Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-12-2015
Ran by M&J (administrator) on MJ91AEX (06-12-2015 17:32:03)
Running from C:\Documents and Settings\M&J\Plocha
Loaded Profiles: M&J (Available Profiles: M&J & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Prolific Technology Inc.) C:\WINDOWS\system32\IoctlSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(PixArt Imaging Incorporation) C:\WINDOWS\PixArt\Pac207\Monitor.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [PAC207_Monitor] => C:\WINDOWS\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Monitor] => C:\WINDOWS\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [18782720 2009-11-02] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [570664 2008-05-28] (Nero AG)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2054360 2009-11-16] (ESET)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKU\S-1-5-21-1935655697-1085031214-1801674531-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1935655697-1085031214-1801674531-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-11-16] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> (None)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.254
Tcpip\..\Interfaces\{7583D67E-2074-4F50-A918-CA5BF8B680ED}: [DhcpNameServer] 192.168.100.254
Tcpip\..\Interfaces\{D36E2C09-75A8-4853-8DA4-007AA3E57A5B}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://
www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1935655697-1085031214-1801674531-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.seznam.cz/
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1935655697-1085031214-1801674531-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\M&J\Data aplikací\Mozilla\Firefox\Profiles\th3gvl0z.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-12-06] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-18] [not signed]
FF HKLM\...\Thunderbird\Extensions: [
eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-01-07] [not signed]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [20680 2009-11-16] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [735960 2009-11-16] (ESET)
R2 PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [116520 2009-11-16] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [108792 2009-11-16] (ESET)
R3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [135048 2009-11-16] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [33096 2009-06-19] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [55768 2009-11-16] (ESET)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2015-12-05] ()
R3 mf; C:\WINDOWS\System32\DRIVERS\mf.sys [63744 2008-04-13] (Microsoft Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NmPar; C:\WINDOWS\System32\DRIVERS\NmPar.sys [80256 2008-12-24] (Windows (R) 2000 DDK provider)
R3 nmserial; C:\WINDOWS\System32\DRIVERS\nmserial.sys [70016 2008-12-16] (Windows (R) 2000 DDK provider)
S3 PAC207; C:\WINDOWS\System32\DRIVERS\PFC027.SYS [616064 2007-10-25] (PixArt Imaging Inc.) [File not signed]
R3 RT73; C:\WINDOWS\System32\DRIVERS\rt73.sys [465152 2008-10-23] (Ralink Technology, Corp.) [File not signed]
S3 RTL8169; C:\WINDOWS\System32\DRIVERS\Rtlh86.sys [168448 2009-07-03] (Realtek ) [File not signed]
S1 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31744 2008-04-14] (Microsoft Corporation)
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-06 17:31 - 2015-12-06 17:31 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-12-06 17:31 - 2015-12-06 17:31 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-12-06 17:31 - 2015-12-06 17:31 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-06 13:00 - 2015-12-06 13:02 - 00000000 ____D C:\AdwCleaner
2015-12-06 12:58 - 2015-12-06 12:59 - 01736704 _____ C:\Documents and Settings\M&J\Plocha\adwcleaner_5.023.exe
2015-12-06 11:28 - 2015-12-06 11:29 - 00055632 _____ C:\Documents and Settings\M&J\Plocha\Addition.txt
