altrok píše:Dobry den,
sice jsem vesteckou kouli dostal do opatrovnictvi, ale na takove urovni s ni zachazet jeste neumim. Poprosim Vas tedy o logy z FRST, at muzeme problemy alespon identifikovat a nasledne se pokusit o jejich odstraneni
http://forum.viry.cz/viewtopic.php?f=13&t=133100
-------------------------------------------------------------------------------------
hehe
omluva, nevšiml jsem si že se to nenahrálo. Stáhl jsem oba soubory, ale luncher pořád hlásí že FRST64 není na ploše, zkoušel jsem vypnout antivir, nastavit trvale obou správce atd... nakonec jsem spustil jen ten frst64 bez toho luncheru a dostal z něj toto:
v raru je pak addition + printscreen z Malwarebytes Anti-Malware - detekce viru PUP.Optional.CrossRider, to samé jsem dal včera vyčistit .
děkuju Lukáš
--------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-11-2015
Ran by lukas (administrator) on NOTEBOOK-6 (27-11-2015 09:15:07)
Running from D:\- Lukin Data\Desktop
Loaded Profiles: lukas & winpostgr & (Available Profiles: lukas & winpostgr)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(CSH spol. s r.o.) C:\Program Files (x86)\CSH\DomovSrv\DomovSrv.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.CSH2014\MSSQL\Binn\sqlservr.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\WinStrom\pgsql\9.3\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\WinStrom\pgsql\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\WinStrom\pgsql\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\WinStrom\pgsql\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\WinStrom\pgsql\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\WinStrom\pgsql\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\WinStrom\pgsql\9.3\bin\postgres.exe
(FlexiBee Systems s.r.o.) C:\Program Files (x86)\WinStrom\WinStromService.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_65\bin\java.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1511.24020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(eM Client, Inc.) C:\Program Files (x86)\eM Client\MailClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795912 2015-09-19] (NVIDIA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-09-19] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-10-22] (IDT, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-09-24] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [607584 2015-03-18] (Copyright 2013 SAMSUNG)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-530442407-2899243224-74396006-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48138880 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-530442407-2899243224-74396006-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-530442407-2899243224-74396006-1001\...\Run: [GoogleChromeAutoLaunch_335DEAC781E571D7D2368A08FFCEB343] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-530442407-2899243224-74396006-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568216 2015-10-12] (Google)
HKU\S-1-5-21-530442407-2899243224-74396006-1001\...\MountPoints2: {3bb0680e-5f17-11e5-9bc4-54bef7555d3c} - "E:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-530442407-2899243224-74396006-1001\...\MountPoints2: {c86403bf-5f15-11e5-9bc2-806e6f6e6963} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48138880 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_335DEAC781E571D7D2368A08FFCEB343] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568216 2015-10-12] (Google)
HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3bb0680e-5f17-11e5-9bc4-54bef7555d3c} - "E:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {c86403bf-5f15-11e5-9bc2-806e6f6e6963} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48138880 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [GoogleChromeAutoLaunch_335DEAC781E571D7D2368A08FFCEB343] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568216 2015-10-12] (Google)
HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {3bb0680e-5f17-11e5-9bc4-54bef7555d3c} - "E:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {c86403bf-5f15-11e5-9bc2-806e6f6e6963} - "E:\LaunchU3.exe" -a
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Manažer služeb CSH.lnk [2015-10-27]
