvám se, posílám znovu, v předešlém jsem nevyplnil předmět.
Prosím o kontrolu logu, zdá se mí že mi něco žere paměť. Mám spuštěvé dvě aplikace a vytížení paměti je asi 61% a procesoru asi 5%. Antiviry neodhalily nic. Děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Milan at 2017-10-30 22:33:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 41 GB (50%) free of 82 GB
Total RAM: 1953 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:33:08, on 30.10.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Milan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\taskmgr.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Milan\Desktop\RSIT.exe
C:\Program Files\trend micro\Milan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=29530
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PDF Architect 4 Helper - {38279E1A-7019-40C1-B579-E99DFB3312E8} - C:\Program Files\PDF Architect 4\creator-ie-helper.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files\PDF Architect 4\creator-ie-plugin.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Milan\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Milan\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Milan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [SeznamInstall-uninstall:6a554ab8e493479525f55210b0b6dfed] "C:\Users\Milan\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\Milan\AppData\Roaming\Seznam.cz"
O4 - Startup: Dropbox.lnk = Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PDF Architect 4 - pdfforge GmbH - C:\Program Files\PDF Architect 4\ws.exe
O23 - Service: PDF Architect 4 CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 4\crash-handler-ws.exe
O23 - Service: PDF Architect 4 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 4\creator-ws.exe
O23 - Service: PDF Architect 4 Manager - Â© pdfforge GmbH. - C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 8532 bytes

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3185578175-294760507-565108644-1000Core.job - C:\Users\Milan\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3185578175-294760507-565108644-1000UA.job - C:\Users\Milan\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qrar7tc0.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"FFPDFArchitectConverter@pdfarchitect.com"=C:\Program Files\PDF Architect\FFPDFArchitectExt
"pdf_architect_4_conv@pdfarchitect.org"=C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.130 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_130.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8}]
PDF Architect 4 Helper - C:\Program Files\PDF Architect 4\creator-ie-helper.dll [2016-01-15 38112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2012-11-22 91784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - PDF Architect 4 Toolbar - C:\Program Files\PDF Architect 4\creator-ie-plugin.dll [2016-01-15 547040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-11-19 9874024]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-10-21 142616]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-10-21 177432]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-10-21 176408]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-27 1983816]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"OrderReminder"=C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [2005-03-18 98304]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1002984]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spybot-S&D Cleaning"=C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [2016-03-21 5915776]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2017-06-13 7648984]
"Dropbox Update"=C:\Users\Milan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04 143144]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"cz.seznam.software.autoupdate"=C:\Users\Milan\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Milan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2017-08-25 27832272]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SeznamInstall-uninstall:6a554ab8e493479525f55210b0b6dfed"=C:\Users\Milan\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [2017-10-30 534528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe [2017-10-17 3566904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-21 294400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2017-10-30 22:20:47 ----D---- C:\rsit
2017-10-27 18:09:34 ----D---- C:\ProgramData\~0
2017-10-11 18:05:14 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-11 07:57:53 ----A---- C:\Windows\system32\mshtml.dll
2017-10-11 07:57:52 ----A---- C:\Windows\system32\wininet.dll
2017-10-11 07:57:52 ----A---- C:\Windows\system32\jscript9.dll
2017-10-11 07:57:52 ----A---- C:\Windows\system32\ieframe.dll
2017-10-11 07:57:51 ----A---- C:\Windows\system32\win32k.sys
2017-10-11 07:57:51 ----A---- C:\Windows\system32\vbscript.dll
2017-10-11 07:57:51 ----A---- C:\Windows\system32\urlmon.dll
2017-10-11 07:57:51 ----A---- C:\Windows\system32\tquery.dll
2017-10-11 07:57:51 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-11 07:57:51 ----A---- C:\Windows\system32\Query.dll
2017-10-11 07:57:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-11 07:57:51 ----A---- C:\Windows\system32\ntkrnlpa.exe
2017-10-11 07:57:51 ----A---- C:\Windows\system32\jscript.dll
2017-10-11 07:57:51 ----A---- C:\Windows\system32\iertutil.dll
2017-10-11 07:57:51 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-11 07:57:50 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-11 07:57:50 ----A---- C:\Windows\system32\msexcl40.dll
2017-10-11 07:57:50 ----A---- C:\Windows\system32\mf.dll
2017-10-11 07:57:49 ----A---- C:\Windows\system32\wlansec.dll
2017-10-11 07:57:49 ----A---- C:\Windows\system32\themeui.dll
2017-10-11 07:57:49 ----A---- C:\Windows\system32\t2embed.dll
2017-10-11 07:57:49 ----A---- C:\Windows\system32\ntdll.dll
2017-10-11 07:57:49 ----A---- C:\Windows\system32\mswstr10.dll
2017-10-11 07:57:49 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-11 07:57:49 ----A---- C:\Windows\system32\msctf.dll
2017-10-11 07:57:49 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-11 07:57:49 ----A---- C:\Windows\system32\gdi32.dll
2017-10-11 07:57:49 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-11 07:57:49 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-11 07:57:49 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-11 07:57:49 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-11 07:57:49 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-11 07:57:49 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-11 07:57:49 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-11 07:57:48 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-11 07:57:48 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-11 07:57:48 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-11 07:57:48 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-11 07:57:48 ----A---- C:\Windows\system32\webcheck.dll
2017-10-11 07:57:48 ----A---- C:\Windows\system32\msjint40.dll
2017-10-11 07:57:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-11 07:57:48 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-11 07:57:48 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-11 07:57:48 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-11 07:57:47 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-11 07:57:47 ----A---- C:\Windows\system32\mfps.dll
2017-10-11 07:57:47 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-11 07:57:47 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-11 07:57:47 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-11 07:57:47 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-11 07:57:46 ----A---- C:\Windows\system32\smss.exe
2017-10-11 07:57:46 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-11 07:57:46 ----A---- C:\Windows\system32\ieui.dll
2017-10-11 07:57:45 ----A---- C:\Windows\system32\kerberos.dll
2017-10-11 07:57:45 ----A---- C:\Windows\system32\advapi32.dll
2017-10-11 07:57:44 ----A---- C:\Windows\system32\mssrch.dll
2017-10-11 07:57:44 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-11 07:57:43 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-11 07:57:42 ----A---- C:\Windows\system32\srcore.dll
2017-10-11 07:57:42 ----A---- C:\Windows\system32\occache.dll
2017-10-11 07:57:42 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-11 07:57:42 ----A---- C:\Windows\system32\mssvp.dll
2017-10-11 07:57:42 ----A---- C:\Windows\system32\msrating.dll
2017-10-11 07:57:42 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-11 07:57:42 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-11 07:57:41 ----A---- C:\Windows\system32\wdigest.dll
2017-10-11 07:57:41 ----A---- C:\Windows\system32\sspicli.dll
2017-10-11 07:57:41 ----A---- C:\Windows\system32\schannel.dll
2017-10-11 07:57:41 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-11 07:57:41 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-11 07:57:41 ----A---- C:\Windows\system32\mssph.dll
2017-10-11 07:57:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-11 07:57:41 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-11 07:57:41 ----A---- C:\Windows\system32\inseng.dll
2017-10-11 07:57:41 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-11 07:57:41 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-11 07:57:41 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-11 07:57:40 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-11 07:57:40 ----A---- C:\Windows\system32\srclient.dll
2017-10-11 07:57:40 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-11 07:57:40 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-11 07:57:40 ----A---- C:\Windows\system32\iesetup.dll
2017-10-11 07:57:40 ----A---- C:\Windows\system32\iernonce.dll
2017-10-11 07:57:40 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-11 07:57:40 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-11 07:57:40 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-11 07:57:39 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-11 07:57:39 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-11 07:57:39 ----A---- C:\Windows\system32\secur32.dll
2017-10-11 07:57:39 ----A---- C:\Windows\system32\rstrui.exe
2017-10-11 07:57:39 ----A---- C:\Windows\system32\lsass.exe
2017-10-11 07:57:39 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-11 07:57:39 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-11 07:57:39 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-11 07:57:39 ----A---- C:\Windows\system32\credssp.dll
2017-10-11 07:57:39 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-11 07:57:39 ----A---- C:\Windows\system32\appidapi.dll
2017-10-11 07:57:38 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-11 07:57:38 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-11 07:57:38 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-11 07:57:38 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-11 07:57:38 ----A---- C:\Windows\system32\msshooks.dll
2017-10-11 07:57:38 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-11 07:57:38 ----A---- C:\Windows\system32\icaapi.dll
2017-10-11 07:57:38 ----A---- C:\Windows\system32\auditpol.exe
2017-10-11 07:57:38 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-11 07:57:38 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-11 07:57:37 ----A---- C:\Windows\system32\msobjs.dll
2017-10-11 07:57:37 ----A---- C:\Windows\system32\msaudite.dll
2017-10-11 07:57:37 ----A---- C:\Windows\system32\mferror.dll
2017-10-11 07:57:37 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-10-11 07:57:37 ----A---- C:\Windows\system32\adtschema.dll
2017-10-08 19:37:22 ----D---- C:\Users\Milan\AppData\Roaming\Adobe