2015-12-06 11:27 - 2015-12-06 17:32 - 00008532 _____ C:\Documents and Settings\M&J\Plocha\FRST.txt
2015-12-06 11:27 - 2015-12-06 17:32 - 00000000 ____D C:\FRST
2015-12-06 11:26 - 2015-12-06 11:26 - 01719808 _____ (Farbar) C:\Documents and Settings\M&J\Plocha\FRST.exe
2015-12-06 10:07 - 2015-12-06 10:07 - 00001804 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader XI.lnk
2015-12-06 10:07 - 2015-12-06 10:07 - 00001734 _____ C:\Documents and Settings\All Users\Plocha\Adobe Reader XI.lnk
2015-12-06 08:31 - 2015-12-06 15:26 - 00005686 _____ C:\WINDOWS\SchedLgU.Txt
2015-12-06 08:12 - 2015-12-06 08:12 - 00000682 _____ C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2015-12-06 08:12 - 2015-12-06 08:12 - 00000000 ____D C:\Program Files\CCleaner
2015-12-06 08:12 - 2015-12-06 08:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2015-12-06 07:52 - 2015-12-06 07:52 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2015-12-06 00:06 - 2015-08-15 13:42 - 00000000 ____D C:\Documents and Settings\M&J\Plocha\SpyHunter 4.19.13.4482 & Portable (menin)
2015-12-05 23:54 - 2015-12-05 23:54 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-12-05 23:54 - 2015-12-05 23:54 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes Anti-Malware
2015-12-05 23:54 - 2015-12-05 23:54 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2015-12-05 23:54 - 2015-10-05 09:50 - 00121560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-05 23:54 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-05 23:53 - 2015-11-13 13:27 - 00000000 ____D C:\Documents and Settings\M&J\Plocha\MBAM - MalwareBytes.Anti-Malware.Premium.v2.2.0.1024+activator
2015-12-05 23:38 - 2015-12-05 23:38 - 00019984 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2015-12-05 23:32 - 2015-12-05 23:33 - 00005120 ___SH C:\Documents and Settings\M&J\Data aplikací\Thumbs.db
2015-12-05 23:14 - 2015-12-05 23:14 - 00000000 _____ C:\23990098.$$$
2015-12-05 23:11 - 2015-12-05 23:11 - 06485059 _____ C:\WINDOWS\REGBK00.ZIP
2015-12-05 23:04 - 2015-12-05 23:04 - 00000000 ____D C:\WINDOWS\VDLL.DLL
2015-12-05 23:04 - 2015-12-05 23:04 - 00000000 ____D C:\WINDOWS\system32\runouce.exe
2015-12-05 23:04 - 2015-12-05 23:04 - 00000000 ____D C:\WINDOWS\rundll16.exe
2015-12-05 23:04 - 2015-12-05 23:04 - 00000000 ____D C:\WINDOWS\RUNDL132.EXE
2015-12-05 23:04 - 2015-12-05 23:04 - 00000000 ____D C:\WINDOWS\logo1_.exe
2015-12-05 23:04 - 2015-12-05 23:04 - 00000000 ____D C:\WINDOWS\logo_1.exe
2015-12-05 22:52 - 2015-12-05 23:04 - 00000054 _____ C:\WINDOWS\Lic.xxx
2015-12-05 22:52 - 2015-12-05 22:52 - 00632064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr80.dll
2015-12-05 22:52 - 2015-12-05 22:52 - 00554240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp80.dll
2015-12-05 22:52 - 2015-12-05 22:52 - 00034048 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\system32\eEmpty.exe
2015-12-05 22:52 - 2008-04-14 13:00 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\REGEDIT.COM
2015-12-05 22:52 - 2008-04-14 13:00 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\R.COM
2015-12-05 22:52 - 2008-04-14 13:00 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TASKMGR.COM
2015-12-05 22:52 - 2008-04-14 13:00 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\T.COM
2015-12-05 22:52 - 2005-09-22 23:22 - 00000522 _____ C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest
2015-12-05 22:51 - 2015-12-05 22:51 - 00000000 ____D C:\Program Files\Common Files\MicroWorld
2015-12-05 22:51 - 2015-12-05 22:51 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2015-12-05 22:47 - 2015-12-05 22:47 - 00000000 ____D C:\Documents and Settings\M&J\Plocha\TL-WN321G_100324
2015-12-05 22:47 - 2015-12-05 22:40 - 61052072 _____ C:\Documents and Settings\M&J\Plocha\MWAV.exe