ShortcutTarget: Manažer služeb CSH.lnk -> C:\Program Files (x86)\CSH\CSHSvMgr\CSHSvMgr.exe (CSH spol. s r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.254
Tcpip\..\Interfaces\{665f181d-671a-4723-ba0a-554c6cbcbbf7}: [DhcpNameServer] 192.168.0.1 192.168.0.254
Internet Explorer:
==================
HKU\S-1-5-21-530442407-2899243224-74396006-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.seznam.cz/
HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.seznam.cz/
HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.seznam.cz/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-13] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-13] (Oracle Corporation)
DPF: HKLM-x32 {4E94DD12-E0E0-5C87-9E61-4F4C4B0052BB} hxxp://192.168.0.232:5000/webman/3rdparty/SurveillanceStation/object/SurveillanceHelper.cab?undefined
DPF: HKLM-x32 {D63FBD76-6EAA-43C0-BAFB-474D5FD9AD3F} hxxp://192.168.0.232:5000/webman/3rdparty/SurveillanceStation/object/SurveillancePlugin.cab?undefined
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin: synology.com/SurveillanceHelper -> C:\Program Files (x86)\Synology\SurveillanceHelper\1.0.0.5\npSurveillanceHelper_x86_64.dll [2015-10-28] (Synology)
FF Plugin: synology.com/SurveillancePlugin_x86_64 -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.770\npSurveillancePlugin_x86_64.dll [2015-10-28] (Synology)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: synology.com/SurveillanceHelper -> C:\Program Files (x86)\Synology\SurveillanceHelper\1.0.0.5\npSurveillanceHelper.dll [2015-10-28] (Synology)
FF Plugin-x32: synology.com/SurveillancePlugin -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.770\npSurveillancePlugin.dll [2015-10-28] (Synology)
Chrome:
=======
CHR HomePage: Default -> hxxp://
www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://
www.seznam.cz/"
CHR Profile: C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-20]
CHR Extension: (Dokumenty Google) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-20]
CHR Extension: (Disk Google) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-24]
CHR Extension: (Vyhledávání Google) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-20]
CHR Extension: (Page Analytics (by Google)) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2015-11-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (feedly) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2015-09-21]
CHR Extension: (Lyoness Cashback Bar) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibocncflemnoggjhchgnakpnhdiajnjl [2015-09-21]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2015-11-20]
CHR Extension: (Bleaner) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-11-25]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-10-20]
CHR Extension: (ASANA Translate) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmmjfjdbamonmaajclfcpicaanaonlfc [2015-09-29]
CHR Extension: (Rozšíření Odběry RSS (od Googlu)) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2015-09-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-20]
CHR Extension: (Gmail) - C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-20]
CHR HKU\S-1-5-21-530442407-2899243224-74396006-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-530442407-2899243224-74396006-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 CSHDomovnik_Service; C:\Program Files (x86)\CSH\DomovSrv\DomovSrv.exe [1909952 2015-09-29] (CSH spol. s r.o.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-09-24] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-09-19] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
R2 MSSQL$CSH2014; C:\Program Files\Microsoft SQL Server\MSSQL12.CSH2014\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2015-03-18] (Copyright 2013 SAMSUNG)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Service1; C:\Program Files (x86)\WinStrom\winstromservice.exe [586752 2015-06-15] (FlexiBee Systems s.r.o.) [File not signed]
S4 SQLAgent$CSH2014; C:\Program Files\Microsoft SQL Server\MSSQL12.CSH2014\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340992 2014-10-22] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-09-19] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WinStrom-PostgreSQL; C:\Program Files (x86)\WinStrom\pgsql\9.3\bin\pg_ctl.exe [76800 2014-03-18] (PostgreSQL Global Development Group) [File not signed]