======List of files/folders modified in the last 1 month======

2017-10-30 22:33:02 ----D---- C:\Program Files\trend micro
2017-10-30 22:31:28 ----D---- C:\Windows\temp
2017-10-30 22:24:45 ----D---- C:\Windows\system32\config
2017-10-30 22:13:11 ----SHD---- C:\System Volume Information
2017-10-30 22:07:37 ----D---- C:\Users\Milan\AppData\Roaming\Seznam.cz
2017-10-30 22:06:24 ----D---- C:\Windows\System32
2017-10-30 22:06:24 ----D---- C:\Windows\inf
2017-10-30 22:06:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-30 22:00:24 ----D---- C:\Windows\winsxs
2017-10-30 22:00:24 ----D---- C:\Windows\system32\Tasks
2017-10-30 22:00:24 ----D---- C:\Windows\system32\DriverStore
2017-10-30 22:00:24 ----D---- C:\Windows\system32\catroot2
2017-10-30 22:00:24 ----D---- C:\Program Files\Internet Explorer
2017-10-30 22:00:23 ----D---- C:\Windows\system32\drivers\etc
2017-10-30 22:00:23 ----D---- C:\Windows\system32\drivers
2017-10-30 22:00:22 ----SHD---- C:\Windows\Installer
2017-10-30 22:00:19 ----D---- C:\Users\Milan\AppData\Roaming\Dropbox
2017-10-30 22:00:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2017-10-30 22:00:11 ----D---- C:\ProgramData\HP Product Assistant
2017-10-30 22:00:11 ----D---- C:\ProgramData
2017-10-30 22:00:11 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-10-30 22:00:11 ----D---- C:\Program Files\Mozilla Firefox
2017-10-30 22:00:10 ----D---- C:\Program Files\CCleaner
2017-10-30 22:00:07 ----D---- C:\ProgramData\McAfee
2017-10-30 22:00:04 ----D---- C:\Windows\registration
2017-10-30 22:00:00 ----D---- C:\Windows\system32\Macromed
2017-10-30 21:58:59 ----RD---- C:\Program Files
2017-10-30 21:58:56 ----D---- C:\Program Files\HP
2017-10-30 21:57:15 ----D---- C:\Windows\system32\catroot
2017-10-30 21:03:51 ----A---- C:\Windows\system32\log.txt
2017-10-30 21:02:39 ----D---- C:\Users\Milan\AppData\Roaming\Skype
2017-10-30 21:01:10 ----D---- C:\Windows\Tasks
2017-10-30 21:01:10 ----D---- C:\Windows\system32\wfp
2017-10-30 21:01:09 ----D---- C:\Windows\system32\wbem
2017-10-30 21:01:09 ----D---- C:\Windows
2017-10-30 20:48:10 ----D---- C:\ProgramData\F-Secure
2017-10-30 18:36:41 ----HD---- C:\Config.Msi
2017-10-27 19:35:10 ----D---- C:\Windows\twain_32
2017-10-27 18:52:25 ----D---- C:\Program Files\Common Files\HP
2017-10-27 18:31:00 ----HD---- C:\Users\Milan\AppData\Roaming\Image Zone Express
2017-10-15 08:52:44 ----D---- C:\Windows\Microsoft.NET
2017-10-11 18:17:25 ----D---- C:\Windows\system32\migration
2017-10-11 18:17:25 ----D---- C:\Windows\system32\en-US
2017-10-11 18:17:25 ----D---- C:\Windows\system32\cs-CZ
2017-10-11 18:09:13 ----D---- C:\Windows\system32\MRT
2017-10-11 18:05:06 ----AC---- C:\Windows\system32\MRT.exe
2017-10-11 07:45:48 ----D---- C:\Program Files\Mozilla Thunderbird
2017-10-08 19:18:32 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2017-10-08 15:31:41 ----SD---- C:\Users\Milan\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 252808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 MpKsl3d23dc58;MpKsl3d23dc58; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27F5E6F9-1739-428A-823D-320A26FDDD72}\MpKsl3d23dc58.sys [2017-10-30 40776]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-02-24 100328]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 308200]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-10-21 10858496]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-11-23 3253352]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 105696]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-05-16 391272]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 eapihdrv;eapihdrv; \??\C:\Users\Milan\AppData\Local\Temp\ehdrv.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 103696]
R2 PDF Architect 4 Creator;PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [2016-01-15 772832]
R2 PDF Architect 4 Manager;PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [2015-10-05 959248]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2012-11-22 1522312]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2012-11-22 905864]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2016-09-21 4088608]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2016-11-24 235984]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 280864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 104960]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-05 175568]
S3 PDF Architect 4 CrashHandler;PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [2016-01-15 970464]
S3 PDF Architect 4;PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2016-01-15 2220768]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-25 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Kodlz · #2 Příspěvek od **Kodlz** » 31 říj 2017 09:35

Ahoj,
Poprosim o vlozeni logu FRST.txt a Addition.txt z aplikace FRSTLauncher.exe (Farbar Recovery Scan Tool). Navod naleznes zde: https://forum.viry.cz/viewtopic.php?f=13&t=152707
Obsah Additional.txt muzes vlozit rovnou sem do vlakna.

Poprosim Te take, zda by si mi vedel poslat printscreen z Task manageru serazeneho podle vytizeni pameti, aby sem vedel ktere aplikace a kolik ti berou pameti.