2015-12-05 22:47 - 2008-10-23 11:16 - 00465152 _____ (Ralink Technology, Corp.) C:\WINDOWS\system32\Drivers\rt73.sys
2015-12-05 21:49 - 2015-12-05 22:56 - 00000000 ____D C:\WINDOWS\027B5748C40941FE949B7B81A8304EF4.TMP
2015-12-05 21:49 - 2015-12-05 21:49 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2015-12-05 21:38 - 2015-12-05 21:52 - 00001599 _____ C:\Documents and Settings\Administrator\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-12-05 21:38 - 2015-12-05 21:42 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2015-12-05 21:38 - 2015-12-05 21:40 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2015-12-05 21:38 - 2015-12-05 21:38 - 00000000 ____D C:\Documents and Settings\Administrator
2015-12-05 21:38 - 2015-12-03 13:30 - 00000000 ___HD C:\Documents and Settings\Administrator\Šablony
2015-12-05 21:38 - 2009-12-07 18:09 - 00000000 ___HD C:\Documents and Settings\Administrator\Local Settings\Data aplikací
2015-12-05 21:38 - 2009-12-07 18:09 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft Help
2015-12-05 21:38 - 2009-12-07 18:07 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2015-12-05 21:38 - 2009-10-03 17:02 - 00000000 __RHD C:\Documents and Settings\Administrator\Data aplikací
2015-12-05 21:38 - 2009-10-03 17:02 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
2015-12-05 21:38 - 2009-10-03 17:02 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start
2015-12-05 21:38 - 2009-10-03 17:02 - 00000000 ___HD C:\Documents and Settings\Administrator\Okolní tiskárny
2015-12-05 21:38 - 2009-10-03 17:02 - 00000000 ___HD C:\Documents and Settings\Administrator\Okolní síť
2015-12-05 21:38 - 2009-10-03 17:02 - 00000000 ____D C:\Documents and Settings\Administrator\Plocha
2015-12-05 21:38 - 2009-10-03 17:02 - 00000000 ____D C:\Documents and Settings\Administrator\Oblíbené položky
2015-12-05 21:38 - 2009-10-03 17:02 - 00000000 ____D C:\Documents and Settings\Administrator\Dokumenty
2015-12-05 21:38 - 2009-10-03 15:21 - 00000792 _____ C:\Documents and Settings\Administrator\Nabídka Start\Programy\Windows Media Player.lnk
2015-12-05 21:38 - 2009-10-03 15:21 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy\Příslušenství
2015-12-05 21:38 - 2009-10-03 15:21 - 00000000 ___RD C:\Documents and Settings\Administrator\Nabídka Start\Programy
2015-12-03 19:49 - 2015-12-03 19:49 - 00000000 ___HD C:\WINDOWS\PIF
2015-11-28 11:33 - 2015-12-03 13:47 - 00002116 _____ C:\Documents and Settings\M&J\Plocha\Ryby Agregá
t.txt.id-6304444540_av666@weekendwarrior55.com
2015-11-17 00:29 - 2015-12-03 13:47 - 00235339 _____ C:\Documents and Settings\M&J\Plocha\361_2000 Sb..txt.id-6304444540_av666@weekendwarrior55.com
2015-11-16 10:36 - 2015-11-16 10:46 - 00000724 _____ C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2015-11-15 00:19 - 2015-12-03 13:47 - 00001668 _____ C:\Documents and Settings\M&J\Plocha\Výkon světelných zdrojů.
txt.id-6304444540_av666@weekendwarrior55.com
2015-11-14 20:33 - 2015-12-03 13:47 - 00009172 _____ C:\Documents and Settings\M&J\Plocha\Lumen
Watt.txt.id-6304444540_av666@weekendwarrior55.com
2015-11-12 11:54 - 2015-12-03 13:47 - 00030068 _____ C:\Documents and Settings\M&J\Plocha\AU
Tom.txt.id-6304444540_av666@weekendwarrior55.com
2015-11-12 08:32 - 2015-12-03 13:47 - 00004724 _____ C:\Documents and Settings\M&J\Plocha\AU
Separace.txt.id-6304444540_av666@weekendwarrior55.com
2015-11-11 22:20 - 2015-12-03 13:47 - 00000116 _____ C:\Documents and Settings\M&J\Plocha\
Spektrum.txt.id-6304444540_av666@weekendwarrior55.com
2015-11-09 23:08 - 2015-12-03 13:47 - 00010212 _____ C:\Documents and Settings\M&J\Plocha\
Hnojiva.txt.id-6304444540_av666@weekendwarrior55.com
2015-11-09 18:05 - 2015-12-03 13:47 - 00000820 _____ C:\Documents and Settings\M&J\Plocha\Spektrum
rust.txt.id-6304444540_av666@weekendwarrior55.com
2015-11-08 22:32 - 2015-12-03 13:47 - 00038301 _____ C:\Documents and Settings\M&J\Plocha\Pestoování.