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [X]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [X]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 BTHprint; C:\Windows\system32\DRIVERS\bthprint.sys [65024 2015-07-10] (Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [41080 2015-10-12] ()
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-09-19] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [74344 2013-07-03] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-11-27] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-09-19] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-09-19] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-11-18] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1065472 2013-08-30] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-27 09:14 - 2015-11-27 09:15 - 00000000 ____D C:\FRST
2015-11-27 09:10 - 2015-11-27 09:10 - 00015327 _____ C:\Users\lukas\Desktop\LM.bat
2015-11-27 09:10 - 2015-11-27 09:07 - 02348544 _____ (Farbar) C:\Users\Default\Desktop\FRST64.exe
2015-11-27 09:10 - 2015-11-27 09:07 - 02348544 _____ (Farbar) C:\Users\Default User\Desktop\FRST64.exe
2015-11-27 09:10 - 2015-11-27 09:05 - 00112640 _____ (forum.viry.cz) C:\Users\Default\Desktop\FRSTLauncher.exe
2015-11-27 09:10 - 2015-11-27 09:05 - 00112640 _____ (forum.viry.cz) C:\Users\Default User\Desktop\FRSTLauncher.exe
2015-11-27 09:05 - 2015-11-27 09:14 - 00029696 _____ C:\Users\lukas\AppData\Local\MSGBOX.EXE
2015-11-27 08:45 - 2015-11-27 08:45 - 00016148 _____ C:\Windows\system32\NOTEBOOK-6_lukas_HistoryPrediction.bin
2015-11-27 08:39 - 2015-11-27 08:39 - 00000000 ___HD C:\OneDriveTemp
2015-11-26 12:09 - 2015-11-26 12:09 - 00000000 ____D C:\rsit
2015-11-26 12:09 - 2015-11-26 12:09 - 00000000 ____D C:\Program Files\trend micro
2015-11-24 12:43 - 2015-11-24 12:43 - 00001480 _____ C:\Users\lukas\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-11-22 18:35 - 2015-11-22 18:35 - 00000000 ____D C:\Users\lukas\.android
2015-11-22 16:24 - 2015-11-22 16:24 - 00000000 ____D C:\Users\lukas\AppData\Roaming\SAMSUNG
2015-11-22 16:24 - 2015-11-22 16:24 - 00000000 ____D C:\Upload
2015-11-22 16:24 - 2015-11-22 16:24 - 00000000 ____D C:\ProgramData\SAMSUNG
2015-11-22 16:24 - 2015-11-22 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-11-22 16:23 - 2015-11-22 16:24 - 00000000 ____D C:\Program Files\Samsung
2015-11-22 09:23 - 2015-11-27 08:56 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-22 09:23 - 2015-11-22 09:23 - 00001167 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-22 09:23 - 2015-11-22 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-22 09:23 - 2015-11-22 09:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-22 09:23 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-22 09:23 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-22 09:23 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-11-21 19:45 - 2015-11-27 08:38 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2015-11-21 19:40 - 2015-11-21 19:40 - 00000016 _____ C:\ProgramData\mntemp
2015-11-20 15:17 - 2015-11-20 15:17 - 00000000 ____D C:\Users\lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-18 17:02 - 2015-11-18 17:02 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-11-18 14:56 - 2015-11-24 17:05 - 00000000 ____D C:\Users\lukas\AppData\Local\CrashDumps
2015-11-18 12:59 - 2015-11-18 12:59 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-11-18 12:59 - 2015-11-18 12:59 - 00000000 ____D C:\ProgramData\RogueKiller
2015-11-14 09:10 - 2015-11-14 09:10 - 00001649 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windomy.lnk
2015-11-14 09:10 - 2015-11-14 09:10 - 00001637 _____ C:\Users\Public\Desktop\Windomy.lnk
2015-11-14 09:10 - 2015-11-14 09:10 - 00000133 _____ C:\Windows\ODBC.INI
2015-11-14 09:10 - 2015-11-14 09:10 - 00000000 ____D C:\WINDOMY
2015-11-13 22:01 - 2015-11-13 22:02 - 00000000 ____D C:\Users\lukas\AppData\Roaming\GHISLER
2015-11-13 22:01 - 2015-11-13 22:01 - 00000000 ____D C:\totalcmd
2015-11-13 17:15 - 2015-11-13 17:15 - 00000000 ____D C:\Users\lukas\AppData\Roaming\Synology
2015-11-13 17:05 - 2015-11-13 17:15 - 00000000 ____D C:\Program Files (x86)\Synology