milav · #3 Příspěvek od **milav** » 31 říj 2017 10:04

Ahoj. S tím print screenem se zkusím nějak poprat.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-10-2017
Ran by Milan (administrator) on MILAN-PC (31-10-2017 09:51:07)
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(Â© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Users\Milan\AppData\Roaming\Seznam.cz\bin\~~erase-399112-5428-40367.$$$
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(forum.viry.cz) C:\Users\Milan\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9874024 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1983816 2009-07-27] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM\...\Run: [OrderReminder] => C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [98304 2005-03-18] (Hewlett-Packard)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-3185578175-294760507-565108644-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [5915776 2016-03-21] (Safer-Networking Ltd.)
HKU\S-1-5-21-3185578175-294760507-565108644-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7648984 2017-06-13] (Piriform Ltd)
HKU\S-1-5-21-3185578175-294760507-565108644-1000\...\Run: [Dropbox Update] => C:\Users\Milan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-3185578175-294760507-565108644-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3185578175-294760507-565108644-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Milan\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3185578175-294760507-565108644-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Milan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3185578175-294760507-565108644-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-3185578175-294760507-565108644-1000\...\RunOnce: [SeznamInstall-uninstall:6a554ab8e493479525f55210b0b6dfed] => C:\Users\Milan\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2017-10-30] () <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2011-12-26]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-12-26]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3FDCC64A-7CFA-4651-B704-1F461A4FD72C}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3185578175-294760507-565108644-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3185578175-294760507-565108644-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=29530
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3185578175-294760507-565108644-1000 -> {0AE2AEBE-219A-487C-91F5-4BAED3A4D42F} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_29530
SearchScopes: HKU\S-1-5-21-3185578175-294760507-565108644-1000 -> {21847039-42C1-4622-9A82-ABEBC42DC68F} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-3185578175-294760507-565108644-1000 -> {2204E442-5DC4-4F6D-AA92-5A4E16F4278E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-3185578175-294760507-565108644-1000 -> {331D243F-EA60-4426-8098-EACD2C3BC6B0} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_29530
SearchScopes: HKU\S-1-5-21-3185578175-294760507-565108644-1000 -> {72FA176B-A3CD-442A-8A4A-4A43EB529059} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_29530
SearchScopes: HKU\S-1-5-21-3185578175-294760507-565108644-1000 -> {73C79A96-C317-45DA-912C-91C6A6BB72C1} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-3185578175-294760507-565108644-1000 -> {B035C288-8426-4E3C-BC50-1F4A54FDF7FA} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_29530
SearchScopes: HKU\S-1-5-21-3185578175-294760507-565108644-1000 -> {BB9DE296-C17A-4360-897C-DB397FC82C75} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-3185578175-294760507-565108644-1000 -> {CDB3A312-DBC3-47CE-A6ED-AFBAA64AAF28} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-3185578175-294760507-565108644-1000 -> {F5B8D723-BE88-4B71-B1D3-7A38F4DEC806} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
BHO: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files\PDF Architect 4\creator-ie-helper.dll [2016-01-15] (pdfforge GmbH)
BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files\PDF Architect\PDFIEHelper.dll [2012-11-22] (pdfforge GbR)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13] (Safer-Networking Ltd.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
Toolbar: HKLM - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files\PDF Architect 4\creator-ie-plugin.dll [2016-01-15] (pdfforge GmbH)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qrar7tc0.default [2017-10-31]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\qrar7tc0.default -> Seznam
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\qrar7tc0.default ->
FF Homepage: Mozilla\Firefox\Profiles\qrar7tc0.default -> hxxps://www.seznam.cz/
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qrar7tc0.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-10-30]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qrar7tc0.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-30]
FF Extension: (No Name) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\qrar7tc0.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (Skype extension for Firefox) - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2017-07-02] [not signed]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files\PDF Architect\FFPDFArchitectExt [2012-11-28] [not signed]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-05-11] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-30] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-11] (Hewlett-Packard Co.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2220768 2016-01-15] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [970464 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [772832 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (Â© pdfforge GmbH.)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [100328 2011-02-24] (ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [308200 2011-02-24] (ASMedia Technology Inc)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation)
R1 MpKsl3d23dc58; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{27F5E6F9-1739-428A-823D-320A26FDDD72}\MpKsl3d23dc58.sys [40776 2017-10-30] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 eapihdrv; \??\C:\Users\Milan\AppData\Local\Temp\ehdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-31 09:51 - 2017-10-31 09:51 - 000017240 _____ C:\Users\Milan\Desktop\FRST.txt
2017-10-31 09:50 - 2017-10-31 09:51 - 000000000 ____D C:\FRST