txt.id-6304444540_av666@weekendwarrior55.com
2015-11-06 22:16 - 2015-11-16 10:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-06 17:33 - 2010-02-03 10:28 - 00000330 ____H C:\WINDOWS\Tasks\MP Scheduled Scan.job
2015-12-06 17:32 - 2009-10-03 15:28 - 00000000 ____D C:\Documents and Settings\M&J\Local Settings\Temp
2015-12-06 17:30 - 2014-03-12 07:50 - 00000218 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-12-06 17:30 - 2009-10-03 16:54 - 00000000 ___HD C:\WINDOWS\inf
2015-12-06 17:30 - 2009-10-03 16:54 - 00000000 ____D C:\WINDOWS
2015-12-06 17:30 - 2009-10-03 15:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-06 15:26 - 2009-10-03 15:28 - 00000178 ___SH C:\Documents and Settings\M&J\ntuser.ini
2015-12-06 12:59 - 2010-01-07 13:33 - 00000000 ____D C:\Documents and Settings\M&J\Dokumenty\Stažené soubory
2015-12-06 12:59 - 2009-10-03 15:28 - 00000000 ____D C:\Documents and Settings\M&J\Plocha
2015-12-06 10:07 - 2014-01-07 21:16 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-12-06 10:07 - 2010-01-13 17:50 - 00000000 ____D C:\Program Files\Adobe
2015-12-06 10:07 - 2009-10-05 15:48 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Adobe
2015-12-06 10:07 - 2009-10-03 17:02 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-12-06 10:07 - 2009-10-03 17:02 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-12-06 10:06 - 2009-10-05 15:49 - 00000000 ____D C:\Documents and Settings\M&J\Local Settings\Data aplikací\Adobe
2015-12-06 08:46 - 2009-10-03 15:20 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2015-12-06 08:41 - 2009-10-05 15:48 - 00004384 _____ C:\WINDOWS\WINCMD.INI
2015-12-06 08:21 - 2009-12-23 00:29 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-06 08:21 - 2009-10-03 15:28 - 00000000 ____D C:\Documents and Settings\M&J
2015-12-06 06:34 - 2009-10-03 15:28 - 00000000 ___RD C:\Documents and Settings\M&J\Nabídka Start\Programy\Po spuštění
2015-12-06 02:51 - 2009-10-03 15:24 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
2015-12-05 23:39 - 2009-10-03 15:28 - 00000000 __RHD C:\Documents and Settings\M&J\Data aplikací
2015-12-05 22:57 - 2009-10-03 15:28 - 00000000 ___RD C:\Documents and Settings\M&J\Nabídka Start\Programy
2015-12-05 22:51 - 2009-10-03 17:02 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2015-12-05 22:50 - 2009-10-03 17:03 - 01022012 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-05 22:50 - 2008-04-14 13:00 - 00429454 _____ C:\WINDOWS\system32\perfh005.dat
2015-12-05 22:50 - 2008-04-14 13:00 - 00078466 _____ C:\WINDOWS\system32\perfc005.dat
2015-12-05 22:18 - 2009-10-03 15:28 - 00001599 _____ C:\Documents and Settings\M&J\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-12-05 21:52 - 2009-10-03 15:21 - 00001599 _____ C:\Documents and Settings\Default User\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-12-05 21:38 - 2009-10-03 17:01 - 00000000 ____D C:\Documents and Settings
2015-12-05 21:22 - 2008-04-14 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2015-12-04 13:57 - 2010-09-30 09:10 - 00722452 ____H C:\treeinfo.wc
2015-12-04 13:55 - 2010-01-07 15:25 - 00000000 ____D C:\Program Files\_001
2015-12-04 02:08 - 2014-02-11 09:57 - 00000000 ____D C:\Program Files\_Hotovo
2015-12-04 00:15 - 2009-11-27 22:31 - 00000069 _____ C:\WINDOWS\NeroDigital.ini
2015-12-03 17:37 - 2015-01-10 10:21 - 00000000 ____D C:\Program Files\_Mobil
2015-12-03 13:49 - 2012-05-22 09:52 - 00000000 ____D C:\preload
2015-12-03 13:48 - 2011-08-06 09:55 - 00000000 ____D C:\Documents and Settings\M&J\Dokumenty\@Družstvo_Liben
2015-12-03 13:48 - 2009-12-07 14:35 - 00000000 ____D C:\Documents and Settings\M&J\Dokumenty\@Jana
2015-12-03 13:48 - 2009-10-03 15:28 - 00000000 ___RD C:\Documents and Settings\M&J\Dokumenty\Obrázky
2015-12-03 13:47 - 2015-10-31 15:51 - 00155747 _____ C:\Documents and Settings\M&J\Plocha\Zadost o prechod naroku na prukaz
OZP.pdf.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-10-31 14:12 - 00001908 _____ C:\Documents and Settings\M&J\Plocha\
ZTP_P.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-10-30 22:47 - 00009908 _____ C:\Documents and Settings\M&J\Plocha\Dobývání měsíce.txt
2015-12-03 13:47 - 2015-10-21 12:32 - 00005092 _____ C:\Documents and Settings\M&J\Plocha\
Google.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-10-16 11:20 - 00003620 _____ C:\Documents and Settings\M&J\Plocha\Dobíjení
Autobaterie.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-10-12 15:06 - 00002116 _____ C:\Documents and Settings\M&J\Plocha\Svetelo
Kelvin.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-10-10 21:56 - 00127841 _____ C:\Documents and Settings\M&J\Plocha\
0ce69f4c-9c62-4131-ad8f-6cdca8619b15.jpg.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-10-02 17:46 - 00015940 _____ C:\Documents and Settings\M&J\Plocha\Demark
GPS.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-10-01 16:56 - 00029684 _____ C:\Documents and Settings\M&J\Plocha\Demark
Linie.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-09-25 07:55 - 00014084 _____ C:\Documents and Settings\M&J\Plocha\
Detektor.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-08-30 16:01 - 00002532 _____ C:\Documents and Settings\M&J\Plocha\Irisin
PAV70.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-06-10 12:56 - 00060633 _____ C:\Documents and Settings\M&J\Plocha\
1968.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-06-10 09:57 - 00000564 _____ C:\Documents and Settings\M&J\Plocha\
Brus.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-05-28 21:09 - 00002452 _____ C:\Documents and Settings\M&J\Plocha\
Mutant.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-05-01 15:40 - 00000996 _____ C:\Documents and Settings\M&J\Plocha\
Zavadero.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-05-01 06:54 - 00001732 _____ C:\Documents and Settings\M&J\Plocha\Janovec
zasilky.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-04-10 18:57 - 00123718 _____ C:\Documents and Settings\M&J\Plocha\Prospekce
zlato2.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-04-10 18:46 - 00039296 _____ C:\Documents and Settings\M&J\Plocha\Zlato
Prospekce.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-04-06 13:48 - 00009700 _____ C:\Documents and Settings\M&J\Plocha\Vltaví
ny.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-03-31 21:14 - 00003412 _____ C:\Documents and Settings\M&J\Plocha\
Spirztual.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-03-30 08:01 - 00000804 _____ C:\Documents and Settings\M&J\Plocha\Kubů
_Byt.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-03-30 06:18 - 00214020 _____ C:\Documents and Settings\M&J\Plocha\
ZlatoMapa.doc.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-03-28 14:41 - 00024068 _____ C:\Documents and Settings\M&J\Plocha\Jil Pro Každé
ho.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-03-27 23:04 - 00107289 _____ C:\Documents and Settings\M&J\Plocha\J I L
Universita2.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-02-23 22:37 - 00005204 _____ C:\Documents and Settings\M&J\Plocha\
Meteorit.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2015-02-21 23:17 - 00005684 _____ C:\Documents and Settings\M&J\Plocha\Noze
nalezy.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2014-10-23 08:39 - 00000500 _____ C:\Documents and Settings\M&J\Plocha\