2015-11-11 16:26 - 2015-10-12 11:09 - 00450971 ____R C:\Windows\system32\Drivers\etc\hosts.20151111-162655.backup
2015-11-11 11:37 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 11:37 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-11-11 11:37 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-11-11 11:37 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 11:37 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2015-11-11 11:37 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 11:37 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2015-11-11 11:37 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2015-11-11 11:37 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-11-11 11:37 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 11:37 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-11-11 11:37 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2015-11-11 11:37 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 11:37 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2015-11-11 11:37 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2015-11-11 11:37 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2015-11-11 11:37 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 11:37 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-11-11 11:37 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2015-11-11 11:37 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-11-11 11:37 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2015-11-11 11:37 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2015-11-11 11:37 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 11:37 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-11-11 11:37 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-11-11 11:37 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2015-11-11 11:37 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 11:37 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 11:37 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-11-11 11:37 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2015-11-11 11:37 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 11:37 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2015-11-11 11:37 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-11-11 11:37 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2015-11-11 11:37 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2015-11-11 11:37 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2015-11-11 11:37 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2015-11-11 11:37 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-11-11 11:37 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2015-11-11 11:37 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2015-11-11 11:37 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 11:37 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-11-11 11:37 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-11-11 11:37 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2015-11-11 11:37 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-11-11 11:37 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 11:37 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 11:37 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 11:37 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 11:37 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 11:37 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2015-11-11 11:37 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2015-11-11 11:37 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2015-11-09 19:04 - 2015-11-21 20:55 - 00000000 ____D C:\Users\winpostgr
2015-11-09 19:04 - 2015-11-10 14:46 - 00000000 ____D C:\Users\lukas\AppData\Roaming\.winstrom
2015-11-09 19:04 - 2015-11-09 19:04 - 00001072 _____ C:\Users\Public\Desktop\FlexiBee.lnk
2015-11-09 19:04 - 2015-11-09 19:04 - 00000020 ___SH C:\Users\winpostgr\ntuser.ini
2015-11-09 19:04 - 2015-11-09 19:04 - 00000000 _SHDL C:\Users\winpostgr\Šablony
2015-11-09 19:04 - 2015-11-09 19:04 - 00000000 _SHDL C:\Users\winpostgr\Soubory cookie
2015-11-09 19:04 - 2015-11-09 19:04 - 00000000 _SHDL C:\Users\winpostgr\Poslední
2015-11-09 19:04 - 2015-11-09 19:04 - 00000000 _SHDL C:\Users\winpostgr\Okolní tiskárny
2015-11-09 19:04 - 2015-11-09 19:04 - 00000000 _SHDL C:\Users\winpostgr\Okolní síť
2015-11-09 19:04 - 2015-11-09 19:04 - 00000000 _SHDL C:\Users\winpostgr\Nabídka Start
2015-11-09 19:04 - 2015-11-09 19:04 - 00000000 _SHDL C:\Users\winpostgr\Dokumenty
2015-11-09 19:04 - 2015-11-09 19:04 - 00000000 _SHDL C:\Users\winpostgr\Data aplikací
2015-11-09 19:04 - 2015-11-09 19:04 - 00000000 _SHDL C:\Users\winpostgr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-11-09 19:04 - 2015-11-09 19:04 - 00000000 _SHDL C:\Users\winpostgr\AppData\Local\Data aplikací
2015-11-09 19:04 - 2015-11-09 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABRA FlexiBee
2015-11-09 19:04 - 2015-09-21 21:14 - 00000000 ____D C:\Users\winpostgr\AppData\Local\Microsoft Help
2015-11-09 19:03 - 2015-11-13 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-09 19:03 - 2015-11-13 17:13 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-09 19:03 - 2015-11-13 17:13 - 00000000 ____D C:\Users\lukas\.oracle_jre_usage
2015-11-09 19:03 - 2015-11-09 19:03 - 00000000 ____D C:\Users\lukas\AppData\Roaming\Sun
2015-11-09 19:03 - 2015-11-09 19:03 - 00000000 ____D C:\Users\lukas\AppData\LocalLow\Sun
2015-11-09 19:02 - 2015-11-25 11:29 - 00000000 ____D C:\winstrom-data
2015-11-09 19:02 - 2015-11-13 17:14 - 00000000 ____D C:\ProgramData\Oracle
2015-11-09 19:02 - 2015-11-13 17:13 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-09 19:02 - 2015-11-09 19:04 - 00000000 ____D C:\Program Files (x86)\WinStrom
2015-11-09 19:02 - 2015-11-09 19:02 - 00000000 ____D C:\Users\lukas\AppData\LocalLow\Oracle
2015-11-09 11:44 - 2015-11-09 11:44 - 00000000 ____D C:\Users\lukas\AppData\Roaming\Mikrotik
2015-11-08 14:38 - 2015-11-08 14:38 - 00000000 ____D C:\ProgramData\VYDAS
2015-11-06 16:51 - 2015-11-06 16:51 - 00002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2015-11-06 16:51 - 2015-11-06 16:51 - 00000000 ____D C:\Users\lukas\AppData\LocalLow\Google
2015-11-03 13:09 - 2015-11-03 13:31 - 00000000 ____D C:\Program Files (x86)\Správa bytů a nemovitostí
2015-11-03 13:09 - 2015-11-03 13:12 - 00266240 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2015-11-03 13:09 - 2015-11-03 13:12 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2015-11-03 13:09 - 2015-11-03 13:12 - 00000000 ____D C:\Users\lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Správa bytů a nemovitostí
2015-11-03 12:30 - 2015-11-03 12:30 - 00002202 _____ C:\Users\Public\Desktop\S3 Kasa.lnk
2015-11-03 12:30 - 2015-11-03 12:30 - 00002197 _____ C:\Users\Public\Desktop\Money S3.lnk
2015-11-03 12:30 - 2015-11-03 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CÍGLER SOFTWARE
2015-11-03 12:29 - 2015-11-03 12:29 - 00000000 ____D C:\Program Files (x86)\CIGLER SOFTWARE
2015-11-03 12:28 - 2015-11-03 12:31 - 00000000 ____D C:\ProgramData\CIGLER SOFTWARE
2015-10-30 20:11 - 2015-11-19 09:49 - 00000000 ___HD C:\$WINDOWS.~BT
2015-10-30 19:19 - 2014-02-21 05:20 - 00248512 _____ (Microsoft Corporation) C:\Windows\system32\SQSRVRES.DLL
2015-10-30 18:16 - 2015-10-30 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-10-30 18:16 - 2015-10-30 18:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-27 09:14 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-11-27 09:06 - 2015-09-29 08:05 - 00000000 ____D C:\Users\lukas\AppData\Roaming\Skype
2015-11-27 09:06 - 2015-09-20 17:55 - 00000992 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-27 08:47 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\AppReadiness
2015-11-27 08:46 - 2015-09-20 19:27 - 00000000 ____D C:\Users\lukas\AppData\Roaming\eM Client
2015-11-27 08:41 - 2015-09-22 11:47 - 00004206 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{ED20ADD5-6D1E-453A-B8EB-24A5C0D60013}
2015-11-27 08:41 - 2015-09-20 17:53 - 00000000 ____D C:\Users\lukas\AppData\Local\Adobe
2015-11-27 08:39 - 2015-10-19 15:38 - 00000000 ___RD C:\Users\lukas\Disk Google
2015-11-27 08:39 - 2015-09-19 22:51 - 00000000 ___RD C:\Users\lukas\OneDrive
2015-11-27 08:38 - 2015-10-10 09:27 - 00001042 _____ C:\Windows\Tasks\qBZPdAu6GGxFjOuLLFKpwMWD.job
2015-11-27 08:38 - 2015-09-20 17:55 - 00000988 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-27 08:38 - 2015-09-19 22:48 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-27 08:38 - 2015-09-19 22:48 - 00000000 __SHD C:\Users\lukas\IntelGraphicsProfiles
2015-11-26 08:36 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-25 17:11 - 2015-09-19 22:45 - 00000000 ____D C:\Users\lukas
2015-11-25 11:36 - 2015-09-19 22:48 - 02043558 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-25 11:36 - 2015-07-10 17:02 - 00845616 _____ C:\Windows\system32\perfh005.dat
2015-11-25 11:36 - 2015-07-10 17:02 - 00188548 _____ C:\Windows\system32\perfc005.dat
2015-11-25 11:36 - 2015-07-10 12:02 - 00000000 ____D C:\Windows\INF
2015-11-25 11:29 - 2015-07-10 13:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-24 15:56 - 2015-09-21 15:24 - 00000000 ____D C:\Users\lukas\AppData\Roaming\VSO
2015-11-21 19:45 - 2015-07-10 10:05 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-11-19 12:40 - 2015-09-21 10:44 - 00003944 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1442828689
2015-11-19 12:40 - 2015-09-21 10:44 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-19 12:40 - 2015-09-21 10:44 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-19 10:35 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\rescache
2015-11-19 09:52 - 2015-09-19 23:31 - 00000000 ____D C:\Windows\Panther
2015-11-18 16:37 - 2015-09-20 22:17 - 00000000 ____D C:\Starcraft - broodwar
2015-11-18 10:53 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-11-18 10:39 - 2015-07-10 13:20 - 00408144 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-18 10:35 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-11-18 09:25 - 2015-09-28 21:25 - 06361488 _____ (MetaQuotes Software Corp.) C:\Windows\system32\MetaViewer64.dll
2015-11-13 17:15 - 2015-07-10 12:04 - 00000000 ___SD C:\Windows\Downloaded Program Files
2015-11-11 11:51 - 2015-09-20 17:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 11:51 - 2015-07-10 11:55 - 00000000 ____D C:\Windows\CbsTemp
2015-11-11 11:48 - 2015-09-19 22:57 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 11:41 - 2015-09-19 22:57 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-06 16:51 - 2015-09-20 17:54 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-03 19:20 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-03 13:16 - 2015-09-19 22:45 - 00000000 ____D C:\Users\lukas\AppData\Local\VirtualStore
2015-10-30 23:36 - 2015-09-29 13:38 - 00000000 ____D C:\Users\lukas\AppData\Roaming\vlc
2015-10-30 21:59 - 2015-09-29 08:05 - 00000000 ____D C:\ProgramData\Skype
2015-10-30 21:42 - 2015-09-20 17:54 - 00003972 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-30 21:42 - 2015-09-20 17:54 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-30 19:27 - 2015-09-20 17:35 - 00000000 ____D C:\Users\lukas\AppData\Local\Microsoft Help
2015-10-30 19:17 - 2015-10-27 15:55 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-10-30 19:17 - 2015-10-27 15:55 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-10-30 18:16 - 2015-09-20 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
==================== Files in the root of some directories =======
2015-09-28 11:15 - 2015-09-29 08:29 - 0000418 _____ () C:\Users\lukas\AppData\Roaming\DESKTOP-BDU8D0B.MTBF.txt
2015-11-24 12:43 - 2015-11-24 12:43 - 0001480 _____ () C:\Users\lukas\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-09-28 11:16 - 2015-09-28 11:16 - 0003584 _____ () C:\Users\lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-27 09:05 - 2015-11-27 09:14 - 0029696 _____ () C:\Users\lukas\AppData\Local\MSGBOX.EXE
2015-10-09 22:17 - 2015-10-09 22:17 - 0026253 _____ () C:\Users\lukas\AppData\Local\recently-used.xbel
2015-09-29 10:15 - 2015-09-29 10:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-10-10 08:15 - 2015-10-10 08:22 - 0000824 _____ () C:\ProgramData\hpzinstall.log
2015-11-21 19:40 - 2015-11-21 19:40 - 0000016 _____ () C:\ProgramData\mntemp
Some files in TEMP:
====================
C:\Users\lukas\AppData\Local\Temp\dllnt_dump.dll
C:\Users\lukas\AppData\Local\Temp\HPInstaller.exe
C:\Users\lukas\AppData\Local\Temp\i4jdel0.exe
C:\Users\lukas\AppData\Local\Temp\InstHelper.exe
C:\Users\lukas\AppData\Local\Temp\sqlite3.dll
C:\Users\lukas\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-13 13:53
==================== End of FRST.txt ============================
MBAM jeste nevycistil vsechno.