2017-10-31 09:49 - 2017-10-31 09:49 - 000112640 _____ (forum.viry.cz) C:\Users\Milan\Desktop\FRSTLauncher.exe
2017-10-31 09:47 - 2017-10-31 09:48 - 001799680 _____ (Farbar) C:\Users\Milan\Desktop\FRST.exe
2017-10-30 22:20 - 2017-10-30 22:21 - 000000000 ____D C:\rsit
2017-10-30 18:00 - 2017-10-30 18:00 - 000000000 ____D C:\Users\Milan\Desktop\Původní data aplikace Firefox
2017-10-27 18:09 - 2017-10-30 22:00 - 000000000 ____D C:\Users\Milan\AppData\Local\IIIQF
2017-10-27 18:09 - 2017-10-30 22:00 - 000000000 ____D C:\ProgramData\~0
2017-10-27 10:02 - 2017-10-27 18:29 - 000123665 _____ C:\Windows\hpgins21.dat.temp
2017-10-26 16:41 - 2007-05-02 10:39 - 000000282 _____ C:\Windows\hpgmdl21.dat.temp
2017-10-26 16:17 - 2017-10-30 22:00 - 000000000 ___RD C:\Users\Milan\Documents\Scanned Documents
2017-10-26 16:17 - 2017-10-30 22:00 - 000000000 ____D C:\Users\Milan\Documents\Fax
2017-10-19 21:28 - 2017-10-30 22:00 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-10-11 18:05 - 2017-10-11 18:05 - 124059592 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-11 07:57 - 2017-09-13 16:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-10-11 07:57 - 2017-09-13 16:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-11 07:57 - 2017-09-13 16:13 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-11 07:57 - 2017-09-13 16:13 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-11 07:57 - 2017-09-13 16:10 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-10-11 07:57 - 2017-09-13 16:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-10-11 07:57 - 2017-09-13 16:08 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-11 07:57 - 2017-09-13 16:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-10-11 07:57 - 2017-09-13 16:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-10-11 07:57 - 2017-09-13 16:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-11 07:57 - 2017-09-13 16:08 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-10-11 07:57 - 2017-09-13 16:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-10-11 07:57 - 2017-09-13 16:08 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-10-11 07:57 - 2017-09-13 16:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-10-11 07:57 - 2017-09-13 16:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-10-11 07:57 - 2017-09-13 15:53 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-11 07:57 - 2017-09-13 15:50 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-10-11 07:57 - 2017-09-13 15:50 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-10-11 07:57 - 2017-09-13 15:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-10-11 07:57 - 2017-09-13 15:50 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-10-11 07:57 - 2017-09-13 15:50 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-10-11 07:57 - 2017-09-13 15:48 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-10-11 07:57 - 2017-09-13 15:46 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-11 07:57 - 2017-09-13 15:46 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-10-11 07:57 - 2017-09-13 15:46 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-11 07:57 - 2017-09-13 15:46 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-10-11 07:57 - 2017-09-13 15:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-10-11 07:57 - 2017-09-13 15:46 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-11 07:57 - 2017-09-13 15:46 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-11 07:57 - 2017-09-09 00:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-10-11 07:57 - 2017-09-08 16:14 - 001213672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-11 07:57 - 2017-09-08 16:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-11 07:57 - 2017-09-08 16:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-10-11 07:57 - 2017-09-08 16:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-11 07:57 - 2017-09-08 16:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-11 07:57 - 2017-09-08 16:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-10-11 07:57 - 2017-09-08 16:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-10-11 07:57 - 2017-09-08 16:09 - 000306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-10-11 07:57 - 2017-09-08 16:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-10-11 07:57 - 2017-09-08 16:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-10-11 07:57 - 2017-09-08 16:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-10-11 07:57 - 2017-09-08 16:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-11 07:57 - 2017-09-08 16:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-11 07:57 - 2017-09-08 16:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-11 07:57 - 2017-09-08 15:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-10-11 07:57 - 2017-09-08 15:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-10-11 07:57 - 2017-09-08 15:50 - 002402304 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-10-11 07:57 - 2017-09-08 15:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2017-10-11 07:57 - 2017-09-08 15:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2017-10-11 07:57 - 2017-09-08 15:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2017-10-11 07:57 - 2017-09-07 20:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-10-11 07:57 - 2017-09-07 20:26 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-10-11 07:57 - 2017-09-07 20:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-10-11 07:57 - 2017-09-07 20:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-10-11 07:57 - 2017-09-07 20:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-10-11 07:57 - 2017-09-07 20:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-10-11 07:57 - 2017-09-07 20:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-10-11 07:57 - 2017-09-07 20:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-11 07:57 - 2017-09-07 20:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-10-11 07:57 - 2017-09-07 20:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-10-11 07:57 - 2017-09-07 20:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-10-11 07:57 - 2017-09-07 19:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-10-11 07:57 - 2017-09-07 19:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-11 07:57 - 2017-09-07 19:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-11 07:57 - 2017-09-07 19:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-10-11 07:57 - 2017-09-07 19:58 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-10-11 