Dobrý den,
při zapnutí internetové komunikace - radio, skype, otevření prohlížeče, se mně zpomalí počítač. Prosím o kontrolu, děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-10-2017
Ran by Asistentka (administrator) on ZT01 (03-10-2017 09:01:31)
Running from C:\Users\Odehnalova\Desktop
Loaded Profiles: Asistentka (Available Profiles: Asistentka & supervisor & servicezt)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Program Files\bkwin\MSSQL10.BANKKLIENT\MSSQL\Binn\sqlservr.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
() C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
() C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(MONETA Money Bank, a. s.) C:\Program Files\bkwin\20463\BKWIN.EXE
(TILL CONSULT a.s., Přerov) C:\Program Files\TILL CONSULT\DUNA172\duna.EXE
(Igor Nys) D:\Kotas\Stažené soubory\trayit_4_6_5_5\trayit_4_6_5_5\TrayIt!.exe
(Excelsior) D:\Kotas\CCCalcPortable\CCCalcPortable.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(forum.viry.cz) C:\Users\Odehnalova\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HP KEYBOARDx] => C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [710656 2010-02-11] (Hewlett-Packard)
HKLM\...\Run: [File Sanitizer] => c:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11265536 2009-12-12] (Hewlett-Packard)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Security\egui.exe [3154464 2012-07-04] (ESET)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2312824 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll [2009-12-07] (Hewlett-Packard Limited)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2015-07-02] (Logitech, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2017-04-18]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NABIDKA.BAT – zástupce.lnk [2012-06-01]
ShortcutTarget: NABIDKA.BAT – zástupce.lnk -> \\192.168.1.2\logon\NABIDKA.BAT (No File)
Startup: C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2017-04-18]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\supervisor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2010-09-14]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 46.149.113.2 46.149.114.2
Tcpip\..\Interfaces\{30A5800C-5E11-4B50-BFFA-97DE61F16C76}: [NameServer] 46.149.113.2,46.149.114.2
Tcpip\..\Interfaces\{30A5800C-5E11-4B50-BFFA-97DE61F16C76}: [DhcpNameServer] 46.149.113.2 46.149.114.2
Tcpip\..\Interfaces\{6A574274-DF76-4564-87F2-58D73C87A723}: [DhcpNameServer] 46.149.113.2 46.149.114.2
Internet Explorer:
==================
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {8774FF92-5A2A-4A1E-B9BB-E8AF75FAF47A} URL = hxxp://cs.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> DefaultScope {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> 5D9E87C0835985E6ECFDA47CFB85A0D7 URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> 9AD75295584257283115265E19ACAB59 URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> A6EA7C9AFD9EADB6FA6C303BD0AFD631 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> D371263FA8D65ABB9B0CF2EBDD6C0081 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
BHO: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-12-12] (Hewlett-Packard)
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2010-01-22] (DigitalPersona, Inc.)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2017-09-20] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Визуальные закладки -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> C:\Program Files\Yandex\FastDial\fastdialhost.dll => No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-21] (Oracle Corporation)
Toolbar: HKLM - Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
Toolbar: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0060-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
FireFox:
========
FF ProfilePath: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2017-10-03]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\nahd6ha2.default -> Seznam
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\nahd6ha2.default -> Seznam
FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> about:home
FF Extension: (FireGestures) - C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\firegestures@xuldev.org.xpi [2017-06-12]
FF Extension: (Enpass Password Manager) - C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\jid1-TPTs1Z1UvUn2fA@jetpack.xpi [2017-07-28]
FF Extension: (FormApps Extension) - C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2017-09-07]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\firmy.cz-081544.xml [2015-09-30]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\mapy.cz-081544.xml [2015-09-30]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\seznam.cz-081544.xml [2015-09-30]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\videa.seznam.cz-081544.xml [2015-09-30]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\zbozi.cz-081544.xml [2015-09-30]
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2010-08-27] [not signed]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-07-12] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird
FF Extension: (ESET Endpoint Security Extension) - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird [2012-11-13] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://go.cz.bbelements.com/please/redirect/19627/2/10/7/!uwi=1920,uhe=1080,uce=1,ibbid=BBID-01-00812596125214784,ibb_device_id=0,param=583281/530165_1_?
CHR Profile: C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default [2017-08-01]
CHR Extension: (Dokumenty Google) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05]
CHR Extension: (YouTube) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Adobe Acrobat) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-01]
CHR Extension: (FormApps Extension) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-08-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-01]
CHR Extension: (Gmail) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-01]
CHR HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808 2010-01-22] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [999704 2012-07-04] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [183944 2012-07-04] (ESET)
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [362040 2009-12-07] (Hewlett-Packard Ltd)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [121344 2010-06-11] (Hewlett-Packard Company) [File not signed]
S2 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2010-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-02-02] (McAfee, Inc.)
R2 HPFSService; c:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2009-12-12] (Hewlett-Packard) [File not signed]
R2 MSSQL$BANKKLIENT; C:\Program Files\bkwin\MSSQL10.BANKKLIENT\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
S4 SQLAgent$BANKKLIENT; C:\Program Files\bkwin\MSSQL10.BANKKLIENT\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [32312 2009-10-21] (Hewlett-Packard Development Company L.P.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [172704 2012-07-10] (ESET)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389456 2015-09-30] (Symantec Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [123760 2012-03-29] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [154160 2012-03-29] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [33656 2012-03-29] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51136 2012-03-29] (ESET)
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [38416 2015-06-18] (Logitech, Inc.)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
S3 MonitorFunction; C:\Windows\System32\DRIVERS\TVMonitor.sys [13304 2016-11-28] (TeamViewer GmbH)
S3 OxPPort; C:\Windows\system32\DRIVERS\OxPPort.sys [82048 2008-07-31] (OEM)
S3 OxSer; C:\Windows\system32\DRIVERS\OxSer.sys [83888 2009-09-16] (OEM)
R1 RsvLock; C:\Windows\system32\Drivers\RsvLock.sys [40088 2010-02-02] (McAfee, Inc.)
R0 SafeBoot; C:\Windows\system32\Drivers\SafeBoot.sys [110520 2010-02-02] () [File not signed]
R0 SbAlg; C:\Windows\system32\Drivers\SbAlg.sys [51800 2010-02-02] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\system32\Drivers\SbFsLock.sys [13256 2010-02-02] (McAfee, Inc.)
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [75776 2010-08-27] (Microsoft Corporation) [File not signed]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-03 09:01 - 2017-10-03 09:01 - 000021355 _____ C:\Users\Odehnalova\Desktop\FRST.txt
2017-10-03 09:01 - 2017-10-03 09:01 - 000000000 ____D C:\FRST
2017-10-03 08:59 - 2017-10-03 09:00 - 000112640 _____ (forum.viry.cz) C:\Users\Odehnalova\Desktop\FRSTLauncher.exe
2017-10-03 08:56 - 2017-10-03 08:56 - 001795584 _____ (Farbar) C:\Users\Odehnalova\Desktop\FRST.exe
2017-10-02 16:05 - 2017-10-02 15:57 - 000387864 _____ C:\Users\Odehnalova\Desktop\20171002155845.pdf
2017-10-02 09:49 - 2017-10-02 09:49 - 000012706 _____ C:\Users\Odehnalova\Desktop\2017.09.26._ZT-energy-s.r.o._Plná-moc_20170922124515.pdf
2017-09-27 10:27 - 2017-09-27 10:27 - 000137182 _____ C:\Users\Odehnalova\Desktop\ELDP 2013_seznam.pdf
2017-09-26 13:35 - 2017-09-26 13:35 - 000000559 _____ C:\Users\Odehnalova\Desktop\ONZ_ZT ener.xml
2017-09-26 10:20 - 2017-09-27 08:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2017-09-13 07:43 - 2017-08-16 16:50 - 002403328 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-13 07:43 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-13 07:43 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-13 07:43 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-13 07:43 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-13 07:43 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-13 07:43 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-13 07:43 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-09-13 07:42 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-13 07:42 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-13 07:42 - 2017-08-16 02:25 - 000347336 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-13 07:42 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-13 07:42 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-13 07:42 - 2017-08-15 16:01 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-09-13 07:42 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-13 07:42 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-13 07:42 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-13 07:42 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-13 07:42 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-13 07:42 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-13 07:42 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-13 07:42 - 2017-08-13 18:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-09-13 07:42 - 2017-08-13 18:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-09-13 07:42 - 2017-08-13 18:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-09-13 07:42 - 2017-08-13 18:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-09-13 07:42 - 2017-08-13 18:29 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-09-13 07:42 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-13 07:42 - 2017-08-13 18:22 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-09-13 07:42 - 2017-08-13 18:21 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-09-13 07:42 - 2017-08-13 18:19 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-09-13 07:42 - 2017-08-13 18:18 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-13 07:42 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-13 07:42 - 2017-08-13 18:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-13 07:42 - 2017-08-13 18:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-09-13 07:42 - 2017-08-13 18:10 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-13 07:42 - 2017-08-13 18:01 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-13 07:42 - 2017-08-13 18:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-13 07:42 - 2017-08-13 18:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-09-13 07:42 - 2017-08-13 17:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-09-13 07:42 - 2017-08-13 17:53 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-09-13 07:42 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-13 07:42 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-13 07:42 - 2017-08-13 17:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-13 07:42 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-13 07:42 - 2017-08-13 17:43 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-09-13 07:42 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-13 07:42 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-13 07:42 - 2017-08-11 08:24 - 004001000 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-09-13 07:42 - 2017-08-11 08:24 - 003945704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-13 07:42 - 2017-08-11 08:24 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-13 07:42 - 2017-08-11 08:24 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-13 07:42 - 2017-08-11 08:21 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:10 - 000066048 _____ C:\Windows\system32\PrintBrmUi.exe