Retezy.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2014-09-21 13:23 - 00005252 _____ C:\Documents and Settings\M&J\Plocha\Extrakce
Ultrazvuk.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2014-09-17 21:07 - 00000420 _____ C:\Documents and Settings\M&J\Plocha\
Linky.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2014-06-08 18:26 - 00012388 _____ C:\Documents and Settings\M&J\Plocha\Kamen
zubni.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2014-04-27 19:22 - 00038360 _____ C:\Documents and Settings\M&J\Plocha\Obč
an.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2014-04-27 11:54 - 00031947 _____ C:\Documents and Settings\M&J\Plocha\Předhled odchylek vyúčtování
tepla.pdf.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2014-04-14 11:35 - 00001252 _____ C:\Documents and Settings\M&J\Plocha\
Eta.txt.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2013-11-07 19:11 - 12998782 _____ C:\Documents and Settings\M&J\Plocha\korektury 6. 11..pdf.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2011-07-20 08:20 - 00000180 ____H C:\Documents and Settings\M&J\Plocha\~$
rd_Delo.doc.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:47 - 2010-01-08 08:42 - 00000000 ____D C:\Documents and Settings\M&J\Dokumenty\@Spolecne
2015-12-03 13:47 - 2009-11-27 16:53 - 00000000 ___RD C:\Documents and Settings\M&J\Dokumenty\Kamera
2015-12-03 13:47 - 2009-10-03 15:28 - 00000000 ___HD C:\Documents and Settings\M&J\Šablony
2015-12-03 13:43 - 2010-01-08 08:34 - 00000000 ____D C:\Documents and Settings\M&J\Dokumenty\@Druzstvo_HJ
2015-12-03 13:41 - 2009-12-07 14:18 - 00000000 ____D C:\Documents and Settings\M&J\Dokumenty\@Milan
2015-12-03 13:35 - 2009-11-27 15:53 - 00000000 ____D C:\Documents and Settings\M&J\Local Settings\Data aplikací\GHISLER
2015-12-03 13:35 - 2009-10-03 15:31 - 05900282 ____H C:\Documents and Settings\M&J\Local Settings\Data aplikací\
IconCache.db.id-6304444540_av666@weekendwarrior55.com
2015-12-03 13:35 - 2009-10-03 15:28 - 00000000 ___HD C:\Documents and Settings\M&J\Local Settings\Data aplikací
2015-12-03 13:30 - 2009-10-03 17:02 - 00000000 ___HD C:\Documents and Settings\Default User\Šablony
2015-12-01 14:12 - 2009-10-03 15:28 - 00000000 ___RD C:\Documents and Settings\M&J\Dokumenty
2015-11-23 12:20 - 2010-03-08 18:19 - 00002563 _____ C:\Documents and Settings\M&J\Plocha\Microsoft Office Word 2007.lnk
2015-11-16 17:35 - 2012-05-16 20:43 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-11-16 10:46 - 2012-05-16 20:43 - 00000730 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2015-11-11 12:29 - 2013-08-02 09:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-11 12:27 - 2009-10-05 08:56 - 143250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 12:26 - 2009-11-27 13:45 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2015-11-08 18:58 - 2009-10-03 16:54 - 00000000 ____D C:\WINDOWS\Network Diagnostic
2015-11-08 15:00 - 2014-03-12 07:50 - 00000212 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
==================== Files in the root of some directories =======
2015-12-05 23:32 - 2015-12-05 23:33 - 0005120 ___SH () C:\Documents and Settings\M&J\Data aplikací\Thumbs.db
2009-10-06 08:50 - 2015-10-31 18:14 - 0184832 _____ () C:\Documents and Settings\M&J\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Documents and Settings\M&J\Local Settings\Temp\FlashPlayerUpdate.exe
C:\Documents and Settings\M&J\Local Settings\Temp\sqlite3.dll
Some zero byte size files/folders:
==========================
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\System32\runouce.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