07:57 - 2017-09-07 19:52 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-11 07:57 - 2017-09-07 19:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-10-11 07:57 - 2017-09-07 19:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-10-11 07:57 - 2017-09-07 19:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-11 07:57 - 2017-09-07 19:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-10-11 07:57 - 2017-09-07 19:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-10-11 07:57 - 2017-09-07 19:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-10-11 07:57 - 2017-09-07 19:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-10-11 07:57 - 2017-09-07 19:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-10-11 07:57 - 2017-09-07 19:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-11 07:57 - 2017-09-07 19:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-10-11 07:57 - 2017-09-07 19:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-10-11 07:57 - 2017-09-07 19:26 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-10-11 07:57 - 2017-09-07 19:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-10-11 07:57 - 2017-09-07 19:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-10-11 07:57 - 2017-09-07 19:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-11 07:57 - 2017-09-07 19:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-11 07:57 - 2017-09-07 18:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-11 07:57 - 2017-09-07 18:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-10-11 07:57 - 2017-09-07 16:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-10-11 07:57 - 2017-09-07 15:48 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-11 07:57 - 2017-09-07 15:48 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-11 07:57 - 2017-09-07 15:48 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-10-11 07:57 - 2017-08-19 16:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-10-11 07:57 - 2017-08-19 16:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-11 07:57 - 2017-08-19 16:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-10-11 07:57 - 2017-08-19 15:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-10-11 07:57 - 2017-08-19 15:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-10-11 07:57 - 2017-08-14 18:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-10-11 07:57 - 2017-08-14 18:35 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-10-11 07:57 - 2017-08-13 22:35 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-10-08 19:37 - 2017-10-09 08:26 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Adobe
2017-10-01 19:04 - 2017-10-01 19:04 - 000132864 _____ C:\Users\Milan\Downloads\sklolaminatove-desky-a-role-technicke-informace.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-31 09:50 - 2015-07-16 05:38 - 000000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3185578175-294760507-565108644-1000UA.job
2017-10-31 09:39 - 2016-11-19 08:30 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Mozilla
2017-10-31 09:30 - 2012-01-11 23:21 - 000000000 ___HD C:\Users\Milan\AppData\LocalLow\Temp
2017-10-31 08:48 - 2009-07-14 05:34 - 000028944 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-31 08:48 - 2009-07-14 05:34 - 000028944 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-31 08:43 - 2011-04-12 02:37 - 000668882 _____ C:\Windows\system32\perfh005.dat
2017-10-31 08:43 - 2011-04-12 02:37 - 000141542 _____ C:\Windows\system32\perfc005.dat
2017-10-31 08:43 - 2010-11-20 22:01 - 001584626 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-31 08:43 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2017-10-31 08:37 - 2011-12-24 20:49 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Skype
2017-10-30 23:04 - 2013-03-18 21:28 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-10-30 23:04 - 2011-12-25 20:58 - 000000000 ___HD C:\Users\Milan\AppData\Local\Adobe
2017-10-30 23:04 - 2011-12-24 22:55 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-10-30 23:04 - 2011-12-24 22:55 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-30 22:33 - 2013-04-26 20:15 - 000000000 ____D C:\Program Files\trend micro
2017-10-30 22:07 - 2015-04-27 21:16 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Seznam.cz
2017-10-30 22:00 - 2017-07-02 21:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-10-30 22:00 - 2017-02-20 23:37 - 000000000 ____D C:\Users\Milan\AppData\Local\FSDART
2017-10-30 22:00 - 2013-06-29 18:53 - 000000000 ____D C:\ProgramData\McAfee
2017-10-30 22:00 - 2012-05-16 21:53 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Dropbox
2017-10-30 22:00 - 2012-05-03 06:09 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-10-30 22:00 - 2011-12-26 11:45 - 000000000 ____D C:\ProgramData\HP Product Assistant
2017-10-30 22:00 - 2011-12-25 22:31 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-10-30 22:00 - 2011-12-24 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-10-30 22:00 - 2011-12-24 20:03 - 000000000 ____D C:\Program Files\CCleaner
2017-10-30 22:00 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\registration
2017-10-30 21:58 - 2011-12-26 11:44 - 000000000 ____D C:\Program Files\HP
2017-10-30 21:01 - 2011-12-24 15:04 - 000000000 ____D C:\Users\Milan
2017-10-30 21:01 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-30 20:48 - 2017-02-20 23:37 - 000000000 ____D C:\ProgramData\F-Secure
2017-10-27 19:00 - 2011-12-26 11:44 - 000123676 _____ C:\Windows\hpgins21.dat
2017-10-27 19:00 - 2011-12-26 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-10-27 18:52 - 2011-12-26 11:46 - 000000000 ____D C:\Program Files\Common Files\HP
2017-10-27 18:31 - 2012-01-05 21:01 - 000000000 ___HD C:\Users\Milan\AppData\Roaming\Image Zone Express
2017-10-27 14:21 - 2015-07-16 05:38 - 000000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3185578175-294760507-565108644-1000Core.job
2017-10-26 20:04 - 2011-12-26 13:24 - 000000000 ___HD C:\Users\Milan\Documents\Moje naskenované obrázky
2017-10-11 18:19 - 2009-07-14 05:33 - 000305632 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-11 18:09 - 2013-08-13 23:07 - 000000000 ____D C:\Windows\system32\MRT
2017-10-11 18:05 - 2011-12-28 10:05 - 124059592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-10-11 07:45 - 2016-12-28 19:16 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2017-10-03 20:09 - 2015-02-17 20:54 - 000029852 _____ C:\Users\Milan\Desktop\Alternátor.odt