2017-09-13 07:42 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-13 07:42 - 2017-08-11 08:09 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-13 07:42 - 2017-08-11 08:09 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-13 07:42 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-13 07:42 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-13 07:42 - 2017-08-11 08:00 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-13 07:42 - 2017-08-11 08:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-09-13 07:42 - 2017-08-11 08:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-13 07:42 - 2017-08-11 08:00 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-13 07:42 - 2017-08-11 08:00 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-13 07:42 - 2017-08-11 07:58 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-13 07:42 - 2017-08-11 07:58 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-13 07:42 - 2017-08-11 07:56 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-13 07:42 - 2017-08-11 07:55 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-13 07:42 - 2017-08-11 07:55 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-13 07:42 - 2017-08-11 07:55 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-13 07:42 - 2017-08-11 07:55 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-13 07:42 - 2017-08-11 07:55 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-07 15:13 - 2017-09-07 15:13 - 000000000 ____D C:\Users\Odehnalova\AppData\Local\Software602
2017-09-07 10:50 - 2017-09-07 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CZ.NIC
2017-09-06 10:02 - 2017-10-02 17:28 - 000011765 _____ C:\Users\Odehnalova\Desktop\sklad změna číslování.xlsx
2017-09-05 10:09 - 2017-09-05 10:09 - 000000000 ____D C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RadioSure
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-03 08:55 - 2017-03-05 15:12 - 000000000 ____D C:\Users\Odehnalova\AppData\LocalLow\Mozilla
2017-10-03 08:55 - 2012-05-27 12:19 - 000000000 ____D C:\Users\Odehnalova\Documents\Soubory aplikace Outlook
2017-10-03 08:50 - 2017-08-08 07:27 - 000000000 ____D C:\Users\Odehnalova\AppData\Local\Skype
2017-10-03 08:08 - 2015-01-29 12:52 - 000000000 ____D C:\BANKA
2017-10-03 08:05 - 2009-07-14 06:34 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-03 08:05 - 2009-07-14 06:34 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-03 07:58 - 2010-08-27 02:59 - 000737470 _____ C:\Windows\system32\perfh005.dat
2017-10-03 07:58 - 2010-08-27 02:59 - 000167156 _____ C:\Windows\system32\perfc005.dat
2017-10-03 07:58 - 2009-07-25 14:54 - 001776508 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-03 07:58 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2017-10-03 07:57 - 2017-07-10 15:32 - 000343552 _____ C:\Users\Odehnalova\Desktop\Moje_dochazka_2017_V2_19-1.xls
2017-10-03 07:52 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-02 17:33 - 2017-07-13 13:18 - 000000000 ____D C:\Users\Odehnalova\Documents\Enpass
2017-10-02 11:59 - 2015-09-30 08:16 - 000000446 ____H C:\Windows\Tasks\Norton Security Scan for Nejezova.job
2017-10-02 09:59 - 2017-06-15 10:24 - 000000000 ____D C:\Users\Odehnalova\AppData\Roaming\.dsgui
2017-10-02 08:37 - 2010-09-13 21:55 - 000000000 ____D C:\Program Files\Opera
2017-10-02 08:35 - 2017-04-25 13:35 - 000172544 _____ C:\Users\Odehnalova\Desktop\plánovací kalendář.xls
2017-10-02 08:26 - 2012-09-18 09:56 - 000000000 ____D C:\Program Files\TeamViewer
2017-09-27 08:28 - 2017-03-30 15:35 - 000000891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-26 13:32 - 2014-07-21 12:54 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-22 12:32 - 2017-04-12 15:24 - 000000000 ____D C:\Users\Odehnalova\Evernote
2017-09-21 14:26 - 2017-07-10 16:45 - 000010487 _____ C:\Users\Odehnalova\Desktop\daňový a platební kalendář.xlsx
2017-09-19 10:36 - 2009-07-14 06:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-09-15 09:00 - 2017-07-13 13:17 - 000000000 ____D C:\Program Files\Enpass
2017-09-13 12:10 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2017-09-13 08:16 - 2009-07-14 06:33 - 000446384 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-13 08:02 - 2009-07-14 04:04 - 000000478 _____ C:\Windows\win.ini
2017-09-13 08:00 - 2013-08-15 15:23 - 000000000 ____D C:\Windows\system32\MRT
2017-09-13 07:53 - 2010-09-19 18:41 - 135337392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-11 17:02 - 2012-05-27 12:20 - 000002274 ____H C:\Users\Odehnalova\Documents\Default.rdp
2017-09-07 15:13 - 2016-04-14 12:22 - 000002151 _____ C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormApps Signing Extension.lnk
2017-09-07 10:50 - 2017-07-03 10:41 - 000001906 _____ C:\Users\Public\Desktop\Datovka.lnk
2017-09-05 10:09 - 2017-08-25 07:42 - 000001127 _____ C:\Users\Odehnalova\Desktop\RadioSure.lnk
2017-09-05 10:09 - 2017-08-25 07:42 - 000000000 ____D C:\Users\Odehnalova\AppData\Local\RadioSure
==================== Files in the root of some directories =======
2017-04-12 13:54 - 2017-05-04 16:29 - 000001861 _____ () C:\Users\Odehnalova\AppData\Roaming\cccalc.txt
2016-01-04 19:35 - 2016-01-04 19:35 - 000012996 _____ () C:\Users\Odehnalova\AppData\Local\recently-used.xbel
2015-08-21 13:25 - 2015-08-21 13:25 - 000007597 _____ () C:\Users\Odehnalova\AppData\Local\Resmon.ResmonCfg
2014-04-22 09:13 - 2012-08-31 15:08 - 000024772 _____ () C:\ProgramData\P1100DEF.css
2014-04-22 09:13 - 2014-04-22 12:46 - 000004188 _____ () C:\ProgramData\P1100OS.HTM
2014-04-22 09:13 - 2012-08-31 15:08 - 000002944 _____ () C:\ProgramData\P1100SIG.GIF
2015-10-02 13:03 - 2015-10-02 13:03 - 000000055 _____ () C:\ProgramData\pconfig.dat
Files to move or delete:
====================
C:\ProgramData\pconfig.dat
Some files in TEMP:
====================
2017-04-12 13:32 - 2017-04-12 13:32 - 000739904 _____ (Oracle Corporation) C:\Users\Odehnalova\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-07-07 14:50 - 2017-07-07 14:50 - 000739904 _____ (Oracle Corporation) C:\Users\Odehnalova\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-07-21 09:52 - 2017-07-21 09:52 - 000739904 _____ (Oracle Corporation) C:\Users\Odehnalova\AppData\Local\Temp\jre-8u141-windows-au.exe
2017-05-19 13:21 - 2015-07-02 22:36 - 000098760 _____ () C:\Users\Odehnalova\AppData\Local\Temp\LMkRstPt.exe
2012-05-27 12:41 - 2010-11-18 20:36 - 000469256 _____ (Microsoft Corporation) C:\Users\Odehnalova\AppData\Local\Temp\MSN55FE.exe
2014-01-13 13:46 - 2012-09-27 02:28 - 000608160 _____ (HP) C:\Users\Odehnalova\AppData\Local\Temp\siinst.exe
2017-08-08 07:11 - 2017-09-06 07:54 - 058881488 _____ (Skype Technologies S.A.) C:\Users\Odehnalova\AppData\Local\Temp\SkypeSetup.exe
2014-01-13 13:46 - 2012-09-26 07:57 - 000270336 ____R (HP) C:\Users\Odehnalova\AppData\Local\Temp\strings.dll
2017-07-03 14:00 - 2017-07-03 14:00 - 014456872 _____ (Microsoft Corporation) C:\Users\Odehnalova\AppData\Local\Temp\vc_redist.x86.exe
2017-05-09 13:31 - 2017-05-09 13:46 - 000503808 _____ () C:\Users\Odehnalova\AppData\Local\Temp\xuninst.exe
2017-07-11 19:55 - 2015-07-25 00:41 - 000227632 _____ () C:\Users\Odehnalova\AppData\Local\Temp\YandexWorking.exe
2015-09-21 14:54 - 2015-09-21 14:54 - 059332560 _____ (YANDEX LLC) C:\Users\Odehnalova\AppData\Local\Temp\{D08980EA-D8BC-42E3-9B1D-35A68F25908D}.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\drivers\SafeBoot.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
LastRegBack: 2017-10-02 12:01
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:195.31 GB) (Free:89.38 GB) NTFS
Drive d: () (Fixed) (Total:27.9 GB) (Free:21.24 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:9.4 GB) (Free:1.16 GB) NTFS ==>[system with boot components (obtained from drive)]
Available physical RAM: 86.68 MB
Total physical RAM: 2013.18 MB
Percentage of memory in use: 95%
==================== MBR and Partition Table ==================
ShortcutWithArgument: C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1920,1080
Disk: 0 (Size: 232.9 GB) (Disk ID: 8A214CD1)
Partition 1: (Not Active) - (Size=27.9 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=285 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=9.4 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Norton Security Scan for Nejezova.job => C:\PROGRA~1\NORTON~2\Engine\410~1.28\Nss.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Endpoint Security 5.0 (Disabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Endpoint Security 5.0 (Disabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Disabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Odehnalova\Desktop" je 166 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BATINDICATOR
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Remote Solution
%ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv
c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchHPOSIAPP
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\311~1.376\SSSCHE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Logfile of random's system information tool 1.10 (written by random/random)
Run by Asistentka at 2017-10-03 09:21:14
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 92 GB (46%) free of 200 GB
Total RAM: 2013 MB (15% free)
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Norton Security Scan for Nejezova.job - C:\PROGRA~1\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
=========Mozilla firefox=========
ProfilePath - C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "about:home"
"otis@digitalpersona.com"=c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
"{F003DA68-8256-4b37-A6C4-350FA04494DF}"=C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.141.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.141.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\
firmy.cz-081544.xml
mapy.cz-081544.xml
seznam.cz-081544.xml
videa.seznam.cz-081544.xml
zbozi.cz-081544.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - c:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-12-12 117248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2010-01-22 1471752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-21 473664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2017-09-20 592768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26 366200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]
Визуальные закладки - C:\Program Files\Yandex\FastDial\fastdialhost.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-21 187968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} - Элементы Яндекса - C:\Program Files\Yandex\Elements\bartabhost.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP KEYBOARDx"=C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [2010-02-11 710656]
"File Sanitizer"=c:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2009-12-12 11265536]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-10-16 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-10-16 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-10-16 170520]
"egui"=C:\Program Files\ESET\ESET Endpoint Security\egui.exe [2012-07-04 3154464]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2015-08-26 2312824]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2017-07-12 587288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BATINDICATOR]
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [2009-05-09 2068992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Remote Solution]
C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [2009-08-25 656896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchHPOSIAPP]
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe [2009-04-04 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\311~1.376\SSSCHE~1.EXE []
C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
NABIDKA.BAT – zástupce.lnk - \\192.168.1.2\logon\NABIDKA.BAT
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
C:\Windows\system32\DeviceNP.dll [2009-12-07 75320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-10-16 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2015-07-02 63944]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-10-03 09:05:54 ----D---- C:\rsit
2017-10-03 09:05:54 ----D---- C:\Program Files\trend micro
2017-10-03 09:01:27 ----D---- C:\FRST
2017-09-13 07:43:03 ----A---- C:\Windows\system32\mshtml.dll
2017-09-13 07:43:01 ----A---- C:\Windows\system32\jscript9.dll
2017-09-13 07:43:01 ----A---- C:\Windows\system32\iertutil.dll
2017-09-13 07:43:01 ----A---- C:\Windows\system32\ieframe.dll
2017-09-13 07:43:00 ----A---- C:\Windows\system32\wininet.dll
2017-09-13 07:43:00 ----A---- C:\Windows\system32\win32k.sys
2017-09-13 07:43:00 ----A---- C:\Windows\system32\vbscript.dll
2017-09-13 07:43:00 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2017-09-13 07:42:59 ----A---- C:\Windows\system32\urlmon.dll
2017-09-13 07:42:59 ----A---- C:\Windows\system32\shell32.dll
2017-09-13 07:42:59 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-09-13 07:42:59 ----A---- C:\Windows\system32\msfeeds.dll
2017-09-13 07:42:58 ----A---- C:\Windows\system32\ntkrnlpa.exe
2017-09-13 07:42:58 ----A---- C:\Windows\system32\mmcndmgr.dll
2017-09-13 07:42:58 ----A---- C:\Windows\system32\mmc.exe
2017-09-13 07:42:58 ----A---- C:\Windows\system32\localspl.dll
2017-09-13 07:42:58 ----A---- C:\Windows\system32\iedkcs32.dll
2017-09-13 07:42:57 ----A---- C:\Windows\system32\Wldap32.dll
2017-09-13 07:42:57 ----A---- C:\Windows\system32\win32spl.dll
2017-09-13 07:42:57 ----A---- C:\Windows\system32\usp10.dll
2017-09-13 07:42:57 ----A---- C:\Windows\system32\ntprint.dll
2017-09-13 07:42:57 ----A---- C:\Windows\system32\ntdll.dll
2017-09-13 07:42:57 ----A---- C:\Windows\system32\nsisvc.dll
2017-09-13 07:42:57 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-13 07:42:57 ----A---- C:\Windows\system32\mshtmled.dll
2017-09-13 07:42:57 ----A---- C:\Windows\system32\ie4uinit.exe
2017-09-13 07:42:57 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-09-13 07:42:57 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2017-09-13 07:42:57 ----A---- C:\Windows\system32\drivers\netbt.sys
2017-09-13 07:42:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-09-13 07:42:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-09-13 07:42:56 ----A---- C:\Windows\system32\webcheck.dll
2017-09-13 07:42:56 ----A---- C:\Windows\system32\mmcshext.dll
2017-09-13 07:42:56 ----A---- C:\Windows\system32\mmcbase.dll
2017-09-13 07:42:56 ----A---- C:\Windows\system32\dxtrans.dll
2017-09-13 07:42:56 ----A---- C:\Windows\system32\dxtmsft.dll
2017-09-13 07:42:56 ----A---- C:\Windows\system32\cic.dll
2017-09-13 07:42:55 ----A---- C:\Windows\system32\winnsi.dll
2017-09-13 07:42:55 ----A---- C:\Windows\system32\shdocvw.dll
2017-09-13 07:42:55 ----A---- C:\Windows\system32\msrating.dll
2017-09-13 07:42:55 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-09-13 07:42:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-09-13 07:42:55 ----A---- C:\Windows\system32\ieui.dll
2017-09-13 07:42:54 ----A---- C:\Windows\system32\occache.dll
2017-09-13 07:42:54 ----A---- C:\Windows\system32\nsi.dll
2017-09-13 07:42:54 ----A---- C:\Windows\system32\jscript9diag.dll
2017-09-13 07:42:54 ----A---- C:\Windows\system32\inseng.dll
2017-09-13 07:42:54 ----A---- C:\Windows\system32\ieUnatt.exe
2017-09-13 07:42:54 ----A---- C:\Windows\system32\iesetup.dll
2017-09-13 07:42:54 ----A---- C:\Windows\system32\iernonce.dll
2017-09-13 07:42:53 ----A---- C:\Windows\system32\jsproxy.dll
2017-09-13 07:42:53 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-13 07:42:53 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-09-13 07:42:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-09-13 07:42:52 ----A---- C:\Windows\system32\ole32.dll
2017-09-13 07:42:52 ----A---- C:\Windows\system32\jscript.dll
2017-09-13 07:42:52 ----A---- C:\Windows\system32\ieapfltr.dll
2017-09-13 07:42:52 ----A---- C:\Windows\system32\drivers\srv.sys
2017-09-13 07:42:51 ----A---- C:\Windows\system32\smss.exe
2017-09-13 07:42:51 ----A---- C:\Windows\system32\rpcss.dll
2017-09-13 07:42:51 ----A---- C:\Windows\system32\rpcrt4.dll
2017-09-13 07:42:51 ----A---- C:\Windows\system32\ntprint.exe
2017-09-13 07:42:51 ----A---- C:\Windows\system32\netbtugc.exe
2017-09-13 07:42:51 ----A---- C:\Windows\system32\kerberos.dll
2017-09-13 07:42:51 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-09-13 07:42:51 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-09-13 07:42:51 ----A---- C:\Windows\system32\advapi32.dll
2017-09-13 07:42:50 ----A---- C:\Windows\system32\winsrv.dll
2017-09-13 07:42:50 ----A---- C:\Windows\system32\srcore.dll
2017-09-13 07:42:50 ----A---- C:\Windows\system32\msv1_0.dll
2017-09-13 07:42:50 ----A---- C:\Windows\system32\lsasrv.dll
2017-09-13 07:42:50 ----A---- C:\Windows\system32\KernelBase.dll
2017-09-13 07:42:50 ----A---- C:\Windows\system32\inetpp.dll
2017-09-13 07:42:50 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-09-13 07:42:50 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-09-13 07:42:49 ----A---- C:\Windows\system32\wdigest.dll
2017-09-13 07:42:49 ----A---- C:\Windows\system32\schannel.dll
2017-09-13 07:42:49 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-09-13 07:42:48 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 07:42:48 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 07:42:48 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\wpnpinst.exe
2017-09-13 07:42:48 ----A---- C:\Windows\system32\TSpkg.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\sspisrv.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\sspicli.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\srclient.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\secur32.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\rstrui.exe
2017-09-13 07:42:48 ----A---- C:\Windows\system32\rpchttp.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\ncrypt.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\lsass.exe
2017-09-13 07:42:48 ----A---- C:\Windows\system32\kernel32.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\inetppui.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-09-13 07:42:48 ----A---- C:\Windows\system32\drivers\appid.sys
2017-09-13 07:42:48 ----A---- C:\Windows\system32\csrsrv.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\cryptbase.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\credssp.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\conhost.exe
2017-09-13 07:42:48 ----A---- C:\Windows\system32\comcat.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\bcrypt.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\auditpol.exe
2017-09-13 07:42:48 ----A---- C:\Windows\system32\appidsvc.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-09-13 07:42:48 ----A---- C:\Windows\system32\appidapi.dll
2017-09-13 07:42:48 ----A---- C:\Windows\system32\apisetschema.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 07:42:47 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 07:42:47 ----A---- C:\Windows\system32\PrintBrmUi.exe
2017-09-13 07:42:47 ----A---- C:\Windows\system32\oleres.dll
2017-09-13 07:42:47 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-09-13 07:42:47 ----A---- C:\Windows\system32\adtschema.dll
2017-09-13 07:42:46 ----A---- C:\Windows\system32\msobjs.dll
2017-09-13 07:42:46 ----A---- C:\Windows\system32\msaudite.dll
======List of files/folders modified in the last 1 month======
2017-10-03 09:21:18 ----D---- C:\Windows\Temp
2017-10-03 09:05:54 ----D---- C:\Program Files
2017-10-03 09:01:28 ----AD---- C:\Windows
2017-10-03 08:10:35 ----D---- C:\Windows\system32\config
2017-10-03 08:08:58 ----D---- C:\BANKA
2017-10-03 07:58:11 ----D---- C:\Windows\inf
2017-10-03 07:58:11 ----AD---- C:\Windows\System32
2017-10-03 07:58:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-02 09:59:35 ----D---- C:\Users\Odehnalova\AppData\Roaming\.dsgui
2017-10-02 08:37:24 ----SHD---- C:\System Volume Information
2017-10-02 08:37:22 ----D---- C:\Windows\system32\Tasks
2017-10-02 08:37:22 ----D---- C:\Program Files\Opera
2017-10-02 08:26:52 ----D---- C:\Program Files\TeamViewer
2017-09-27 08:14:10 ----SHD---- C:\Windows\Installer
2017-09-27 08:14:10 ----SHD---- C:\Config.Msi
2017-09-19 10:36:52 ----D---- C:\Windows\system32\FxsTmp
2017-09-15 09:00:50 ----D---- C:\Program Files\Enpass
2017-09-13 12:10:10 ----D---- C:\Windows\rescache
2017-09-13 11:44:48 ----D---- C:\Windows\Microsoft.NET
2017-09-13 11:42:40 ----RSD---- C:\Windows\assembly
2017-09-13 08:17:45 ----D---- C:\Windows\winsxs
2017-09-13 08:14:51 ----D---- C:\Windows\system32\en-US
2017-09-13 08:14:51 ----D---- C:\Windows\system32\drivers
2017-09-13 08:14:51 ----D---- C:\Windows\system32\cs-CZ
2017-09-13 08:14:51 ----D---- C:\Program Files\Internet Explorer
2017-09-13 08:05:29 ----D---- C:\Windows\system32\catroot2
2017-09-13 08:02:51 ----D---- C:\ProgramData\Microsoft Help
2017-09-13 08:02:25 ----A---- C:\Windows\win.ini
2017-09-13 08:00:42 ----D---- C:\Windows\system32\MRT
2017-09-13 07:53:55 ----AC---- C:\Windows\system32\MRT.exe
2017-09-04 11:25:24 ----RD---- C:\Users
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-29 51136]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-02-02 110520]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2010-02-02 51800]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-02-02 13256]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-07-10 172704]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2015-09-30 389456]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-29 123760]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-29 33656]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-02-02 40088]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-29 154160]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-18 11032]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-10-16 9030144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-09-07 3187816]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2015-06-18 53904]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2015-06-18 47632]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2015-06-18 38416]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-05-03 266344]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv.sys [2009-10-21 32312]
S3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 132480]
S3 MonitorFunction;Driver for Monitor; C:\Windows\system32\DRIVERS\TVMonitor.sys [2016-11-28 13304]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 17408]
S3 OxPPort;OxPPort; C:\Windows\system32\DRIVERS\OxPPort.sys [2008-07-31 82048]
S3 OxSer;OxSer; C:\Windows\system32\DRIVERS\OxSer.sys [2009-09-16 83888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2010-01-22 300808]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [2012-07-04 999704]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-06-11 121344]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-02 281192]
R2 HPFSService;File Sanitizer for HP ProtectTools; c:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-09-27 100256]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 MSSQL$BANKKLIENT;SQL Server (BANKKLIENT); C:\Program Files\bkwin\MSSQL10.BANKKLIENT\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 TeamViewer;TeamViewer 12; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2017-08-29 10803440]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-01-12 36864]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-15 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [2012-07-04 183944]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\system32\flcdlock.exe [2009-12-07 362040]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2010-05-15 230968]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-08-13 104960]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2015-07-02 292808]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-08-28 175568]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-19 1343400]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 SQLAgent$BANKKLIENT;SQL Server Agent (BANKKLIENT); C:\Program Files\bkwin\MSSQL10.BANKKLIENT\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomalení počítače
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpomalení počítače
- Přílohy
-
- Addition.zip
- (11.43 KiB) Staženo 80 x
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení počítače
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalení počítače
# AdwCleaner 7.0.3.1 - Logfile created on Thu Oct 05 11:42:23 2017
# Updated on 2017/29/09 by Malwarebytes
# Database: 10-04-2017.1
# Running on Windows 7 Professional (X86)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\brusnice.cz
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\fiat-krenice.cz
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sjidelnicek.cz
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\stavebnicentrum.cz
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.stavebnicentrum.cz
PUP.Optional.InstallCore, [Key] - HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\csastats
PUP.Optional.InstallCore, [Key] - HKCU\Software\csastats
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
# Updated on 2017/29/09 by Malwarebytes
# Database: 10-04-2017.1
# Running on Windows 7 Professional (X86)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\brusnice.cz
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\fiat-krenice.cz
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sjidelnicek.cz
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\stavebnicentrum.cz
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.stavebnicentrum.cz
PUP.Optional.InstallCore, [Key] - HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\csastats
PUP.Optional.InstallCore, [Key] - HKCU\Software\csastats
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení počítače
V ADW ještě klikněte na mazání a pak dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalení počítače
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2017 01
Ran by Asistentka (administrator) on ZT01 (06-10-2017 10:12:20)
Running from C:\Users\Odehnalova\Desktop
Loaded Profiles: Asistentka (Available Profiles: Asistentka & supervisor & servicezt)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Program Files\bkwin\MSSQL10.BANKKLIENT\MSSQL\Binn\sqlservr.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
() C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
() C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(TheBestWare Studio) C:\Users\Odehnalova\AppData\Local\RadioSure\RadioSure.exe
(PortableApps.com) D:\Kotas\Stažené soubory\sPortable\sPortable.exe
(Skype Technologies S.A.) D:\Kotas\Stažené soubory\sPortable\App\Skype\Phone\Skype.exe
(Igor Nys) D:\Kotas\Stažené soubory\trayit_4_6_5_5\trayit_4_6_5_5\TrayIt!.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Odehnalova\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HP KEYBOARDx] => C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [710656 2010-02-11] (Hewlett-Packard)
HKLM\...\Run: [File Sanitizer] => c:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11265536 2009-12-12] (Hewlett-Packard)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Security\egui.exe [3154464 2012-07-04] (ESET)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2312824 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll [2009-12-07] (Hewlett-Packard Limited)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2015-07-02] (Logitech, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2017-04-18]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NABIDKA.BAT – zástupce.lnk [2012-06-01]
ShortcutTarget: NABIDKA.BAT – zástupce.lnk -> \\192.168.1.2\logon\NABIDKA.BAT (No File)
Startup: C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2017-04-18]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\supervisor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2010-09-14]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 46.149.113.2 46.149.114.2
Tcpip\..\Interfaces\{30A5800C-5E11-4B50-BFFA-97DE61F16C76}: [NameServer] 46.149.113.2,46.149.114.2
Tcpip\..\Interfaces\{30A5800C-5E11-4B50-BFFA-97DE61F16C76}: [DhcpNameServer] 46.149.113.2 46.149.114.2
Tcpip\..\Interfaces\{6A574274-DF76-4564-87F2-58D73C87A723}: [DhcpNameServer] 46.149.113.2 46.149.114.2
Internet Explorer:
==================
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {8774FF92-5A2A-4A1E-B9BB-E8AF75FAF47A} URL = hxxp://cs.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> DefaultScope {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> 5D9E87C0835985E6ECFDA47CFB85A0D7 URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> 9AD75295584257283115265E19ACAB59 URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> A6EA7C9AFD9EADB6FA6C303BD0AFD631 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> D371263FA8D65ABB9B0CF2EBDD6C0081 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
BHO: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-12-12] (Hewlett-Packard)
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2010-01-22] (DigitalPersona, Inc.)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2017-09-20] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Визуальные закладки -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> C:\Program Files\Yandex\FastDial\fastdialhost.dll => No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-21] (Oracle Corporation)
Toolbar: HKLM - Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
Toolbar: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0060-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
FireFox:
========
FF ProfilePath: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2017-10-06]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\nahd6ha2.default -> Seznam
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\nahd6ha2.default -> Seznam
FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> about:home
FF Extension: (FireGestures) - C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\firegestures@xuldev.org.xpi [2017-06-12]
FF Extension: (Enpass Password Manager) - C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\jid1-TPTs1Z1UvUn2fA@jetpack.xpi [2017-07-28]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-06]
FF Extension: (FormApps Extension) - C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2017-09-07]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\firmy.cz-081544.xml [2015-09-30]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\mapy.cz-081544.xml [2015-09-30]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\seznam.cz-081544.xml [2015-09-30]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\videa.seznam.cz-081544.xml [2015-09-30]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\zbozi.cz-081544.xml [2015-09-30]
FF Extension: (Activity Stream) - C:\Program Files\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi [2017-10-05] [not signed]
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2010-08-27] [not signed]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-07-12] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird
FF Extension: (ESET Endpoint Security Extension) - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird [2012-11-13] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://go.cz.bbelements.com/please/redirect/19627/2/10/7/!uwi=1920,uhe=1080,uce=1,ibbid=BBID-01-00812596125214784,ibb_device_id=0,param=583281/530165_1_?
CHR Profile: C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default [2017-10-06]
CHR Extension: (Dokumenty Google) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05]
CHR Extension: (YouTube) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Adobe Acrobat) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-01]
CHR Extension: (FormApps Extension) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-08-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-01]
CHR Extension: (Gmail) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-01]
CHR HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808 2010-01-22] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [999704 2012-07-04] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [183944 2012-07-04] (ESET)
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [362040 2009-12-07] (Hewlett-Packard Ltd)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [121344 2010-06-11] (Hewlett-Packard Company) [File not signed]
S2 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2010-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-02-02] (McAfee, Inc.)
R2 HPFSService; c:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2009-12-12] (Hewlett-Packard) [File not signed]
R2 MSSQL$BANKKLIENT; C:\Program Files\bkwin\MSSQL10.BANKKLIENT\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
S4 SQLAgent$BANKKLIENT; C:\Program Files\bkwin\MSSQL10.BANKKLIENT\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [32312 2009-10-21] (Hewlett-Packard Development Company L.P.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [172704 2012-07-10] (ESET)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389456 2015-09-30] (Symantec Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [123760 2012-03-29] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [154160 2012-03-29] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [33656 2012-03-29] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51136 2012-03-29] (ESET)
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [38416 2015-06-18] (Logitech, Inc.)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
S3 MonitorFunction; C:\Windows\System32\DRIVERS\TVMonitor.sys [13304 2016-11-28] (TeamViewer GmbH)
S3 OxPPort; C:\Windows\system32\DRIVERS\OxPPort.sys [82048 2008-07-31] (OEM)
S3 OxSer; C:\Windows\system32\DRIVERS\OxSer.sys [83888 2009-09-16] (OEM)
R1 RsvLock; C:\Windows\system32\Drivers\RsvLock.sys [40088 2010-02-02] (McAfee, Inc.)
R0 SafeBoot; C:\Windows\system32\Drivers\SafeBoot.sys [110520 2010-02-02] () [File not signed]
R0 SbAlg; C:\Windows\system32\Drivers\SbAlg.sys [51800 2010-02-02] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\system32\Drivers\SbFsLock.sys [13256 2010-02-02] (McAfee, Inc.)
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [75776 2010-08-27] (Microsoft Corporation) [File not signed]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-06 10:12 - 2017-10-06 10:12 - 000021675 _____ C:\Users\Odehnalova\Desktop\FRST.txt
2017-10-06 10:12 - 2017-10-06 10:12 - 000000000 ____D C:\Users\Odehnalova\Desktop\FRST-OlderVersion
2017-10-06 10:10 - 2017-10-06 10:10 - 000001154 _____ C:\Users\Odehnalova\Desktop\AdwCleaner[S2].txt
2017-10-06 07:49 - 2017-10-06 07:49 - 000000000 ____D C:\Users\Odehnalova\AppData\Roaming\SkypePM
2017-10-05 13:43 - 2017-10-05 13:43 - 000001748 _____ C:\Users\Odehnalova\Desktop\AdwCleaner[S0].txt
2017-10-05 13:40 - 2017-10-06 10:09 - 000000000 ____D C:\AdwCleaner
2017-10-05 13:39 - 2017-10-05 13:39 - 008250832 _____ (Malwarebytes) C:\Users\Odehnalova\Desktop\adwcleaner_7.0.3.1.exe
2017-10-03 09:32 - 2017-10-03 09:32 - 000060242 _____ C:\Users\Odehnalova\Desktop\info.txt
2017-10-03 09:09 - 2017-10-03 09:09 - 000011700 _____ C:\Users\Odehnalova\Desktop\Addition.zip
2017-10-03 09:05 - 2017-10-03 09:21 - 000000000 ____D C:\Program Files\trend micro
2017-10-03 09:05 - 2017-10-03 09:05 - 001107968 _____ C:\Users\Odehnalova\Desktop\RSIT.exe
2017-10-03 09:01 - 2017-10-06 10:12 - 000000000 ____D C:\FRST
2017-10-03 08:56 - 2017-10-06 10:12 - 001796096 _____ (Farbar) C:\Users\Odehnalova\Desktop\FRST.exe
2017-10-02 16:05 - 2017-10-02 15:57 - 000387864 _____ C:\Users\Odehnalova\Desktop\20171002155845.pdf
2017-10-02 09:49 - 2017-10-02 09:49 - 000012706 _____ C:\Users\Odehnalova\Desktop\2017.09.26._ZT-energy-s.r.o._Plná-moc_20170922124515.pdf
2017-09-27 10:27 - 2017-09-27 10:27 - 000137182 _____ C:\Users\Odehnalova\Desktop\ELDP 2013_seznam.pdf
2017-09-26 13:35 - 2017-09-26 13:35 - 000000559 _____ C:\Users\Odehnalova\Desktop\ONZ_ZT ener.xml
2017-09-26 10:20 - 2017-09-27 08:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2017-09-13 07:43 - 2017-08-16 16:50 - 002403328 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-13 07:43 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-13 07:43 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-13 07:43 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-13 07:43 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-13 07:43 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-13 07:43 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-13 07:43 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-09-13 07:42 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-13 07:42 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-13 07:42 - 2017-08-16 02:25 - 000347336 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-13 07:42 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-13 07:42 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-13 07:42 - 2017-08-15 16:01 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-09-13 07:42 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-13 07:42 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-13 07:42 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-13 07:42 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-13 07:42 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-13 07:42 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-13 07:42 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-13 07:42 - 2017-08-13 18:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-09-13 07:42 - 2017-08-13 18:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-09-13 07:42 - 2017-08-13 18:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-09-13 07:42 - 2017-08-13 18:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-09-13 07:42 - 2017-08-13 18:29 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-09-13 07:42 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-13 07:42 - 2017-08-13 18:22 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-09-13 07:42 - 2017-08-13 18:21 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-09-13 07:42 - 2017-08-13 18:19 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-09-13 07:42 - 2017-08-13 18:18 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-13 07:42 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-13 07:42 - 2017-08-13 18:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-13 07:42 - 2017-08-13 18:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-09-13 07:42 - 2017-08-13 18:10 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-13 07:42 - 2017-08-13 18:01 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-13 07:42 - 2017-08-13 18:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-13 07:42 - 2017-08-13 18:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-09-13 07:42 - 2017-08-13 17:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-09-13 07:42 - 2017-08-13 17:53 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-09-13 07:42 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-13 07:42 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-13 07:42 - 2017-08-13 17:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-13 07:42 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-13 07:42 - 2017-08-13 17:43 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-09-13 07:42 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-13 07:42 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-13 07:42 - 2017-08-11 08:24 - 004001000 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-09-13 07:42 - 2017-08-11 08:24 - 003945704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-13 07:42 - 2017-08-11 08:24 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-13 07:42 - 2017-08-11 08:24 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-13 07:42 - 2017-08-11 08:21 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:10 - 000066048 _____ C:\Windows\system32\PrintBrmUi.exe
2017-09-13 07:42 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-13 07:42 - 2017-08-11 08:09 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-13 07:42 - 2017-08-11 08:09 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-13 07:42 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-13 07:42 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-13 07:42 - 2017-08-11 08:00 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-13 07:42 - 2017-08-11 08:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-09-13 07:42 - 2017-08-11 08:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-13 07:42 - 2017-08-11 08:00 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-13 07:42 - 2017-08-11 08:00 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-13 07:42 - 2017-08-11 07:58 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-13 07:42 - 2017-08-11 07:58 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-13 07:42 - 2017-08-11 07:56 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-13 07:42 - 2017-08-11 07:55 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-13 07:42 - 2017-08-11 07:55 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-13 07:42 - 2017-08-11 07:55 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-13 07:42 - 2017-08-11 07:55 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-13 07:42 - 2017-08-11 07:55 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-07 15:13 - 2017-09-07 15:13 - 000000000 ____D C:\Users\Odehnalova\AppData\Local\Software602
2017-09-07 10:50 - 2017-09-07 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CZ.NIC
2017-09-06 10:02 - 2017-10-02 17:28 - 000011765 _____ C:\Users\Odehnalova\Desktop\sklad změna číslování.xlsx
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-06 10:10 - 2017-03-05 15:12 - 000000000 ____D C:\Users\Odehnalova\AppData\LocalLow\Mozilla
2017-10-06 10:08 - 2012-05-27 12:19 - 000000000 ____D C:\Users\Odehnalova\Documents\Soubory aplikace Outlook
2017-10-06 09:00 - 2017-06-15 10:24 - 000000000 ____D C:\Users\Odehnalova\AppData\Roaming\.dsgui
2017-10-06 08:34 - 2012-05-27 12:19 - 000000000 ____D C:\Users\Odehnalova\Documents\Finanční kontrola
2017-10-06 08:20 - 2017-07-10 15:32 - 000336896 _____ C:\Users\Odehnalova\Desktop\Moje_dochazka_2017_V2_19-1.xls
2017-10-06 08:18 - 2012-05-27 12:19 - 000000000 ____D C:\Users\Odehnalova\Documents\Dopisy
2017-10-06 08:03 - 2009-07-14 06:34 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-06 08:03 - 2009-07-14 06:34 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-06 07:58 - 2017-03-05 11:16 - 000000000 ____D C:\Users\Odehnalova\Desktop\LVN
2017-10-06 07:49 - 2017-08-08 07:27 - 000000000 ____D C:\Users\Odehnalova\AppData\Local\Skype
2017-10-06 07:49 - 2010-08-27 02:59 - 000737470 _____ C:\Windows\system32\perfh005.dat
2017-10-06 07:49 - 2010-08-27 02:59 - 000167156 _____ C:\Windows\system32\perfc005.dat
2017-10-06 07:49 - 2009-07-25 14:54 - 001776508 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-06 07:49 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2017-10-06 07:47 - 2015-01-29 12:52 - 000000000 ____D C:\BANKA
2017-10-06 07:44 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-05 15:28 - 2017-07-13 13:18 - 000000000 ____D C:\Users\Odehnalova\Documents\Enpass
2017-10-05 13:43 - 2017-03-05 15:11 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-10-05 13:43 - 2017-03-05 15:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-10-05 11:50 - 2015-09-30 08:16 - 000000446 ____H C:\Windows\Tasks\Norton Security Scan for Nejezova.job
2017-10-05 07:53 - 2010-09-13 21:55 - 000000000 ____D C:\Program Files\Opera
2017-10-02 08:35 - 2017-04-25 13:35 - 000172544 _____ C:\Users\Odehnalova\Desktop\plánovací kalendář.xls
2017-10-02 08:26 - 2012-09-18 09:56 - 000000000 ____D C:\Program Files\TeamViewer
2017-09-27 08:28 - 2017-03-30 15:35 - 000000891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-26 13:32 - 2014-07-21 12:54 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-22 12:32 - 2017-04-12 15:24 - 000000000 ____D C:\Users\Odehnalova\Evernote
2017-09-21 14:26 - 2017-07-10 16:45 - 000010487 _____ C:\Users\Odehnalova\Desktop\daňový a platební kalendář.xlsx
2017-09-19 10:36 - 2009-07-14 06:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-09-15 09:00 - 2017-07-13 13:17 - 000000000 ____D C:\Program Files\Enpass
2017-09-13 12:10 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2017-09-13 08:16 - 2009-07-14 06:33 - 000446384 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-13 08:02 - 2009-07-14 04:04 - 000000478 _____ C:\Windows\win.ini
2017-09-13 08:00 - 2013-08-15 15:23 - 000000000 ____D C:\Windows\system32\MRT
2017-09-13 07:53 - 2010-09-19 18:41 - 135337392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-11 17:02 - 2012-05-27 12:20 - 000002274 ____H C:\Users\Odehnalova\Documents\Default.rdp
2017-09-07 15:13 - 2016-04-14 12:22 - 000002151 _____ C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormApps Signing Extension.lnk
2017-09-07 10:50 - 2017-07-03 10:41 - 000001906 _____ C:\Users\Public\Desktop\Datovka.lnk
==================== Files in the root of some directories =======
2017-04-12 13:54 - 2017-05-04 16:29 - 000001861 _____ () C:\Users\Odehnalova\AppData\Roaming\cccalc.txt
2016-01-04 19:35 - 2016-01-04 19:35 - 000012996 _____ () C:\Users\Odehnalova\AppData\Local\recently-used.xbel
2015-08-21 13:25 - 2015-08-21 13:25 - 000007597 _____ () C:\Users\Odehnalova\AppData\Local\Resmon.ResmonCfg
2014-04-22 09:13 - 2012-08-31 15:08 - 000024772 _____ () C:\ProgramData\P1100DEF.css
2014-04-22 09:13 - 2014-04-22 12:46 - 000004188 _____ () C:\ProgramData\P1100OS.HTM
2014-04-22 09:13 - 2012-08-31 15:08 - 000002944 _____ () C:\ProgramData\P1100SIG.GIF
2015-10-02 13:03 - 2015-10-02 13:03 - 000000055 _____ () C:\ProgramData\pconfig.dat
Files to move or delete:
====================
C:\ProgramData\pconfig.dat
Some files in TEMP:
====================
2017-04-12 13:32 - 2017-04-12 13:32 - 000739904 _____ (Oracle Corporation) C:\Users\Odehnalova\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-07-07 14:50 - 2017-07-07 14:50 - 000739904 _____ (Oracle Corporation) C:\Users\Odehnalova\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-07-21 09:52 - 2017-07-21 09:52 - 000739904 _____ (Oracle Corporation) C:\Users\Odehnalova\AppData\Local\Temp\jre-8u141-windows-au.exe
2017-05-19 13:21 - 2015-07-02 22:36 - 000098760 _____ () C:\Users\Odehnalova\AppData\Local\Temp\LMkRstPt.exe
2012-05-27 12:41 - 2010-11-18 20:36 - 000469256 _____ (Microsoft Corporation) C:\Users\Odehnalova\AppData\Local\Temp\MSN55FE.exe
2014-01-13 13:46 - 2012-09-27 02:28 - 000608160 _____ (HP) C:\Users\Odehnalova\AppData\Local\Temp\siinst.exe
2017-08-08 07:11 - 2017-09-06 07:54 - 058881488 _____ (Skype Technologies S.A.) C:\Users\Odehnalova\AppData\Local\Temp\SkypeSetup.exe
2014-01-13 13:46 - 2012-09-26 07:57 - 000270336 ____R (HP) C:\Users\Odehnalova\AppData\Local\Temp\strings.dll
2017-07-03 14:00 - 2017-07-03 14:00 - 014456872 _____ (Microsoft Corporation) C:\Users\Odehnalova\AppData\Local\Temp\vc_redist.x86.exe
2017-05-09 13:31 - 2017-05-09 13:46 - 000503808 _____ () C:\Users\Odehnalova\AppData\Local\Temp\xuninst.exe
2017-07-11 19:55 - 2015-07-25 00:41 - 000227632 _____ () C:\Users\Odehnalova\AppData\Local\Temp\YandexWorking.exe
2015-09-21 14:54 - 2015-09-21 14:54 - 059332560 _____ (YANDEX LLC) C:\Users\Odehnalova\AppData\Local\Temp\{D08980EA-D8BC-42E3-9B1D-35A68F25908D}.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\drivers\SafeBoot.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
LastRegBack: 2017-10-02 12:01
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:195.31 GB) (Free:88.94 GB) NTFS
Drive d: () (Fixed) (Total:27.9 GB) (Free:25.22 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:9.4 GB) (Free:1.16 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive z: (Spolecne) (Network) (Total:2746.12 GB) (Free:646.33 GB) NTFS
Available physical RAM: 281.59 MB
Total physical RAM: 2013.18 MB
Percentage of memory in use: 86%
==================== MBR and Partition Table ==================
ShortcutWithArgument: C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1920,1080
Disk: 0 (Size: 232.9 GB) (Disk ID: 8A214CD1)
Partition 1: (Not Active) - (Size=27.9 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=285 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=9.4 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Norton Security Scan for Nejezova.job => C:\PROGRA~1\NORTON~2\Engine\410~1.28\Nss.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Endpoint Security 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Endpoint Security 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Odehnalova\Desktop" je 177 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BATINDICATOR
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Remote Solution
%ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv
c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchHPOSIAPP
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\311~1.376\SSSCHE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Asistentka (administrator) on ZT01 (06-10-2017 10:12:20)
Running from C:\Users\Odehnalova\Desktop
Loaded Profiles: Asistentka (Available Profiles: Asistentka & supervisor & servicezt)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Program Files\bkwin\MSSQL10.BANKKLIENT\MSSQL\Binn\sqlservr.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
() C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
() C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(TheBestWare Studio) C:\Users\Odehnalova\AppData\Local\RadioSure\RadioSure.exe
(PortableApps.com) D:\Kotas\Stažené soubory\sPortable\sPortable.exe
(Skype Technologies S.A.) D:\Kotas\Stažené soubory\sPortable\App\Skype\Phone\Skype.exe
(Igor Nys) D:\Kotas\Stažené soubory\trayit_4_6_5_5\trayit_4_6_5_5\TrayIt!.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Odehnalova\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HP KEYBOARDx] => C:\Program Files\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [710656 2010-02-11] (Hewlett-Packard)
HKLM\...\Run: [File Sanitizer] => c:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11265536 2009-12-12] (Hewlett-Packard)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Security\egui.exe [3154464 2012-07-04] (ESET)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2312824 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll [2009-12-07] (Hewlett-Packard Limited)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2015-07-02] (Logitech, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2017-04-18]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NABIDKA.BAT – zástupce.lnk [2012-06-01]
ShortcutTarget: NABIDKA.BAT – zástupce.lnk -> \\192.168.1.2\logon\NABIDKA.BAT (No File)
Startup: C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2017-04-18]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\supervisor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2010-09-14]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 46.149.113.2 46.149.114.2
Tcpip\..\Interfaces\{30A5800C-5E11-4B50-BFFA-97DE61F16C76}: [NameServer] 46.149.113.2,46.149.114.2
Tcpip\..\Interfaces\{30A5800C-5E11-4B50-BFFA-97DE61F16C76}: [DhcpNameServer] 46.149.113.2 46.149.114.2
Tcpip\..\Interfaces\{6A574274-DF76-4564-87F2-58D73C87A723}: [DhcpNameServer] 46.149.113.2 46.149.114.2
Internet Explorer:
==================
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {8774FF92-5A2A-4A1E-B9BB-E8AF75FAF47A} URL = hxxp://cs.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> DefaultScope {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> 5D9E87C0835985E6ECFDA47CFB85A0D7 URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> 9AD75295584257283115265E19ACAB59 URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> A6EA7C9AFD9EADB6FA6C303BD0AFD631 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> D371263FA8D65ABB9B0CF2EBDD6C0081 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
BHO: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-12-12] (Hewlett-Packard)
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2010-01-22] (DigitalPersona, Inc.)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2017-09-20] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Визуальные закладки -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> C:\Program Files\Yandex\FastDial\fastdialhost.dll => No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-21] (Oracle Corporation)
Toolbar: HKLM - Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
Toolbar: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0060-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab
FireFox:
========
FF ProfilePath: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2017-10-06]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\nahd6ha2.default -> Seznam
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\nahd6ha2.default -> Seznam
FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> about:home
FF Extension: (FireGestures) - C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\firegestures@xuldev.org.xpi [2017-06-12]
FF Extension: (Enpass Password Manager) - C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\jid1-TPTs1Z1UvUn2fA@jetpack.xpi [2017-07-28]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-06]
FF Extension: (FormApps Extension) - C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2017-09-07]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\firmy.cz-081544.xml [2015-09-30]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\mapy.cz-081544.xml [2015-09-30]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\seznam.cz-081544.xml [2015-09-30]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\videa.seznam.cz-081544.xml [2015-09-30]
FF SearchPlugin: C:\Users\Odehnalova\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\zbozi.cz-081544.xml [2015-09-30]
FF Extension: (Activity Stream) - C:\Program Files\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi [2017-10-05] [not signed]
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2010-08-27] [not signed]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-07-12] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird
FF Extension: (ESET Endpoint Security Extension) - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird [2012-11-13] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://go.cz.bbelements.com/please/redirect/19627/2/10/7/!uwi=1920,uhe=1080,uce=1,ibbid=BBID-01-00812596125214784,ibb_device_id=0,param=583281/530165_1_?
CHR Profile: C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default [2017-10-06]
CHR Extension: (Dokumenty Google) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05]
CHR Extension: (YouTube) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Adobe Acrobat) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-01]
CHR Extension: (FormApps Extension) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-08-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-01]
CHR Extension: (Gmail) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Odehnalova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-01]
CHR HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808 2010-01-22] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [999704 2012-07-04] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [183944 2012-07-04] (ESET)
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [362040 2009-12-07] (Hewlett-Packard Ltd)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [121344 2010-06-11] (Hewlett-Packard Company) [File not signed]
S2 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2010-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-02-02] (McAfee, Inc.)
R2 HPFSService; c:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2009-12-12] (Hewlett-Packard) [File not signed]
R2 MSSQL$BANKKLIENT; C:\Program Files\bkwin\MSSQL10.BANKKLIENT\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
S4 SQLAgent$BANKKLIENT; C:\Program Files\bkwin\MSSQL10.BANKKLIENT\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [32312 2009-10-21] (Hewlett-Packard Development Company L.P.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [172704 2012-07-10] (ESET)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389456 2015-09-30] (Symantec Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [123760 2012-03-29] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [154160 2012-03-29] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [33656 2012-03-29] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51136 2012-03-29] (ESET)
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [38416 2015-06-18] (Logitech, Inc.)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
S3 MonitorFunction; C:\Windows\System32\DRIVERS\TVMonitor.sys [13304 2016-11-28] (TeamViewer GmbH)
S3 OxPPort; C:\Windows\system32\DRIVERS\OxPPort.sys [82048 2008-07-31] (OEM)
S3 OxSer; C:\Windows\system32\DRIVERS\OxSer.sys [83888 2009-09-16] (OEM)
R1 RsvLock; C:\Windows\system32\Drivers\RsvLock.sys [40088 2010-02-02] (McAfee, Inc.)
R0 SafeBoot; C:\Windows\system32\Drivers\SafeBoot.sys [110520 2010-02-02] () [File not signed]
R0 SbAlg; C:\Windows\system32\Drivers\SbAlg.sys [51800 2010-02-02] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\system32\Drivers\SbFsLock.sys [13256 2010-02-02] (McAfee, Inc.)
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [75776 2010-08-27] (Microsoft Corporation) [File not signed]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-06 10:12 - 2017-10-06 10:12 - 000021675 _____ C:\Users\Odehnalova\Desktop\FRST.txt
2017-10-06 10:12 - 2017-10-06 10:12 - 000000000 ____D C:\Users\Odehnalova\Desktop\FRST-OlderVersion
2017-10-06 10:10 - 2017-10-06 10:10 - 000001154 _____ C:\Users\Odehnalova\Desktop\AdwCleaner[S2].txt
2017-10-06 07:49 - 2017-10-06 07:49 - 000000000 ____D C:\Users\Odehnalova\AppData\Roaming\SkypePM
2017-10-05 13:43 - 2017-10-05 13:43 - 000001748 _____ C:\Users\Odehnalova\Desktop\AdwCleaner[S0].txt
2017-10-05 13:40 - 2017-10-06 10:09 - 000000000 ____D C:\AdwCleaner
2017-10-05 13:39 - 2017-10-05 13:39 - 008250832 _____ (Malwarebytes) C:\Users\Odehnalova\Desktop\adwcleaner_7.0.3.1.exe
2017-10-03 09:32 - 2017-10-03 09:32 - 000060242 _____ C:\Users\Odehnalova\Desktop\info.txt
2017-10-03 09:09 - 2017-10-03 09:09 - 000011700 _____ C:\Users\Odehnalova\Desktop\Addition.zip
2017-10-03 09:05 - 2017-10-03 09:21 - 000000000 ____D C:\Program Files\trend micro
2017-10-03 09:05 - 2017-10-03 09:05 - 001107968 _____ C:\Users\Odehnalova\Desktop\RSIT.exe
2017-10-03 09:01 - 2017-10-06 10:12 - 000000000 ____D C:\FRST
2017-10-03 08:56 - 2017-10-06 10:12 - 001796096 _____ (Farbar) C:\Users\Odehnalova\Desktop\FRST.exe
2017-10-02 16:05 - 2017-10-02 15:57 - 000387864 _____ C:\Users\Odehnalova\Desktop\20171002155845.pdf
2017-10-02 09:49 - 2017-10-02 09:49 - 000012706 _____ C:\Users\Odehnalova\Desktop\2017.09.26._ZT-energy-s.r.o._Plná-moc_20170922124515.pdf
2017-09-27 10:27 - 2017-09-27 10:27 - 000137182 _____ C:\Users\Odehnalova\Desktop\ELDP 2013_seznam.pdf
2017-09-26 13:35 - 2017-09-26 13:35 - 000000559 _____ C:\Users\Odehnalova\Desktop\ONZ_ZT ener.xml
2017-09-26 10:20 - 2017-09-27 08:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2017-09-13 07:43 - 2017-08-16 16:50 - 002403328 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-13 07:43 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-13 07:43 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-13 07:43 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-13 07:43 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-13 07:43 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-13 07:43 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-13 07:43 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-09-13 07:42 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-13 07:42 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-13 07:42 - 2017-08-16 02:25 - 000347336 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-13 07:42 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-13 07:42 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-13 07:42 - 2017-08-15 16:01 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-09-13 07:42 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-13 07:42 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-13 07:42 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-13 07:42 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-13 07:42 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-13 07:42 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-13 07:42 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-13 07:42 - 2017-08-13 18:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-09-13 07:42 - 2017-08-13 18:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-09-13 07:42 - 2017-08-13 18:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-09-13 07:42 - 2017-08-13 18:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-09-13 07:42 - 2017-08-13 18:29 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-09-13 07:42 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-13 07:42 - 2017-08-13 18:22 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-09-13 07:42 - 2017-08-13 18:21 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-09-13 07:42 - 2017-08-13 18:19 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-09-13 07:42 - 2017-08-13 18:18 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-13 07:42 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-13 07:42 - 2017-08-13 18:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-13 07:42 - 2017-08-13 18:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-09-13 07:42 - 2017-08-13 18:10 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-13 07:42 - 2017-08-13 18:01 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-13 07:42 - 2017-08-13 18:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-13 07:42 - 2017-08-13 18:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-09-13 07:42 - 2017-08-13 17:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-09-13 07:42 - 2017-08-13 17:53 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-09-13 07:42 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-13 07:42 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-13 07:42 - 2017-08-13 17:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-13 07:42 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-13 07:42 - 2017-08-13 17:43 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-09-13 07:42 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-13 07:42 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-13 07:42 - 2017-08-11 08:24 - 004001000 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-09-13 07:42 - 2017-08-11 08:24 - 003945704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-13 07:42 - 2017-08-11 08:24 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-13 07:42 - 2017-08-11 08:24 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-13 07:42 - 2017-08-11 08:21 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 08:10 - 000066048 _____ C:\Windows\system32\PrintBrmUi.exe
2017-09-13 07:42 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-13 07:42 - 2017-08-11 08:09 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-13 07:42 - 2017-08-11 08:09 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-13 07:42 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-13 07:42 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-13 07:42 - 2017-08-11 08:00 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-13 07:42 - 2017-08-11 08:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-09-13 07:42 - 2017-08-11 08:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-13 07:42 - 2017-08-11 08:00 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-13 07:42 - 2017-08-11 08:00 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-13 07:42 - 2017-08-11 07:58 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-13 07:42 - 2017-08-11 07:58 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-13 07:42 - 2017-08-11 07:56 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-13 07:42 - 2017-08-11 07:56 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-13 07:42 - 2017-08-11 07:55 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-13 07:42 - 2017-08-11 07:55 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-13 07:42 - 2017-08-11 07:55 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-13 07:42 - 2017-08-11 07:55 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-13 07:42 - 2017-08-11 07:55 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 07:42 - 2017-08-11 07:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-07 15:13 - 2017-09-07 15:13 - 000000000 ____D C:\Users\Odehnalova\AppData\Local\Software602
2017-09-07 10:50 - 2017-09-07 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CZ.NIC
2017-09-06 10:02 - 2017-10-02 17:28 - 000011765 _____ C:\Users\Odehnalova\Desktop\sklad změna číslování.xlsx
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-06 10:10 - 2017-03-05 15:12 - 000000000 ____D C:\Users\Odehnalova\AppData\LocalLow\Mozilla
2017-10-06 10:08 - 2012-05-27 12:19 - 000000000 ____D C:\Users\Odehnalova\Documents\Soubory aplikace Outlook
2017-10-06 09:00 - 2017-06-15 10:24 - 000000000 ____D C:\Users\Odehnalova\AppData\Roaming\.dsgui
2017-10-06 08:34 - 2012-05-27 12:19 - 000000000 ____D C:\Users\Odehnalova\Documents\Finanční kontrola
2017-10-06 08:20 - 2017-07-10 15:32 - 000336896 _____ C:\Users\Odehnalova\Desktop\Moje_dochazka_2017_V2_19-1.xls
2017-10-06 08:18 - 2012-05-27 12:19 - 000000000 ____D C:\Users\Odehnalova\Documents\Dopisy
2017-10-06 08:03 - 2009-07-14 06:34 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-06 08:03 - 2009-07-14 06:34 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-06 07:58 - 2017-03-05 11:16 - 000000000 ____D C:\Users\Odehnalova\Desktop\LVN
2017-10-06 07:49 - 2017-08-08 07:27 - 000000000 ____D C:\Users\Odehnalova\AppData\Local\Skype
2017-10-06 07:49 - 2010-08-27 02:59 - 000737470 _____ C:\Windows\system32\perfh005.dat
2017-10-06 07:49 - 2010-08-27 02:59 - 000167156 _____ C:\Windows\system32\perfc005.dat
2017-10-06 07:49 - 2009-07-25 14:54 - 001776508 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-06 07:49 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2017-10-06 07:47 - 2015-01-29 12:52 - 000000000 ____D C:\BANKA
2017-10-06 07:44 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-05 15:28 - 2017-07-13 13:18 - 000000000 ____D C:\Users\Odehnalova\Documents\Enpass
2017-10-05 13:43 - 2017-03-05 15:11 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-10-05 13:43 - 2017-03-05 15:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-10-05 11:50 - 2015-09-30 08:16 - 000000446 ____H C:\Windows\Tasks\Norton Security Scan for Nejezova.job
2017-10-05 07:53 - 2010-09-13 21:55 - 000000000 ____D C:\Program Files\Opera
2017-10-02 08:35 - 2017-04-25 13:35 - 000172544 _____ C:\Users\Odehnalova\Desktop\plánovací kalendář.xls
2017-10-02 08:26 - 2012-09-18 09:56 - 000000000 ____D C:\Program Files\TeamViewer
2017-09-27 08:28 - 2017-03-30 15:35 - 000000891 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-26 13:32 - 2014-07-21 12:54 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-22 12:32 - 2017-04-12 15:24 - 000000000 ____D C:\Users\Odehnalova\Evernote
2017-09-21 14:26 - 2017-07-10 16:45 - 000010487 _____ C:\Users\Odehnalova\Desktop\daňový a platební kalendář.xlsx
2017-09-19 10:36 - 2009-07-14 06:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-09-15 09:00 - 2017-07-13 13:17 - 000000000 ____D C:\Program Files\Enpass
2017-09-13 12:10 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\rescache
2017-09-13 08:16 - 2009-07-14 06:33 - 000446384 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-13 08:02 - 2009-07-14 04:04 - 000000478 _____ C:\Windows\win.ini
2017-09-13 08:00 - 2013-08-15 15:23 - 000000000 ____D C:\Windows\system32\MRT
2017-09-13 07:53 - 2010-09-19 18:41 - 135337392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-11 17:02 - 2012-05-27 12:20 - 000002274 ____H C:\Users\Odehnalova\Documents\Default.rdp
2017-09-07 15:13 - 2016-04-14 12:22 - 000002151 _____ C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormApps Signing Extension.lnk
2017-09-07 10:50 - 2017-07-03 10:41 - 000001906 _____ C:\Users\Public\Desktop\Datovka.lnk
==================== Files in the root of some directories =======
2017-04-12 13:54 - 2017-05-04 16:29 - 000001861 _____ () C:\Users\Odehnalova\AppData\Roaming\cccalc.txt
2016-01-04 19:35 - 2016-01-04 19:35 - 000012996 _____ () C:\Users\Odehnalova\AppData\Local\recently-used.xbel
2015-08-21 13:25 - 2015-08-21 13:25 - 000007597 _____ () C:\Users\Odehnalova\AppData\Local\Resmon.ResmonCfg
2014-04-22 09:13 - 2012-08-31 15:08 - 000024772 _____ () C:\ProgramData\P1100DEF.css
2014-04-22 09:13 - 2014-04-22 12:46 - 000004188 _____ () C:\ProgramData\P1100OS.HTM
2014-04-22 09:13 - 2012-08-31 15:08 - 000002944 _____ () C:\ProgramData\P1100SIG.GIF
2015-10-02 13:03 - 2015-10-02 13:03 - 000000055 _____ () C:\ProgramData\pconfig.dat
Files to move or delete:
====================
C:\ProgramData\pconfig.dat
Some files in TEMP:
====================
2017-04-12 13:32 - 2017-04-12 13:32 - 000739904 _____ (Oracle Corporation) C:\Users\Odehnalova\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-07-07 14:50 - 2017-07-07 14:50 - 000739904 _____ (Oracle Corporation) C:\Users\Odehnalova\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-07-21 09:52 - 2017-07-21 09:52 - 000739904 _____ (Oracle Corporation) C:\Users\Odehnalova\AppData\Local\Temp\jre-8u141-windows-au.exe
2017-05-19 13:21 - 2015-07-02 22:36 - 000098760 _____ () C:\Users\Odehnalova\AppData\Local\Temp\LMkRstPt.exe
2012-05-27 12:41 - 2010-11-18 20:36 - 000469256 _____ (Microsoft Corporation) C:\Users\Odehnalova\AppData\Local\Temp\MSN55FE.exe
2014-01-13 13:46 - 2012-09-27 02:28 - 000608160 _____ (HP) C:\Users\Odehnalova\AppData\Local\Temp\siinst.exe
2017-08-08 07:11 - 2017-09-06 07:54 - 058881488 _____ (Skype Technologies S.A.) C:\Users\Odehnalova\AppData\Local\Temp\SkypeSetup.exe
2014-01-13 13:46 - 2012-09-26 07:57 - 000270336 ____R (HP) C:\Users\Odehnalova\AppData\Local\Temp\strings.dll
2017-07-03 14:00 - 2017-07-03 14:00 - 014456872 _____ (Microsoft Corporation) C:\Users\Odehnalova\AppData\Local\Temp\vc_redist.x86.exe
2017-05-09 13:31 - 2017-05-09 13:46 - 000503808 _____ () C:\Users\Odehnalova\AppData\Local\Temp\xuninst.exe
2017-07-11 19:55 - 2015-07-25 00:41 - 000227632 _____ () C:\Users\Odehnalova\AppData\Local\Temp\YandexWorking.exe
2015-09-21 14:54 - 2015-09-21 14:54 - 059332560 _____ (YANDEX LLC) C:\Users\Odehnalova\AppData\Local\Temp\{D08980EA-D8BC-42E3-9B1D-35A68F25908D}.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\drivers\SafeBoot.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
LastRegBack: 2017-10-02 12:01
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:195.31 GB) (Free:88.94 GB) NTFS
Drive d: () (Fixed) (Total:27.9 GB) (Free:25.22 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:9.4 GB) (Free:1.16 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive z: (Spolecne) (Network) (Total:2746.12 GB) (Free:646.33 GB) NTFS
Available physical RAM: 281.59 MB
Total physical RAM: 2013.18 MB
Percentage of memory in use: 86%
==================== MBR and Partition Table ==================
ShortcutWithArgument: C:\Users\Odehnalova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1920,1080
Disk: 0 (Size: 232.9 GB) (Disk ID: 8A214CD1)
Partition 1: (Not Active) - (Size=27.9 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=285 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=9.4 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Norton Security Scan for Nejezova.job => C:\PROGRA~1\NORTON~2\Engine\410~1.28\Nss.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Endpoint Security 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Endpoint Security 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Odehnalova\Desktop" je 177 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BATINDICATOR
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Remote Solution
%ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv
c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchHPOSIAPP
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\311~1.376\SSSCHE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení počítače
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
ShortcutTarget: NABIDKA.BAT – zástupce.lnk -> \\192.168.1.2\logon\NABIDKA.BAT (No File)
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Визуальные закладки -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> C:\Program Files\Yandex\FastDial\fastdialhost.dll => No File
Toolbar: HKLM - Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
Toolbar: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\pconfig.dat
C:\Users\Odehnalova\AppData\Local\Temp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalení počítače
Fix result of Farbar Recovery Scan Tool (x86) Version: 08-10-2017
Ran by Asistentka (09-10-2017 08:09:08) Run:2
Running from C:\Users\Odehnalova\Desktop
Loaded Profiles: Asistentka (Available Profiles: Asistentka & supervisor & servicezt)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
ShortcutTarget: NABIDKA.BAT – zástupce.lnk -> \\192.168.1.2\logon\NABIDKA.BAT (No File)
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Визуальные закладки -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> C:\Program Files\Yandex\FastDial\fastdialhost.dll => No File
Toolbar: HKLM - Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
Toolbar: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\pconfig.dat
C:\Users\Odehnalova\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value not found.
ShortcutTarget: NABIDKA.BAT – zástupce.lnk -> \\192.168.1.2\logon\NABIDKA.BAT (No File) => not found.
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} => key not found.
HKLM\Software\Classes\CLSID\{03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => key not found.
HKLM\Software\Classes\CLSID\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{91397D20-1446-11D4-8AF4-0040CA1127B6} => value not found.
HKLM\Software\Classes\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => key not found.
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{91397D20-1446-11D4-8AF4-0040CA1127B6} => value not found.
HKLM\Software\Classes\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => key not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key not found.
"C:\ProgramData\pconfig.dat" => not found.
"C:\Users\Odehnalova\AppData\Local\Temp" folder move:
Could not move "C:\Users\Odehnalova\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10268817 B
Java, Flash, Steam htmlcache => 740 B
Windows/system/drivers => 1266527155 B
Edge => 0 B
Chrome => 585768170 B
Firefox => 131815664 B
Opera => 19169705 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 38904184 B
LocalService => 82612 B
NetworkService => 932734 B
Odehnalova => 38275833389 B
supervisor => 93855648 B
servicezt => 306203 B
RecycleBin => 1880 B
EmptyTemp: => 37.7 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 09-10-2017 09:15:07)
C:\Users\Odehnalova\AppData\Local\Temp => moved successfully
==== End of Fixlog 09:15:07 ====
Ran by Asistentka (09-10-2017 08:09:08) Run:2
Running from C:\Users\Odehnalova\Desktop
Loaded Profiles: Asistentka (Available Profiles: Asistentka & supervisor & servicezt)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
ShortcutTarget: NABIDKA.BAT – zástupce.lnk -> \\192.168.1.2\logon\NABIDKA.BAT (No File)
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Визуальные закладки -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> C:\Program Files\Yandex\FastDial\fastdialhost.dll => No File
Toolbar: HKLM - Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
Toolbar: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\pconfig.dat
C:\Users\Odehnalova\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value not found.
ShortcutTarget: NABIDKA.BAT – zástupce.lnk -> \\192.168.1.2\logon\NABIDKA.BAT (No File) => not found.
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} => key not found.
HKLM\Software\Classes\CLSID\{03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => key not found.
HKLM\Software\Classes\CLSID\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{91397D20-1446-11D4-8AF4-0040CA1127B6} => value not found.
HKLM\Software\Classes\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => key not found.
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{91397D20-1446-11D4-8AF4-0040CA1127B6} => value not found.
HKLM\Software\Classes\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => key not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key not found.
"C:\ProgramData\pconfig.dat" => not found.
"C:\Users\Odehnalova\AppData\Local\Temp" folder move:
Could not move "C:\Users\Odehnalova\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10268817 B
Java, Flash, Steam htmlcache => 740 B
Windows/system/drivers => 1266527155 B
Edge => 0 B
Chrome => 585768170 B
Firefox => 131815664 B
Opera => 19169705 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 38904184 B
LocalService => 82612 B
NetworkService => 932734 B
Odehnalova => 38275833389 B
supervisor => 93855648 B
servicezt => 306203 B
RecycleBin => 1880 B
EmptyTemp: => 37.7 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 09-10-2017 09:15:07)
C:\Users\Odehnalova\AppData\Local\Temp => moved successfully
==== End of Fixlog 09:15:07 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení počítače
Spusťte to ještě jednou a před mazáním vypněte antivir, něco z fixlistu nebylo smazáno.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalení počítače
Fix result of Farbar Recovery Scan Tool (x86) Version: 08-10-2017
Ran by Asistentka (10-10-2017 08:03:48) Run:3
Running from C:\Users\Odehnalova\Desktop
Loaded Profiles: Asistentka (Available Profiles: Asistentka & supervisor & servicezt)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
ShortcutTarget: NABIDKA.BAT – zástupce.lnk -> \\192.168.1.2\logon\NABIDKA.BAT (No File)
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Визуальные закладки -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> C:\Program Files\Yandex\FastDial\fastdialhost.dll => No File
Toolbar: HKLM - Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
Toolbar: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\pconfig.dat
C:\Users\Odehnalova\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value not found.
ShortcutTarget: NABIDKA.BAT – zástupce.lnk -> \\192.168.1.2\logon\NABIDKA.BAT (No File) => not found.
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} => key not found.
HKLM\Software\Classes\CLSID\{03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => key not found.
HKLM\Software\Classes\CLSID\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{91397D20-1446-11D4-8AF4-0040CA1127B6} => value not found.
HKLM\Software\Classes\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => key not found.
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{91397D20-1446-11D4-8AF4-0040CA1127B6} => value not found.
HKLM\Software\Classes\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => key not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key not found.
"C:\ProgramData\pconfig.dat" => not found.
"C:\Users\Odehnalova\AppData\Local\Temp" folder move:
Could not move "C:\Users\Odehnalova\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12154741 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 12552 B
Edge => 0 B
Chrome => 0 B
Firefox => 17869204 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 0 B
Odehnalova => 79035282 B
supervisor => 0 B
servicezt => 0 B
RecycleBin => 0 B
EmptyTemp: => 112 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 10-10-2017 08:06:50)
C:\Users\Odehnalova\AppData\Local\Temp => moved successfully
==== End of Fixlog 08:06:51 ====
Ran by Asistentka (10-10-2017 08:03:48) Run:3
Running from C:\Users\Odehnalova\Desktop
Loaded Profiles: Asistentka (Available Profiles: Asistentka & supervisor & servicezt)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
ShortcutTarget: NABIDKA.BAT – zástupce.lnk -> \\192.168.1.2\logon\NABIDKA.BAT (No File)
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Визуальные закладки -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> C:\Program Files\Yandex\FastDial\fastdialhost.dll => No File
Toolbar: HKLM - Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
Toolbar: HKU\S-1-5-21-3806084889-3394135987-1370004689-1002 -> Элементы Яндекса - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\Elements\bartabhost.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\pconfig.dat
C:\Users\Odehnalova\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value not found.
ShortcutTarget: NABIDKA.BAT – zástupce.lnk -> \\192.168.1.2\logon\NABIDKA.BAT (No File) => not found.
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} => key not found.
HKLM\Software\Classes\CLSID\{03916D3B-E7C3-4C5D-B0CA-62FF793E82AC} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => key not found.
HKLM\Software\Classes\CLSID\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{91397D20-1446-11D4-8AF4-0040CA1127B6} => value not found.
HKLM\Software\Classes\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => key not found.
HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{91397D20-1446-11D4-8AF4-0040CA1127B6} => value not found.
HKLM\Software\Classes\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => key not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key not found.
"C:\ProgramData\pconfig.dat" => not found.
"C:\Users\Odehnalova\AppData\Local\Temp" folder move:
Could not move "C:\Users\Odehnalova\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12154741 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 12552 B
Edge => 0 B
Chrome => 0 B
Firefox => 17869204 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 0 B
Odehnalova => 79035282 B
supervisor => 0 B
servicezt => 0 B
RecycleBin => 0 B
EmptyTemp: => 112 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 10-10-2017 08:06:50)
C:\Users\Odehnalova\AppData\Local\Temp => moved successfully
==== End of Fixlog 08:06:51 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení počítače
Teď je to OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalení počítače
Změna vůbec žádná.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení počítače
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalení počítače
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 11.10.17
Čas skenování: 8:00
Logovací soubor: 7ff02674-ae49-11e7-9a9d-8416f903e156.json
Správce: Ano
-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.2991
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: ZT01\Asistentka
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 368327
Zjištěné hrozby: 5
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 31 min, 54 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 4
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\Yandex.Toolbar, Žádná uživatelská akce, [10], [435197],1.0.2991
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\Yandex.Toolbar.1, Žádná uživatelská akce, [10], [435197],1.0.2991
PUP.Optional.RussAd, HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{91397D20-1446-11D4-8AF4-0040CA1127B6}, Žádná uživatelská akce, [10], [435197],1.0.2991
PUP.Optional.RussAd, HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{91397D20-1446-11D4-8AF4-0040CA1127B6}, Žádná uživatelská akce, [10], [435197],1.0.2991
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 1
Generic.Malware/Suspicious, C:\PROGRAM FILES\WINRAR\KEYGENPATCH.EXE, Žádná uživatelská akce, [0], [392686],1.0.2991
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 11.10.17
Čas skenování: 8:00
Logovací soubor: 7ff02674-ae49-11e7-9a9d-8416f903e156.json
Správce: Ano
-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.2991
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x86
Systém souborů: NTFS
Uživatel: ZT01\Asistentka
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 368327
Zjištěné hrozby: 5
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 31 min, 54 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 4
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\Yandex.Toolbar, Žádná uživatelská akce, [10], [435197],1.0.2991
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\Yandex.Toolbar.1, Žádná uživatelská akce, [10], [435197],1.0.2991
PUP.Optional.RussAd, HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{91397D20-1446-11D4-8AF4-0040CA1127B6}, Žádná uživatelská akce, [10], [435197],1.0.2991
PUP.Optional.RussAd, HKU\S-1-5-21-3806084889-3394135987-1370004689-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{91397D20-1446-11D4-8AF4-0040CA1127B6}, Žádná uživatelská akce, [10], [435197],1.0.2991
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 1
Generic.Malware/Suspicious, C:\PROGRAM FILES\WINRAR\KEYGENPATCH.EXE, Žádná uživatelská akce, [0], [392686],1.0.2991
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení počítače
Všechny nalezené položky smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalení počítače
Smazáno, ale žadná pozitivní změna co se týká zpomalování PC.
Přispějete na provoz fóra?