==================== Files in the root of some directories =======

2015-02-13 23:26 - 2015-02-13 23:26 - 006103040 _____ () C:\Program Files\GUT7501.tmp
2016-05-03 21:28 - 2016-05-03 21:28 - 000000091 _____ () C:\Users\Milan\AppData\Roaming\Safer-Networking.log
2014-06-08 22:15 - 2014-06-08 22:15 - 000000000 _____ () C:\Users\Milan\AppData\Roaming\Microsoft\3B5B.tmp
2013-03-22 20:27 - 2015-11-16 08:40 - 000004608 _____ () C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-04 12:00 - 2017-07-30 20:04 - 000007598 _____ () C:\Users\Milan\AppData\Local\Resmon.ResmonCfg
2011-12-24 20:54 - 2011-12-24 20:54 - 000000056 _____ () C:\ProgramData\ezsidmv.dat
2011-12-26 11:44 - 2017-10-27 19:44 - 000009589 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Users\Milan\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

Some files in TEMP:
====================
2017-10-30 22:07 - 2017-10-30 22:07 - 000534528 _____ () C:\Users\Milan\AppData\Local\temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3185578175-294760507-565108644-1000Core.job => C:\Users\Milan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3185578175-294760507-565108644-1000UA.job => C:\Users\Milan\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: Spybot - Search and Destroy (Disabled - Out of date) {1A0DDE8C-B4BA-EFDD-22A8-0F557C7985F0}
AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Milan\Desktop" je 78 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

milav · #4 Příspěvek od **milav** » 31 říj 2017 10:18

Dodatečně zasílám printscreen

Kodlz · #5 Příspěvek od **Kodlz** » 31 říj 2017 11:48

Printscreen nevidno.

Na plose, tam kde mas umisteny FRST vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:

( Spusť znovu FRST a klikni na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).

start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:

Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-3185578175-294760507-565108644-1000\...\RunOnce: [SeznamInstall-uninstall:6a554ab8e493479525f55210b0b6dfed] => C:\Users\Milan\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2017-10-30] () <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 eapihdrv; \??\C:\Users\Milan\AppData\Local\Temp\ehdrv.sys [X]
C:\Users\Milan\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
C:\Users\Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [x]
Task: {183CB6D1-7D82-4DD3-8977-704BA590CCC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

end

milav · #6 Příspěvek od **milav** » 31 říj 2017 12:36

Snad jsem to udělal dobře.
Zároveň zkusím znovu připojit printscreen

Fix result of Farbar Recovery Scan Tool (x86) Version: 26-10-2017
Ran by Milan (31-10-2017 12:31:08) Run:1
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan)
Boot Mode: Normal

==============================================

fixlist content:
*****************

*****************

==== End of Fixlog 12:31:08 ====

Kodlz · #7 Příspěvek od **Kodlz** » 31 říj 2017 12:52

ne.... nevlozil jste tam ten text co je v citaci v mem poslednim prispevku. proto to neprovedlo zadnou akci.

milav · #8 Příspěvek od **milav** » 31 říj 2017 13:15

Text jsem zkopíroval ale neuložil. Tak snad teď. Chtělo to po mě restart, má to tak být?

Fix result of Farbar Recovery Scan Tool (x86) Version: 26-10-2017
Ran by Milan (31-10-2017 13:05:59) Run:2
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:

Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-3185578175-294760507-565108644-1000\...\RunOnce: [SeznamInstall-uninstall:6a554ab8e493479525f55210b0b6dfed] => C:\Users\Milan\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2017-10-30] () <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 eapihdrv; \??\C:\Users\Milan\AppData\Local\Temp\ehdrv.sys [X]
C:\Users\Milan\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
C:\Users\Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [x]
Task: {183CB6D1-7D82-4DD3-8977-704BA590CCC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

end
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => key removed successfully.
HKU\S-1-5-21-3185578175-294760507-565108644-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SeznamInstall-uninstall:6a554ab8e493479525f55210b0b6dfed => value removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully.
HKLM\System\CurrentControlSet\Services\AppMgmt => key removed successfully.
AppMgmt => service removed successfully.
HKLM\System\CurrentControlSet\Services\eapihdrv => key removed successfully.
eapihdrv => service removed successfully.
C:\Users\Milan\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => moved successfully
"C:\Users\Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [x]" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{183CB6D1-7D82-4DD3-8977-704BA590CCC1} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{183CB6D1-7D82-4DD3-8977-704BA590CCC1} => key removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8163018 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 7558144 B
Edge => 0 B
Chrome => 95232 B
Firefox => 38120022 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33058 B
Public => 0 B
ProgramData => 0 B
systemprofile => 31575642 B
LocalService => 115860 B
NetworkService => 13006448 B
Milan => 13366781 B

RecycleBin => 907 B
EmptyTemp: => 114.8 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 13:06:41 ====

milav · #9 Příspěvek od **milav** » 31 říj 2017 14:58

Ještě jeden pokus printsceen. Pozdě mi došlo, že přílohy musí být asi zkomprimované.

Kodlz · #10 Příspěvek od **Kodlz** » 31 říj 2017 16:10

Pokud se pc restartovalo tak to vubec nevadi.
Tusim v cem by mohl byt hlavni problem...
Tvoje pc ma jenom 2GB pameti coz popravde v dnesni dobe, kdy naroky aplikaci jsou uz vetsi, nic moc neni.
nejvice pameti momentalne zere firefox (pomalu 1/4 pameti) a dalsi aplikace jsou taky docela hladne.

Urcite by jsem odinstaloval:
Search App by Ask
Seznam Software
Skype Toolbars

muzes jeste zkusit:
Stáhni AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Ulož na plochu
Ukonči všechny programy
Klikni nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vlož.

milav · #11 Příspěvek od **milav** » 31 říj 2017 17:13

Někde jsem četl, že 32 bitový systém stejně neumí pracovat s větší pamětí. Ale možná jsem to pochopil špatně. Nejsem žádný odborník. V opačném případě pouvažuji o rozšíření.
Ty tři věci k odinstalování ani nevím že mám a nepoužívám je. Musely se mi tam dostat asi nějakou mojí neopatrností.
Asi Panely - Programy - Odinstalovat....? I když ten Search App.... jsem v seznamu nenašel...
A dá se teda teď vyloučit, že mám v PC nějakou havěť, která by využívala moje prostředky?

# AdwCleaner 7.0.4.0 - Logfile created on Tue Oct 31 15:56:56 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 7 Home Premium (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files\globalUpdate
Deleted: C:\Users\Milan\AppData\Local\globalUpdate
Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater
Deleted: C:\ProgramData\AskPartnerNetwork
Deleted: C:\ProgramData\Application Data\AskPartnerNetwork
Deleted: C:\Program Files\AskPartnerNetwork
Deleted: C:\Users\All Users\AskPartnerNetwork
Deleted: C:\Users\Milan\AppData\Local\AskPartnerNetwork
Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\Solvusoft
Deleted: C:\ProgramData\apn
Deleted: C:\ProgramData\Application Data\apn
Deleted: C:\Users\All Users\apn
Deleted: C:\Users\Milan\AppData\Roaming\GetNowUpdater
Deleted: C:\Program Files\Internet Speed Checker
Deleted: C:\Program Files\Internet Speed Checker

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC0D210
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\D2A425F405350054677A7A857BC0D210
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC0D210
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
Deleted: [Key] - HKLM\SOFTWARE\AskPartnerNetwork
Deleted: [Key] - HKU\.DEFAULT\Software\AskPartnerNetwork
Deleted: [Key] - HKU\S-1-5-21-3185578175-294760507-565108644-1000\Software\AskPartnerNetwork
Deleted: [Key] - HKU\S-1-5-18\Software\AskPartnerNetwork
Deleted: [Key] - HKCU\Software\AskPartnerNetwork
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-3185578175-294760507-565108644-1000\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C2D01}|InstallSource []

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [7277 B] - [2017/10/31 15:52:55]
C:/AdwCleaner/AdwCleaner[S1].txt - [7346 B] - [2017/10/31 15:56:0]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Kodlz · #12 Příspěvek od **Kodlz** » 01 lis 2017 10:02

No 32bit systemy umeji vyuzit cca 3.25GB z RAM, takze upgrade pameti ti trochu pomuze, ale i tak musis pocitat s tim ze dnesni programy jsou cim dal tim hladovejsi na pamet.
Ja tam nic skodliveho nevidim.
Pokud chces mit jistotu muzeme to jeste proskenovat:
toolem MBAM: http://forum.viry.cz/viewtopic.php?f=29&t=144868
-Nainstaluj,dej úplný sken

-Log zkopíruj sem.

Mozna by jeste nebylo od veci se kouknout co se tam mas nainstalovane a odinstalovat to co nepouzivas ( po scanu i MBAM). i tim se da usetrit nejaka pamet.

Muzes po tom jeste smazat nepotřebné soubory pomocí CCleaneru

navod:

Cleaner/Čistič - vyčistí PC od nepotřebných souborů a vysypeš Koš

Registry - vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
- čištění registru je třeba několikrát zopakovat !

Tools/Nástroje - zde muzes odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

milav · #13 Příspěvek od **milav** » 01 lis 2017 10:49

Zbytečné progaramy oidinstaluji, jsem si vědom, že mi tam nějaké zabírají místo. Ccleaner mám nainstalovaný a používám ho na čištění od smetí a čištění registrů. Asi pomocí něj i odinstluji zbytečnosti.

Soubory, které mi našel Malwerbytes jsem poslal do karantény a pro dokončení vyžaduje restart. Ten provedu po odesládí této zprávy.

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 01.11.17
Čas skenování: 10:17
Logovací soubor: 74b4a116-bee5-11e7-8f8f-14dae9d76822.json
Správce: Ano

-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.3148
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: Milan-PC\Milan

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 264368
Zjištěné hrozby: 14
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 10 min, 51 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 1
PUP.Optional.Spigot, HKU\S-1-5-21-3185578175-294760507-565108644-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F5B8D723-BE88-4B71-B1D3-7A38F4DEC806}, Žádná uživatelská akce, [648], [243431],1.0.3148

Hodnota v registru: 2
PUP.Optional.Spigot, HKU\S-1-5-21-3185578175-294760507-565108644-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F5B8D723-BE88-4B71-B1D3-7A38F4DEC806}|URL, Žádná uživatelská akce, [648], [243431],1.0.3148
PUP.Optional.Spigot, HKU\S-1-5-21-3185578175-294760507-565108644-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F5B8D723-BE88-4B71-B1D3-7A38F4DEC806}|OSDFILEURL, Žádná uživatelská akce, [648], [243432],1.0.3148

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 3
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\bin\TEMP, Žádná uživatelská akce, [10469], [177205],1.0.3148
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\bin, Žádná uživatelská akce, [10469], [177205],1.0.3148
PUP.Optional.FlyingDeals, C:\PROGRAM FILES\FLYING DEALS, Žádná uživatelská akce, [10469], [177205],1.0.3148

Soubor: 8
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\bin\FlyingDeals.expext.zip, Žádná uživatelská akce, [10469], [177205],1.0.3148
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\bin\BrowserAdapter.7z, Žádná uživatelská akce, [10469], [177205],1.0.3148
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\bin\eula.txt, Žádná uživatelská akce, [10469], [177205],1.0.3148
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\bin\FlyingDeals.PurBrowseG.zip, Žádná uživatelská akce, [10469], [177205],1.0.3148
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\bin\utilFlyingDeals.InstallState, Žádná uživatelská akce, [10469], [177205],1.0.3148
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\updateFlyingDeals.InstallState, Žádná uživatelská akce, [10469], [177205],1.0.3148
PUP.Optional.CrossRider, C:\USERS\MILAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRAR7TC0.DEFAULT\PREFS.JS, Žádná uživatelská akce, [223], [301531],1.0.3148
PUP.Optional.Solvusoft, C:\PROGRAMDATA\~0\DRIVERDOCSETUP.EXE, Žádná uživatelská akce, [361], [331663],1.0.3148

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

milav · #14 Příspěvek od **milav** » 01 lis 2017 11:00

Posílám ještě log, který mi to nabídlo po restartu.

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 01.11.17
Čas skenování: 10:17
Logovací soubor: 74b4a116-bee5-11e7-8f8f-14dae9d76822.json
Správce: Ano

-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.3148
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: Milan-PC\Milan

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 264368
Zjištěné hrozby: 14
Hrozby umístěné do karantény: 14
Uplynulý čas: 10 min, 51 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 1
PUP.Optional.Spigot, HKU\S-1-5-21-3185578175-294760507-565108644-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F5B8D723-BE88-4B71-B1D3-7A38F4DEC806}, V karanténě, [648], [243431],1.0.3148

Hodnota v registru: 2
PUP.Optional.Spigot, HKU\S-1-5-21-3185578175-294760507-565108644-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F5B8D723-BE88-4B71-B1D3-7A38F4DEC806}|URL, V karanténě, [648], [243431],1.0.3148
PUP.Optional.Spigot, HKU\S-1-5-21-3185578175-294760507-565108644-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F5B8D723-BE88-4B71-B1D3-7A38F4DEC806}|OSDFILEURL, V karanténě, [648], [243432],1.0.3148

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 3
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\bin\TEMP, V karanténě, [10469], [177205],1.0.3148
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\bin, V karanténě, [10469], [177205],1.0.3148
PUP.Optional.FlyingDeals, C:\PROGRAM FILES\FLYING DEALS, V karanténě, [10469], [177205],1.0.3148

Soubor: 8
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\bin\FlyingDeals.expext.zip, V karanténě, [10469], [177205],1.0.3148
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\bin\BrowserAdapter.7z, V karanténě, [10469], [177205],1.0.3148
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\bin\eula.txt, V karanténě, [10469], [177205],1.0.3148
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\bin\FlyingDeals.PurBrowseG.zip, V karanténě, [10469], [177205],1.0.3148
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\bin\utilFlyingDeals.InstallState, V karanténě, [10469], [177205],1.0.3148
PUP.Optional.FlyingDeals, C:\Program Files\Flying Deals\updateFlyingDeals.InstallState, V karanténě, [10469], [177205],1.0.3148
PUP.Optional.CrossRider, C:\USERS\MILAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRAR7TC0.DEFAULT\PREFS.JS, Nahrazen, [223], [301531],1.0.3148
PUP.Optional.Solvusoft, C:\PROGRAMDATA\~0\DRIVERDOCSETUP.EXE, V karanténě, [361], [331663],1.0.3148

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

Kodlz · #15 Příspěvek od **Kodlz** » 01 lis 2017 11:02

Jen se chci ujistit zda jste opravdu dal presunout do karanteny, protoze vsude je napsane "Žádná uživatelská akce"?
jeste jednou Vas poprosim o FRST.txt a Addition.txt log.

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu