Your personal files are encrypted -da sa s tim neco udelat?

Zpráva

solide · #16 Příspěvek od **solide** » 17 kvě 2015 08:14

to "C" samozrejme viem ale neviem ked yho mam stlacit aby sa bootovalo z CD. Ked ho drzim pri zapnuti pocitaca nic sa nedeje /seda obrazovka/

#17 Příspěvek od **stell** » 17 kvě 2015 08:26

takto, ako vidim ty budes tazky oriesok.
Teda co vlastne chces??preklopit system alebo vycistit system??
Ak preklopit, doporucujem MAC Forum, ako bootovat z cd.
Ja by som najprv stlacil pri starte>>Alt a potom vybrat cd/dvd, a az potom stlacit C

Alt Zobrazí zařízení, ze kterých lze nabootovat (tzv. Bootovací menu)

Inak na vycistenie systemu tu na Fore viry.cz,velku sancu ti nedavam, preto ze ako vidim je to Firemny pocitac.

Jak tedy mam postupovat abych si take nezaviril v kancelari pevny pocitac? Diky za kazdou, dobrou radu. J

Cize ak by som ti pomohol,tak by som porusil pravidla Fora.

6. Fórum viry.cz se nezabývá odvirováním firemních PC - na toto jsou ve firmách placení (a někdy až hodně nadstandardně) IT technici, případně si je firma může najmout. My jsme tu zdarma a ve svém volném čase, nehodláme dělat práci za někoho jiného, kdo si pak jen slízne smetánku a plat. Taktéž ani neposkytujeme poradenství v oblasti zabezpečení firemních sítí či nastavení firemních sítí. Zkrátka a jednoduše, naše fórum poskytuje podporu pouze domácím uživatelům.

Asi tak....

solide · #18 Příspěvek od **solide** » 17 kvě 2015 08:28

"Kanceláriou" nazyvam izbu v byte kde chodíme ja a moja manzelka na pevny pocitac -:)

solide · #19 Příspěvek od **solide** » 17 kvě 2015 08:30

P.S: a pevny pocitac chvalabohu nemam zavireny, len moj notebook

#20 Příspěvek od **stell** » 17 kvě 2015 08:33

Kanceláriou nazyvam izbu

Cize, skoro si ma presvedcil..

Ak chces preklopit system nie je to potrebne odcervit.
ak nechces preklopit system, tak vloz sem log z FRST, pozriem sa ako to vyzera.

solide · #21 Příspěvek od **solide** » 17 kvě 2015 08:39

Som ferovy clovek a naozaj nepotrebujem klamat. Potreboval by som mat funkcny notebook, lebo zajtra odchadzam so synom na tyzden na chatu kde sa ide ucit na maturity /akademicky tyzden/. Tak som z toho na nervy. System neviem preklopit, lebo ked drzim C tak sa nic nedeje a tak neviem do notebooku dostat zalohu v Acronise . Potreboval by som mat funkcny win7 a hlavne mat istotu ze si nenakazim pevny pocitac, kde mame s manzelkou vela citlivých udajov. Preto by som potreboval aj poradit ako si to vsetko skontrolovat a nainstalovat nejaky program, monitor ktory by v buducnosti takymto aktivitam zabranil. J

solide · #22 Příspěvek od **solide** » 17 kvě 2015 08:52

stell píše:
Kanceláriou nazyvam izbu

Cize, skoro si ma presvedcil..
Ak chces preklopit system nie je to potrebne odcervit.
ak nechces preklopit system, tak vloz sem log z FRST, pozriem sa ako to vyzera.

prikladam log z RST.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by macbook_jano at 2015-05-17 09:49:59
Running from C:\Users\macbook_jano\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3458910134-2776319785-4031348273-500 - Administrator - Disabled)
Guest (S-1-5-21-3458910134-2776319785-4031348273-501 - Limited - Enabled)
macbook_jano (S-1-5-21-3458910134-2776319785-4031348273-1000 - Administrator - Enabled) => C:\Users\macbook_jano

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acronis True Image 2014 (HKLM-x32\...\{77261AC1-DF95-4212-A6AD-19FF44131B80}Visible) (Version: 17.0.5560 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.5560 - Acronis) Hidden
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boot Camp Services (HKLM\...\{FA2B2C2A-EA41-495A-9308-60726125D562}) (Version: 5.0.5241 - Apple Inc.)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - )
EasySync CryptoMonitor (HKLM-x32\...\EasySync CryptoMonitor 2.0.420.0) (Version: 2.0.420.0 - EasySync Solutions)
EasySync CryptoMonitor (Version: 2.0.420.0 - EasySync Solutions) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3131 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PC Translator 2004 Komplet (HKLM-x32\...\PC Translator 2004 Komplet) (Version: - JANOSiK TEAM)
Rajče průvodce verze 1.59.52.267 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
RoboForm 7-7-0 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-7-0 - Siber Systems)
Samsung C460 Series (HKLM-x32\...\Samsung C460 Series) (Version: 1.02 (11. 7. 2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.61 (10. 4. 2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.23.00(3. 5. 2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.40.03 - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.09.14 (5. 2. 2013) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.00.09 (11. 3. 2013) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.00.56.01 - Samsung Electronics Co., Ltd.) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 beta 18 - Ghisler Software GmbH)
Ultra Video Joiner 6.3.0506 (HKLM-x32\...\Ultra Video Joiner_is1) (Version: - Aone Software)
View User's Guide (HKLM-x32\...\View User Guide) (Version: 3.60.02.0 - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Apple Inc. (AppleCamera) Image (05/09/2013 5.0.12.1) (HKLM\...\BDA2D8E25A08A73C0D304ADD9E71AD310A10B3B0) (Version: 05/09/2013 5.0.12.1 - Apple Inc.)
Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Bluetooth (03/01/2010 3.0.0.5) (HKLM\...\EA3C044F6FD39CEC8F4F596836BF4197E97E1D39) (Version: 03/01/2010 3.0.0.5 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Keyboard (05/20/2013 5.0.6.0) (HKLM\...\0A14A5F4C56C9C530EDA1DBD68431EC2634BBEDA) (Version: 05/20/2013 5.0.6.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch (01/30/2013 5.0.1.0) (HKLM\...\689847228640E3A7C06E22F481BBF28CA653E693) (Version: 01/30/2013 5.0.1.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Multitouch Mouse (09/11/2012 4.0.3.0) (HKLM\...\742CB1BDA52EA9F1BBE482DA6DAA17944652B476) (Version: 09/11/2012 4.0.3.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple System Device (01/30/2013 5.0.1.0) (HKLM\...\FE1ADB4DC84F5AA2A637F78FC9986B5520FD4CB3) (Version: 01/30/2013 5.0.1.0 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.)
Windows Driver Package - Apple Inc. Apple Wireless Trackpad (10/29/2011 5.0.0.0) (HKLM\...\551732BB0872DA97E26385C221B172A5BD4DE93C) (Version: 10/29/2011 5.0.0.0 - Apple Inc.)
Windows Driver Package - Broadcom (b57nd60a) Net (09/04/2012 15.4.0.17) (HKLM\...\75E64992A03EC5E73D33586790CC506561DCC5DB) (Version: 09/04/2012 15.4.0.17 - Broadcom)
Windows Driver Package - Broadcom (B57ports) Net (06/16/2009 1.0.0.1) (HKLM\...\FC2077892425ED71A137B1CB6D99A9CA7475435D) (Version: 06/16/2009 1.0.0.1 - Broadcom)
Windows Driver Package - Broadcom (BCM43XX) Net (04/26/2013 6.30.223.75) (HKLM\...\A4120EE3DB767273D45A7230B7CB0F88C542F6EF) (Version: 04/26/2013 6.30.223.75 - Broadcom)
Windows Driver Package - Broadcom Corporation (bScsiSDa) SDHost (08/14/2012 1.0.0.243) (HKLM\...\ADF3AD5C5705E56E7DEA1447D58EFF216BA1223D) (Version: 08/14/2012 1.0.0.243 - Broadcom Corporation)
Windows Driver Package - Cirrus Logic, Inc. (CirrusLFD) MEDIA (04/25/2013 6.6001.3.09) (HKLM\...\90D0A6A7C5A0739103A36550F01E7638A5C95AC7) (Version: 04/25/2013 6.6001.3.09 - Cirrus Logic, Inc.)
Windows Driver Package - Intel (e1express) Net (03/26/2010 9.13.41.0) (HKLM\...\159439476E3A00F9FAE49DD6C1A78F2F6288A5B9) (Version: 03/26/2010 9.13.41.0 - Intel)
Windows Driver Package - Intel (e1kexpress) Net (04/12/2010 11.6.92.0) (HKLM\...\5BEF08C10896D86DC13394FFA75874564B700368) (Version: 04/12/2010 11.6.92.0 - Intel)
Windows Driver Package - Intel (e1qexpress) Net (12/04/2009 11.4.7.0) (HKLM\...\57AFA39B22ADEC4E383572E9331167546EB3C9C7) (Version: 12/04/2009 11.4.7.0 - Intel)
Windows Driver Package - Intel (e1rexpress) Net (01/07/2010 11.4.16.0) (HKLM\...\F71DB41300D30088C8D3716343D1429488E605C1) (Version: 01/07/2010 11.4.16.0 - Intel)
Windows Driver Package - Intel (e1yexpress) Net (04/07/2010 10.1.9.0) (HKLM\...\CB599752301BCA080D135697FDD05900F5A5CF4C) (Version: 04/07/2010 10.1.9.0 - Intel)
Windows Driver Package - Intel System (07/20/2007 1.2.76.0) (HKLM\...\E2708073906571A0B56F17FD825EF19281ECE29B) (Version: 07/20/2007 1.2.76.0 - Intel)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.01 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

16-05-2015 13:39:35 Plánovaný kontrolný bod

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-02-27 10:21 - 00000957 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1FE3F72A-CB7F-4FFD-B38D-51641AFB436E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {220CFD33-3D74-4C83-9E42-6CA01006D383} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {29CC90CB-B0C8-4D2C-B835-50ECE130069B} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [2013-01-26] ()
Task: {4109C379-14DB-40B4-98DC-1176B95BFAD1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {52D52598-0BAE-4C71-A72C-0E6E651D5747} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html? ... JNDJCMMIEJ"
Task: {5D3BE614-72AE-443F-88C5-AFC4F96C9EDF} - System32\Tasks\{6FD19953-EA0C-40E2-9121-040A1F1E2028} => Iexplore.exe http://ui.skype.com/ui/0/7.2.60.103/sk/ ... age=tsBing
Task: {6DAD8685-F73E-4805-9A42-36D3D9DAB5B7} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-02-18] (Siber Systems)
Task: {AE15519E-71F5-4A50-93D5-87FA92F2D77C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-21] (Adobe Systems Incorporated)
Task: {B42A86E1-10BC-4358-8031-8EAC0EC7E295} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B873511D-13F4-4796-A450-C057F65D16D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D0B5E4F7-3167-462C-A05D-294FA8275B4D} - System32\Tasks\CryptoMonitor_SU => C:\Program Files\EasySync Solutions\EasySync CryptoMonitor\CryptoMonitor.exe [2015-05-06] (EasySync Solutions)
Task: {D622047F-431D-4647-8799-332103FD720D} - System32\Tasks\{EF882114-C20D-44AB-A006-FCE7E0D803C5} => Iexplore.exe http://ui.skype.com/ui/0/7.2.60.103/sk/ ... age=tsBing
Task: {E76D6036-46EA-4DC3-815D-ECDC97A6EA10} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-08-23 10:16 - 2013-08-23 10:16 - 02827128 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2014-04-04 16:34 - 2009-11-05 08:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
2014-04-04 16:37 - 2013-05-06 08:03 - 00034304 _____ () C:\Windows\System32\sst9clm.dll
2012-03-09 09:58 - 2012-03-09 09:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2013-09-20 03:10 - 2013-09-20 03:10 - 07801088 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2014-04-04 16:37 - 2013-05-13 11:31 - 01371648 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst9cdu.dll
2013-06-05 18:22 - 2013-06-05 18:22 - 00226144 _____ () C:\Windows\system32\AppleOSSMgr.exe
2014-03-12 09:55 - 2003-04-18 20:06 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2014-03-12 09:55 - 2010-04-10 10:03 - 00077824 _____ () C:\Windows\KMService.exe
2012-10-01 20:36 - 2012-10-01 20:36 - 01408624 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-20 03:04 - 2013-09-20 03:04 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2013-09-20 03:04 - 2013-09-20 03:04 - 00276800 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2013-09-20 03:08 - 2013-09-20 03:08 - 14081688 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2013-09-20 03:04 - 2013-09-20 03:04 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-09-20 03:03 - 2013-09-20 03:03 - 00072000 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2013-01-10 13:43 - 2013-01-10 13:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2014-01-27 22:45 - 2013-04-30 19:01 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-09-20 03:06 - 2013-09-20 03:06 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-08-23 10:58 - 2013-08-23 10:58 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\macbook_jano\Desktop\HELP_RESTORE_FILES.bmp
DNS Servers: 192.168.170.1 - 192.168.210.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: NtVdmSrv => C:\Windows\inf\ntvdm.vbe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{2A075B0C-4077-4982-ABE9-D9474E562A16}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A950758D-668E-49A4-810C-7C3600862411}] => (Allow) C:\Windows\twain_32\Samsung\SLC460\ScanCDLM\ScanCDLM.exe
FirewallRules: [{38D3DD8C-6D05-44D4-82FE-D35C6F346878}] => (Allow) C:\Windows\twain_32\Samsung\SLC460\ScanCDLM\ScanCDLM.exe
FirewallRules: [{1A13983D-958A-4BF6-9B08-ED0714D3A4FB}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{87E19B91-7262-4556-BB3E-AA731A0D4028}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{24FEA6DD-D69E-4B89-AD6F-6733386107CF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{6AFFE6EE-7EE2-4E5C-AD64-C4B30FD91A63}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{A86D8782-934A-4FA1-AAAE-F28BB0BFD65F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{04B97BC4-FA7E-4BF6-92C6-4FAC3367598D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{17550578-CC2B-43C4-8BAB-3CFEFFC42552}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{AF6EDDEA-00A3-415C-9930-B41DF16828E8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{6296E372-9118-404E-9F36-0FCCE6584373}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{0D33BBF9-2DA2-48A7-A852-ACA49B23B152}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{48C0EED2-3603-46EB-AEC2-6A1C06AE8E16}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{2D7283B3-88F3-4388-B959-0C663714B11D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{7D4B025A-DFC6-468C-8F92-B2597C906E67}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{60527652-6349-4E50-9709-EB6AF0BF7D81}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [TCP Query User{BE5C2E46-7FB9-4E42-A58C-5CBA62FDA1F3}C:\program files (x86)\totalcmd\totalcmd64.exe] => (Allow) C:\program files (x86)\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{5F714053-601F-4878-A946-E3AF8C59B112}C:\program files (x86)\totalcmd\totalcmd64.exe] => (Allow) C:\program files (x86)\totalcmd\totalcmd64.exe
FirewallRules: [{39F441DA-3EEA-4F3F-A0D1-64CE0790785E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{6CBCF562-CA11-48BC-B674-7E98CC2DC5E5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F34B043C-51B9-46CF-924D-5661B6B8A9D9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4ACC107B-A971-4F91-BBA1-89A628D2BAF0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BB95BD7C-F27F-4A0E-806D-AE9FC82B33CB}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{951226C5-D093-43B2-9C28-B696E04A26A7}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{46306255-B9DF-4521-8874-A11939AD6494}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{7BD0B155-6223-400D-8D68-0B9F9A98F18B}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{D8FC5236-9A1D-480D-BF09-1D0C81249B26}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{710F62A8-C304-420C-A3FF-7A6FEB1E32EC}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{024C84C0-7288-4B9D-A0F8-1919E7999C4F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{13B704FD-F046-47C2-AD3B-EDFF9B18F122}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{933884CA-9AB5-4F88-AD78-4EA94A1F4FCE}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{F44D818B-4187-44E9-9265-F6E23B6F18B2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{40224AB6-14E1-4564-85A5-272FDBB83930}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4375A7D3-5F56-4724-AFF2-11325101D7F5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2B8B2C0C-7855-4147-81BF-8FEDF0CD05FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0EDB8979-F842-49D1-B131-BA240118BE4D}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{4002721F-DEAC-436A-9D45-939751D307C1}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{A70BEEAD-6E4F-4D4E-912F-2FA26E8D1689}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{BAD41B6F-321B-48C2-B542-576BA3E9EBBF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{AA0C9A89-CD21-4998-8D1B-4A2A152C0613}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{90FD8139-F4EE-4441-9AA4-5E7EEED5DA88}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{CE70B329-AB02-4645-83C1-1E15D32D2799}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{FEB69CD7-296C-4F5D-BC86-B37203B8FC09}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{79F71C11-BB39-4018-B2B0-990855D5F7C9}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

==================== Faulty Device Manager Devices =============

Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/17/2015 09:37:40 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/17/2015 09:37:40 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/17/2015 09:37:40 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/17/2015 09:34:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/17/2015 09:25:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/17/2015 09:25:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/17/2015 09:25:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/17/2015 09:22:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/17/2015 07:44:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: IEXPLORE.EXE, verzia: 11.0.9600.16521, časová značka: 0x53114399
Názov chybového modulu: MSHTML.dll, verzia: 11.0.9600.16659, časová značka: 0x5338aef8
Kód výnimky: 0xc0000409
Odstup chyby: 0x006b18b0
Identifikácia chybného procesu: 0x15d8
Čas spustenia chybnej aplikácie: 0xIEXPLORE.EXE0
Cesta chybnej aplikácie: IEXPLORE.EXE1
Cesta chybného modulu: IEXPLORE.EXE2
Identifikácia hlásenia: IEXPLORE.EXE3

Error: (05/17/2015 07:33:43 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

System errors:
=============
Error: (05/17/2015 09:36:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe:
%%2

Error: (05/17/2015 09:34:19 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
cdrom

Error: (05/17/2015 09:24:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe:
%%2

Error: (05/17/2015 09:22:10 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
cdrom

Error: (05/16/2015 01:18:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe:
%%2

Error: (05/16/2015 01:16:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
cdrom

Error: (05/16/2015 01:13:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 13:08:57 on ‎16. ‎5. ‎2015 was unexpected.

Error: (05/16/2015 01:04:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe:
%%2

Error: (05/16/2015 01:02:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
cdrom

Error: (05/16/2015 00:56:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe:
%%2

Microsoft Office Sessions:
=========================
Error: (05/17/2015 09:37:40 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B8020000002D010000

Error: (05/17/2015 09:37:40 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B120200000000000000AF000000

Error: (05/17/2015 09:37:40 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (05/17/2015 09:34:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/17/2015 09:25:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B8020000002D010000

Error: (05/17/2015 09:25:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B120200000000000000AF000000

Error: (05/17/2015 09:25:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (05/17/2015 09:22:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/17/2015 07:44:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1652153114399MSHTML.dll11.0.9600.166595338aef8c0000409006b18b015d801d0900c5393da2bC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\MSHTML.dllba8fd3f8-fc57-11e4-9549-d0e1409c2163

Error: (05/17/2015 07:33:43 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: 01B8020000002D010000

CodeIntegrity Errors:
===================================
Date: 2015-05-17 09:40:34.811
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-17 09:33:06.766
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-17 09:27:32.720
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-17 07:21:02.922
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-17 07:46:41.609
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-17 07:26:20.344
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-17 07:17:13.454
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-16 21:23:12.275
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-16 20:53:00.818
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-16 20:46:30.334
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4250U CPU @ 1.30GHz
Percentage of memory in use: 25%
Total physical RAM: 8132.55 MB
Available physical RAM: 6024.8 MB
Total Pagefile: 16263.27 MB
Available Pagefile: 13994.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (BOOTCAMP) (Fixed) (Total:48.43 GB) (Free:1.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Macintosh HD) (Fixed) (Total:184.53 GB) (Free:105.99 GB) HFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233.8 GB) (Disk ID: 0DC09DB0)

Partition: GPT Partition Type.
Partition 2: (Not Active) - (Size=184.5 GB) - (Type=AF)
Partition 3: (Not Active) - (Size=620 MB) - (Type=AB)
Partition 4: (Active) - (Size=48.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#23 Příspěvek od **stell** » 17 kvě 2015 09:06

Takto, treba vlozit aj FRST.txt

solide · #24 Příspěvek od **solide** » 17 kvě 2015 09:09

stell píše:Takto, treba vlozit aj FRST.txt

Nech sa paci, tu je:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by macbook_jano (administrator) on MACBOOK_JANO-PC on 17-05-2015 10:08:42
Running from C:\Users\macbook_jano\Desktop
Loaded Profiles: macbook_jano (Available profiles: macbook_jano)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Users\macbook_jano\AppData\Local\jnuakjy.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(forum.viry.cz) C:\Users\macbook_jano\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_169_ActiveX.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\identities.exe
(forum.viry.cz) C:\Users\macbook_jano\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [746336 2013-06-05] (Apple Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [Slu~ba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519504 2013-08-21] (Acronis)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-05-01] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [msninrSrv] => C:\Windows\SysWOW64\msninr.vbe [649 2014-06-23] ()
HKLM-x32\...\Run: [InboxAce EPM Support] => "C:\PROGRA~2\INBOXA~2\bar\1.bin\1gmedint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [InboxAce AppIntegrator 32-bit] => C:\PROGRA~2\INBOXA~2\bar\1.bin\AppIntegrator.exe
HKLM-x32\...\Run: [InboxAce AppIntegrator 64-bit] => C:\PROGRA~2\INBOXA~2\bar\1.bin\AppIntegrator64.exe
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [AVrSvc] => C:\Users\macbook_jano\AppData\Local\jnuakjy.exe [458240 2015-05-12] (Microsoft Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7801088 2013-09-20] ()
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105328 2013-01-10] (Acronis)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2014-02-18] (Siber Systems)
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\...\Run: [AVrSvc] => C:\Users\macbook_jano\AppData\Local\jnuakjy.exe [458240 2015-05-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2014-04-04]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-23] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-23] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-23] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3458910134-2776319785-4031348273-1000 -> {8A3C8824-E351-471E-9A7C-35552567EDDB} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3458910134-2776319785-4031348273-1000 -> {A87199C9-F241-4926-939B-971DD1917172} URL = https://search.yahoo.com/search?fr=chr- ... earchTerms}
SearchScopes: HKU\S-1-5-21-3458910134-2776319785-4031348273-1000 -> {B66E561E-06B5-45CA-BC68-A586C4B086D7} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13] (Siber Systems Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\Program Files\Translat_2014\WebIE.dll [2014-02-12] ()
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13] (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-16] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-16] (Oracle Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13] (Siber Systems Inc.)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files (x86)\PC Translator\webie.dll [2004-05-13] ()
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-3458910134-2776319785-4031348273-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13] (Siber Systems Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://anonymouse.org/cgi-bin/anon-www_ ... wflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.170.1 192.168.210.1 192.168.210.253

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\macbook_jano\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [226144 2013-06-05] ()
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [506928 2013-02-05] (Samsung Electronics Co., Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AppleCamera; C:\Windows\System32\DRIVERS\AppleCamera.sys [1777408 2013-05-09] (Apple Inc.)
R3 applemtp; C:\Windows\System32\DRIVERS\applemtp.sys [39424 2013-01-28] (Apple Inc.)
R0 cbfltfs3; C:\Windows\System32\drivers\cbfltfs3.sys [320192 2015-04-01] (EldoS Corporation)
R3 CirrusLFD; C:\Windows\System32\DRIVERS\CSLFD.sys [53648 2013-05-10] (Cirrus Logic Inc.)
R3 CirrusUFD; C:\Windows\System32\DRIVERS\CSUFD.sys [11416 2013-05-10] (Cirrus Logic Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-04-30] (Intel Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-05-16] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-05-16] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-05-16] (Acronis International GmbH)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 10:08 - 2015-05-17 10:08 - 00029696 _____ () C:\Users\macbook_jano\AppData\Local\MSGBOX.EXE
2015-05-17 10:08 - 2015-05-17 10:08 - 00015327 _____ () C:\Users\macbook_jano\Desktop\LM.bat
2015-05-17 09:49 - 2015-05-17 10:08 - 00016611 _____ () C:\Users\macbook_jano\Desktop\FRST.txt
2015-05-17 09:49 - 2015-05-17 09:48 - 02107392 _____ (Farbar) C:\Users\macbook_jano\Desktop\FRST64.exe
2015-05-17 09:48 - 2015-05-17 09:48 - 02107392 _____ (Farbar) C:\Users\macbook_jano\Downloads\FRST64.exe
2015-05-17 09:47 - 2015-05-17 09:47 - 00024873 _____ () C:\Users\macbook_jano\Desktop\farbar-recovery-scan-tool.htm
2015-05-17 09:46 - 2015-05-17 09:46 - 00112640 _____ (forum.viry.cz) C:\Users\macbook_jano\Desktop\FRSTLauncher.exe
2015-05-17 09:43 - 2015-05-17 10:08 - 00000000 ____D () C:\FRST
2015-05-17 07:28 - 2015-05-17 07:28 - 00009256 _____ () C:\Users\macbook_jano\Downloads\config.bin
2015-05-16 10:07 - 2015-05-16 10:11 - 00000000 ____D () C:\ProgramData\Acronis
2015-05-16 10:07 - 2015-05-16 10:07 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 00183224 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 00161568 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 00117024 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 00001213 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2015-05-16 10:07 - 2015-05-16 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2015-05-16 10:07 - 2015-05-16 10:07 - 00000000 ____D () C:\Program Files (x86)\Acronis
2015-05-15 16:16 - 2015-05-15 16:16 - 00003444 _____ () C:\Windows\System32\Tasks\CryptoMonitor_SU
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\macbook_jano\Downloads\#duxklsjtmjklwkxeikiws
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\macbook_jano\Documents\%kxjreklsjtmjklwkxeexo
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\macbook_jano\Desktop\%klsjtmjklwkxejkfwkzim
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\macbook_jano\AAODFtpockklsjtmjklwkxedcp
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\$tpockklsjtmjklwkxedcp
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\#dhtnqklsjtmjklwkxedgp
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\!ysgsklsjtmjklwkxekgzd
2015-05-15 16:16 - 2015-04-01 16:31 - 00320192 _____ (EldoS Corporation) C:\Windows\system32\Drivers\cbfltfs3.sys
2015-05-15 16:15 - 2015-05-15 16:15 - 00001340 _____ () C:\Users\Public\Desktop\CryptoMonitor.lnk
2015-05-15 16:15 - 2015-05-15 16:15 - 00000000 ____D () C:\Users\macbook_jano\AppData\Roaming\EasySync Solutions
2015-05-15 16:15 - 2015-05-15 16:15 - 00000000 ____D () C:\Users\macbook_jano\AppData\Local\EasySync_Solutions
2015-05-15 16:15 - 2015-05-15 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasySync CryptoMonitor
2015-05-15 16:15 - 2015-05-15 16:15 - 00000000 ____D () C:\ProgramData\Caphyon
2015-05-15 16:15 - 2015-05-15 16:15 - 00000000 ____D () C:\Program Files\EasySync Solutions
2015-05-14 07:27 - 2015-05-14 07:27 - 00035840 _____ () C:\Users\macbook_jano\Documents\rastliny_2015.xls
2015-05-14 07:14 - 2015-05-14 07:14 - 02163454 _____ () C:\Users\macbook_jano\Desktop\HELP_RESTORE_FILES.bmp
2015-05-14 07:14 - 2015-05-14 07:14 - 00001738 _____ () C:\Users\macbook_jano\Desktop\Save_Files.lnk
2015-05-14 07:14 - 2015-05-14 07:14 - 00001355 _____ () C:\Users\macbook_jano\Desktop\HELP_RESTORE_FILES.txt
2015-05-13 18:32 - 2015-05-13 18:32 - 00001355 _____ () C:\Users\Public\HELP_RESTORE_FILES_fywee.TXT
2015-05-13 18:32 - 2015-05-13 18:32 - 00001355 _____ () C:\Users\Public\Downloads\HELP_RESTORE_FILES_fywee.TXT
2015-05-13 18:32 - 2015-05-13 18:32 - 00001355 _____ () C:\Users\macbook_jano\HELP_RESTORE_FILES_fywee.TXT
2015-05-13 18:31 - 2015-05-13 18:31 - 00001355 _____ () C:\Users\macbook_jano\Downloads\HELP_RESTORE_FILES_fywee.TXT
2015-05-13 18:31 - 2015-05-13 18:31 - 00001355 _____ () C:\Users\macbook_jano\Documents\HELP_RESTORE_FILES_fywee.TXT
2015-05-13 18:30 - 2015-05-13 18:30 - 00001355 _____ () C:\Users\macbook_jano\AppData\HELP_RESTORE_FILES_fywee.TXT
2015-05-13 16:30 - 2015-05-13 18:32 - 00001355 _____ () C:\Users\Public\Documents\HELP_RESTORE_FILES_fywee.TXT
2015-05-13 16:30 - 2015-05-13 18:30 - 00001355 _____ () C:\ProgramData\HELP_RESTORE_FILES_fywee.TXT
2015-05-12 19:04 - 2015-05-17 09:33 - 00000232 _____ () C:\Users\macbook_jano\Documents\RECOVERY_FILE.TXT
2015-05-12 19:04 - 2015-05-14 07:14 - 00696854 _____ () C:\Users\macbook_jano\AppData\Local\log.html
2015-05-12 19:04 - 2015-05-14 07:14 - 00000752 _____ () C:\Users\macbook_jano\AppData\Local\storage.bin
2015-05-12 19:04 - 2015-05-12 19:04 - 00001355 _____ () C:\Users\HELP_RESTORE_FILES_vweux.TXT
2015-05-12 19:04 - 2015-05-12 19:04 - 00001355 _____ () C:\Program Files\Common Files\HELP_RESTORE_FILES_vweux.TXT
2015-05-12 19:04 - 2015-05-12 19:02 - 00458240 _____ (Microsoft Corporation) C:\Users\macbook_jano\AppData\Local\jnuakjy.exe
2015-05-12 07:50 - 2015-05-12 07:50 - 00003068 _____ () C:\Windows\System32\Tasks\{EF882114-C20D-44AB-A006-FCE7E0D803C5}
2015-05-07 10:09 - 2015-05-13 18:30 - 00000876 _____ () C:\Users\macbook_jano\Desktop\repeater.txt.exx
2015-05-05 16:52 - 2015-05-13 18:31 - 02575308 _____ () C:\Users\macbook_jano\DSC_0548.JPG.exx
2015-04-23 07:49 - 2015-05-13 18:30 - 00481564 _____ () C:\Users\macbook_jano\Desktop\hruska.jpg.exx
2015-04-22 08:47 - 2015-05-13 18:30 - 00013100 _____ () C:\Users\macbook_jano\Desktop\Nakup konecna varianta.docx.exx
2015-04-21 15:56 - 2015-05-13 18:30 - 00017084 _____ () C:\Users\macbook_jano\Documents\material hruska.docx.exx
2015-04-21 13:46 - 2015-05-13 18:30 - 00859932 _____ () C:\Users\macbook_jano\Desktop\chata maros.jpg.exx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 09:54 - 2014-01-29 08:50 - 00000000 ____D () C:\Users\macbook_jano\AppData\Roaming\Skype
2015-05-17 09:39 - 2009-07-14 06:45 - 00031152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-17 09:39 - 2009-07-14 06:45 - 00031152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-17 09:37 - 2014-01-27 21:36 - 01778376 _____ () C:\Windows\WindowsUpdate.log
2015-05-17 09:37 - 2009-07-14 07:13 - 00006410 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-17 09:33 - 2014-02-12 18:10 - 00000000 ____D () C:\Users\macbook_jano\Documents\Súbory programu Outlook
2015-05-17 09:33 - 2014-01-27 22:54 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-17 09:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-17 09:33 - 2009-07-14 06:51 - 00068540 _____ () C:\Windows\setupact.log
2015-05-17 09:25 - 2014-03-10 16:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-17 09:22 - 2014-07-26 15:16 - 00000027 _____ () C:\Users\macbook_jano\AppData\Roaming\msqboqg.dat
2015-05-17 07:17 - 2014-01-27 22:54 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-16 10:09 - 2010-11-21 05:47 - 00038808 _____ () C:\Windows\PFRO.log
2015-05-15 16:16 - 2014-01-27 22:40 - 00000000 ____D () C:\Users\macbook_jano
2015-05-15 07:43 - 2014-07-26 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-15 07:29 - 2014-03-25 00:19 - 00000000 ____D () C:\Users\macbook_jano\bluetooth
2015-05-13 18:32 - 2011-04-12 15:40 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-13 18:32 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-13 18:31 - 2015-04-03 10:50 - 00028396 _____ () C:\Users\macbook_jano\Downloads\Kupna_zmluva_Zabreh_2.doc.exx
2015-05-13 18:31 - 2015-03-21 09:26 - 00000000 ____D () C:\Users\macbook_jano\Downloads\Wanastovi-věci
2015-05-13 18:31 - 2015-03-21 09:20 - 69809260 _____ () C:\Users\macbook_jano\Downloads\Wanastovi-věci.rar.exx
2015-05-13 18:31 - 2015-03-21 09:18 - 00000000 ____D () C:\Users\macbook_jano\Downloads\NoName---Best-Of.Mp3_HQ-by-PiPeTamer
2015-05-13 18:31 - 2015-03-21 09:09 - 119022348 _____ () C:\Users\macbook_jano\Downloads\NoName---Best-Of.Mp3_HQ-by-PiPeTamer.zip.exx
2015-05-13 18:31 - 2015-03-21 09:05 - 00000000 ____D () C:\Users\macbook_jano\Downloads\Kryštof---Rubikon
2015-05-13 18:31 - 2015-03-21 08:48 - 63946684 _____ () C:\Users\macbook_jano\Downloads\Kryštof---Rubikon.zip.exx
2015-05-13 18:31 - 2015-03-21 08:39 - 00000000 ____D () C:\Users\macbook_jano\Downloads\Krystof---Best-Of-2007
2015-05-13 18:31 - 2015-03-21 08:28 - 88300428 _____ () C:\Users\macbook_jano\Downloads\Krystof---Best-Of-2007.zip.exx
2015-05-13 18:31 - 2015-03-21 08:24 - 00000000 ____D () C:\Users\macbook_jano\Downloads\Xindl-X---Praxe-Relativity-(2010)
2015-05-13 18:31 - 2015-03-13 10:57 - 01295596 _____ () C:\Users\macbook_jano\Downloads\adwcleaner (1).rar.exx
2015-05-13 18:31 - 2015-02-22 09:43 - 00000000 ____D () C:\Users\macbook_jano\Documents\sport
2015-05-13 18:31 - 2015-02-03 21:01 - 00000000 ____D () C:\Users\macbook_jano\Downloads\SwiftKey-Keyboard-v4.1.3.149-Full---namluvné-SMS
2015-05-13 18:31 - 2015-01-29 08:58 - 04430540 _____ () C:\Users\macbook_jano\Downloads\LOCUS-PRO-NEJNOVEJSI-VERZE-crack.zip.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 35791996 _____ () C:\Users\macbook_jano\Documents\Viber_5.2.1.36.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 16022892 _____ () C:\Users\macbook_jano\Documents\Walkman_8.5.A.0.6.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 12205804 _____ () C:\Users\macbook_jano\Documents\VLC_0.9.10.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 11638860 _____ () C:\Users\macbook_jano\Documents\YouTube_6.0.13.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 09758540 _____ () C:\Users\macbook_jano\Documents\Zomato_6.3.4.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 06891388 _____ () C:\Users\macbook_jano\Documents\VPlayer_3.2.6.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 06249612 _____ () C:\Users\macbook_jano\Documents\TrackID™_3.82.12.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 06076364 _____ () C:\Users\macbook_jano\Documents\Wisepilot for XPERIA™_5.0.1.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 04717964 _____ () C:\Users\macbook_jano\Documents\Xperia Link_2.7.A.0.4.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 03644940 _____ () C:\Users\macbook_jano\Documents\WineryApp_3.01 Production with Social.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 03434268 _____ () C:\Users\macbook_jano\Documents\TV Program_1.98.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 02253340 _____ () C:\Users\macbook_jano\Documents\Telekom_1.4.2.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 02249804 _____ () C:\Users\macbook_jano\Documents\Xperia Lounge_2.4.2.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 02064172 _____ () C:\Users\macbook_jano\Documents\X-plore_3.67.01.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 01436556 _____ () C:\Users\macbook_jano\Documents\ZlavaDna.sk_1.1.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 00565564 _____ () C:\Users\macbook_jano\Documents\TrekBuddy_1.30.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 00044652 _____ () C:\Users\macbook_jano\Documents\TOP GAMES_1.0.0.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 28999628 _____ () C:\Users\macbook_jano\Documents\Služby Google Play_6.5.99 (1642632-036).apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 19309452 _____ () C:\Users\macbook_jano\Documents\Skype_5.1.0.58677.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 18678204 _____ () C:\Users\macbook_jano\Documents\Smart Banking SK_1.4.21.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 15230476 _____ () C:\Users\macbook_jano\Documents\Tapatalk_4.10.4.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 14979356 _____ () C:\Users\macbook_jano\Documents\Sense flip clock & weather_0.87.11.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 14087868 _____ () C:\Users\macbook_jano\Documents\TeamViewer_10.0.2712.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 10681740 _____ () C:\Users\macbook_jano\Documents\Skica_2.0.A.1.7.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 10475676 _____ () C:\Users\macbook_jano\Documents\Socialife_4.1.20.30.1.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 08162972 _____ () C:\Users\macbook_jano\Documents\SwiftKey_4.1.2.147.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 07185324 _____ () C:\Users\macbook_jano\Documents\Smart Connect_5.7.14.218.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 06329196 _____ () C:\Users\macbook_jano\Documents\Svetlo_1.76.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 06079932 _____ () C:\Users\macbook_jano\Documents\Staffino_1.1.11.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 04283580 _____ () C:\Users\macbook_jano\Documents\Správy a počasie_2.2 (1623380).apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 03150684 _____ () C:\Users\macbook_jano\Documents\TalkBack_3.5.2.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 03072124 _____ () C:\Users\macbook_jano\Documents\Prekladateľ_1.12.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 02675148 _____ () C:\Users\macbook_jano\Documents\SHMUDroid_3.0.5.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 02642668 _____ () C:\Users\macbook_jano\Documents\smshare_5.1.0 .apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 02011996 _____ () C:\Users\macbook_jano\Documents\Safe In Cloud_4.4.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 01372828 _____ () C:\Users\macbook_jano\Documents\Sound Recorder_1.6.0.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 18507772 _____ () C:\Users\macbook_jano\Documents\Prekladač_3.1.0.RC06.83908714.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 17188604 _____ () C:\Users\macbook_jano\Documents\OfficeSuite_7.2.1339.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 16009404 _____ () C:\Users\macbook_jano\Documents\NAVIGON_4.7.1.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 11425212 _____ () C:\Users\macbook_jano\Documents\Nástroj od Googlu na prevod textu na reč_3.3.13.1635260.arm.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 10171420 _____ () C:\Users\macbook_jano\Documents\Obchod Google Play_5.1.11.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 02956588 _____ () C:\Users\macbook_jano\Documents\OpenSignal_3.31.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 02741036 _____ () C:\Users\macbook_jano\Documents\Narodeniny_3.0.0.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 01369244 _____ () C:\Users\macbook_jano\Documents\NeoReader_4.06.04.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 00533084 _____ () C:\Users\macbook_jano\Documents\Obedovat.sk_1.0.BETA5.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 00252844 _____ () C:\Users\macbook_jano\Documents\PlayNow™_1.11.6.apk.exx
2015-05-13 18:31 - 2015-01-21 18:57 - 00012156 _____ () C:\Users\macbook_jano\Documents\Prevzatie vozidla na opravu.docx.exx
2015-05-13 18:31 - 2014-08-29 11:56 - 00000236 _____ () C:\Users\macbook_jano\Documents\telekom komunikacia.txt.exx
2015-05-13 18:31 - 2014-08-04 14:11 - 00000000 ____D () C:\Users\macbook_jano\Documents\poziarne auta
2015-05-13 18:31 - 2014-07-28 08:44 - 00000000 ____D () C:\Users\macbook_jano\Documents\Vlastné šablóny balíka Office
2015-05-13 18:31 - 2014-07-26 15:15 - 00000000 ____D () C:\Users\macbook_jano\Downloads\Net-Framework-V4.0.30319
2015-05-13 18:31 - 2014-07-03 10:39 - 00000396 ____H () C:\Users\macbook_jano\Documents\~$Jano oslava.xlsx.exx
2015-05-13 18:31 - 2014-06-18 09:51 - 49827692 _____ () C:\Users\macbook_jano\Documents\Schluss mit Wühler im Garten +++ Folge 1 (von 2).mp4.exx
2015-05-13 18:31 - 2014-06-04 18:20 - 00141036 _____ () C:\Users\macbook_jano\Documents\splnomocnenie na odhlasenie vozidla Eustream.doc.exx
2015-05-13 18:31 - 2014-04-07 15:29 - 00000000 ____D () C:\Users\macbook_jano\Documents\Scan
2015-05-13 18:30 - 2015-04-03 10:52 - 00028908 _____ () C:\Users\macbook_jano\Desktop\Kupna_zmluva_Zabreh_2.doc.exx
2015-05-13 18:30 - 2015-04-03 10:51 - 00139084 _____ () C:\Users\macbook_jano\Desktop\dobraci_razitko.png.exx
2015-05-13 18:30 - 2015-03-28 08:06 - 01419580 _____ () C:\Users\macbook_jano\Documents\A5_Octavia_Columbus_NavigationSystem.pdf.exx
2015-05-13 18:30 - 2015-03-06 23:40 - 121501724 _____ () C:\Users\macbook_jano\Desktop\slovakia.osm.2014.1.map.exx
2015-05-13 18:30 - 2015-02-16 20:23 - 00005548 _____ () C:\Users\macbook_jano\Desktop\imagesA6NSTN2L.jpg.exx
2015-05-13 18:30 - 2015-01-29 08:58 - 00000000 ____D () C:\Users\macbook_jano\Desktop\LOCUS_PRO_NEJNOVEJSI_VERZE_crack
2015-05-13 18:30 - 2015-01-21 19:53 - 32166492 _____ () C:\Users\macbook_jano\Documents\Chrome_39.0.2171.93.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 25928732 _____ () C:\Users\macbook_jano\Documents\Mobile Print_3.04.22.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 15057372 _____ () C:\Users\macbook_jano\Documents\iSki Tracker_1.7 (1.4).apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 14307612 _____ () C:\Users\macbook_jano\Documents\Mapy_9.2.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 08634364 _____ () C:\Users\macbook_jano\Documents\Kiosk Google Play_3.3.1.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 07307644 _____ () C:\Users\macbook_jano\Documents\McAfee Security_3.1.0.802.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 01521308 _____ () C:\Users\macbook_jano\Documents\Meniny a mená_3.35.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 00843276 _____ () C:\Users\macbook_jano\Documents\MyPhoneExplorer Client_1.0.34.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 00099740 _____ () C:\Users\macbook_jano\Documents\Meniny Widget_1.8.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 00076428 _____ () C:\Users\macbook_jano\Documents\Mobile GIS_1.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 37168316 _____ () C:\Users\macbook_jano\Documents\Aplikácia Google_4.1.24.1672412.arm.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 28231052 _____ () C:\Users\macbook_jano\Documents\Facebook_24.0.0.30.15.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 25568828 _____ () C:\Users\macbook_jano\Documents\Google+_4.8.0.81189390.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 15330156 _____ () C:\Users\macbook_jano\Documents\Hangouts_2.5.83281670.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 13156924 _____ () C:\Users\macbook_jano\Documents\Filmy_8.0.A.0.6.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 11248700 _____ () C:\Users\macbook_jano\Documents\Gmail_5.0.1 (1642443).apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 09425388 _____ () C:\Users\macbook_jano\Documents\Alza.sk_3.2.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 08550092 _____ () C:\Users\macbook_jano\Documents\Earth_8.0.1.2311.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 07647948 _____ () C:\Users\macbook_jano\Documents\ASTRO File Manager_ASTRO-4.5.629.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 06659868 _____ () C:\Users\macbook_jano\Documents\DU Battery Saver_3.9.7.1.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 06559148 _____ () C:\Users\macbook_jano\Documents\Filmy Google Play_3.6.14.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 05117916 _____ () C:\Users\macbook_jano\Documents\Hry Google Play_2.2.05 (1620489-006).apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 04843276 _____ () C:\Users\macbook_jano\Documents\Expres_1.3.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 01738156 _____ () C:\Users\macbook_jano\Documents\Editor fotografií_3.1.A.0.46.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00317820 _____ () C:\Users\macbook_jano\Documents\Calendar Snooze_2.14.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00043004 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.shutdownanim.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00024748 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.r2r.client.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00006620 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.home.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00004972 _____ () C:\Users\macbook_jano\Documents\com.android.providers.partnerbookmarks.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00004780 _____ () C:\Users\macbook_jano\Documents\android.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00004188 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.conversations.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00004172 _____ () C:\Users\macbook_jano\Documents\com.android.browser.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003804 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.capabilities.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003692 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.android.socialphonebook.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003516 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.setupwizard.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003420 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.initialbootsetup.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003420 _____ () C:\Users\macbook_jano\Documents\com.android.phone.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003388 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.trackid.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003388 _____ () C:\Users\macbook_jano\Documents\com.android.settings.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003372 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.simcontacts.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003260 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.music.product.overlay_7.15.A.0.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:51 - 13116924 _____ () C:\Users\macbook_jano\Documents\Album_6.6.A.0.6.apk.exx
2015-05-13 18:30 - 2015-01-21 19:51 - 00909484 _____ () C:\Users\macbook_jano\Documents\Account Manager_2.2.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:51 - 00191212 _____ () C:\Users\macbook_jano\Documents\AirPush Detector_3.2.apk.exx
2015-05-13 18:30 - 2014-12-25 16:47 - 00000332 _____ () C:\Users\macbook_jano\Documents\Kramar.txt.exx
2015-05-13 18:30 - 2014-12-24 10:27 - 00069612 _____ () C:\Users\macbook_jano\Desktop\Novbyt_nedoplatok_stankovic.pdf.exx
2015-05-13 18:30 - 2014-12-08 11:27 - 00022636 _____ () C:\Users\macbook_jano\Desktop\tatra.jpg.exx
2015-05-13 18:30 - 2014-12-08 11:26 - 00092236 _____ () C:\Users\macbook_jano\Desktop\tatra.png.exx
2015-05-13 18:30 - 2014-12-07 21:31 - 00174636 _____ () C:\Users\macbook_jano\Desktop\dennis 2.jpg.exx
2015-05-13 18:30 - 2014-12-07 21:30 - 00116492 _____ () C:\Users\macbook_jano\Desktop\dennis1.jpg.exx
2015-05-13 18:30 - 2014-12-07 21:10 - 00203980 _____ () C:\Users\macbook_jano\Desktop\dennis_996.jpg.exx
2015-05-13 18:30 - 2014-12-07 21:09 - 00208140 _____ () C:\Users\macbook_jano\Desktop\dennis_9911.jpg.exx
2015-05-13 18:30 - 2014-12-07 21:09 - 00164284 _____ () C:\Users\macbook_jano\Desktop\dennis_991.jpg.exx
2015-05-13 18:30 - 2014-11-30 16:19 - 00000000 ____D () C:\Users\macbook_jano\Documents\Conformite erklarung
2015-05-13 18:30 - 2014-11-26 17:38 - 00000000 ____D () C:\Users\macbook_jano\.shsh
2015-05-13 18:30 - 2014-11-26 17:37 - 00000000 ____D () C:\ProgramData\Sun
2015-05-13 18:30 - 2014-11-26 17:37 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-13 18:30 - 2014-11-04 18:20 - 00039660 _____ () C:\Users\macbook_jano\Desktop\co treba udelat.xls.exx
2015-05-13 18:30 - 2014-10-13 09:36 - 00007500 _____ () C:\Users\macbook_jano\Desktop\krt.jpg.exx
2015-05-13 18:30 - 2014-10-07 14:11 - 00039660 _____ () C:\Users\macbook_jano\Documents\Cesta zo stanice Zwolle do hotela.doc.exx
2015-05-13 18:30 - 2014-10-07 14:11 - 00016892 _____ () C:\Users\macbook_jano\Documents\Cesta zo stanice Zwolle do hotela.docx.exx
2015-05-13 18:30 - 2014-09-14 20:45 - 00002268 _____ () C:\Users\macbook_jano\Documents\na krtince.txt.exx
2015-05-13 18:30 - 2014-08-18 19:09 - 00000716 _____ () C:\Users\macbook_jano\Documents\dobraci s.r.o udaje.txt.exx
2015-05-13 18:30 - 2014-08-11 08:07 - 00000000 ____D () C:\Users\macbook_jano\AppData\OICE_15_974FA576_32C1D314_125
2015-05-13 18:30 - 2014-07-30 08:05 - 00000316 _____ () C:\Users\macbook_jano\Documents\capek udaje.txt.exx
2015-05-13 18:30 - 2014-07-23 15:35 - 00000396 ____H () C:\Users\macbook_jano\Desktop\~$podpis.docx.exx
2015-05-13 18:30 - 2014-06-29 22:44 - 00053484 _____ () C:\Users\macbook_jano\Documents\kupni-smlouva_nákup auta_Poricany.doc.exx
2015-05-13 18:30 - 2014-06-29 18:01 - 00012092 _____ () C:\Users\macbook_jano\Documents\Jano oslava menu.xlsx.exx
2015-05-13 18:30 - 2014-06-29 16:25 - 00013388 _____ () C:\Users\macbook_jano\Documents\Jano oslava.xlsx.exx
2015-05-13 18:30 - 2014-05-17 09:10 - 00037100 _____ () C:\Users\macbook_jano\Documents\kupna zmluva osobne Iveta Fiesta.doc.exx
2015-05-13 18:30 - 2014-04-04 16:37 - 00000000 ____D () C:\ProgramData\Samsung
2015-05-13 18:30 - 2014-04-02 12:37 - 00000348 _____ () C:\Users\macbook_jano\Documents\chata voda.txt.exx
2015-05-13 18:30 - 2014-02-18 13:17 - 00000000 ____D () C:\ProgramData\RoboForm
2015-05-13 18:30 - 2014-02-18 13:16 - 00000000 ____D () C:\Users\macbook_jano\Documents\My RoboForm Data
2015-05-13 18:30 - 2014-02-18 13:11 - 28168908 _____ () C:\Users\macbook_jano\Documents\AI.Roboform.Enterprise.v7.7.0.0.rar.exx
2015-05-13 18:30 - 2014-02-18 09:17 - 00000000 ____D () C:\Users\macbook_jano\.android
2015-05-13 18:30 - 2014-01-29 08:50 - 00000000 ____D () C:\ProgramData\Skype
2015-05-13 16:30 - 2014-12-15 22:06 - 00000000 ____D () C:\OutputFolder
2015-05-13 16:30 - 2014-11-27 16:50 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-13 16:30 - 2014-06-30 08:09 - 00000000 ____D () C:\AdwCleaner
2015-05-13 16:30 - 2014-02-18 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2015-05-13 16:30 - 2014-02-18 11:05 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-13 16:30 - 2014-02-12 17:56 - 00000000 ____D () C:\ProgramData\LangSoft
2015-05-13 16:30 - 2014-01-27 22:43 - 00000000 ____D () C:\ProgramData\Apple
2015-05-13 16:30 - 2014-01-27 21:31 - 00000000 ____D () C:\Intel
2015-05-12 19:04 - 2014-12-13 09:37 - 00000284 _____ () C:\AdwCleanerDebug.txt.exx
2015-05-12 19:04 - 2014-11-27 16:50 - 00000000 ____D () C:\Program Files\iTunes
2015-05-12 19:04 - 2014-11-27 16:50 - 00000000 ____D () C:\Program Files\iPod
2015-05-12 19:04 - 2014-11-27 16:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-12 19:04 - 2014-11-27 16:50 - 00000000 ____D () C:\Program Files\Bonjour
2015-05-12 19:04 - 2014-10-22 19:29 - 00000000 ____D () C:\Program Files\KMSnano
2015-05-12 19:04 - 2014-07-26 10:45 - 00000000 ____D () C:\Program Files\KMSpico
2015-05-12 19:04 - 2014-07-26 10:43 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-05-12 19:04 - 2014-07-26 10:41 - 00000000 __RHD () C:\MSOCache
2015-05-12 19:04 - 2014-07-26 10:41 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2015-05-12 19:04 - 2014-04-13 05:15 - 00000000 __SHD () C:\found.000
2015-05-12 19:04 - 2014-02-12 18:00 - 00000000 ____D () C:\Program Files\7-Zip
2015-05-12 19:04 - 2014-01-27 22:45 - 00000000 ____D () C:\Program Files\Intel
2015-05-12 19:04 - 2014-01-27 22:45 - 00000000 ____D () C:\Program Files\Boot Camp
2015-05-12 19:04 - 2014-01-27 22:43 - 00000000 ____D () C:\Program Files\DIFX
2015-05-12 19:04 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2015-05-12 19:04 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-05-12 19:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-12 19:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\SpeechEngines
2015-05-12 19:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Services
2015-05-12 19:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-07 12:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-22 22:05 - 2014-01-27 23:26 - 00001110 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-04-22 22:05 - 2014-01-27 23:26 - 00001098 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2015-04-21 13:25 - 2014-03-10 16:08 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-21 13:25 - 2014-03-10 16:08 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-21 13:25 - 2014-03-10 16:08 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories =======

2015-05-12 19:04 - 2015-05-12 19:04 - 0001355 _____ () C:\Program Files\Common Files\HELP_RESTORE_FILES_vweux.TXT
2014-02-19 20:23 - 2014-02-19 20:23 - 0037770 _____ () C:\Users\macbook_jano\AppData\Roaming\Hodnoty oddelené čiarkou (systém DOS).ADR
2014-07-26 15:16 - 2015-05-17 09:22 - 0000027 _____ () C:\Users\macbook_jano\AppData\Roaming\msqboqg.dat
2014-07-26 15:16 - 2014-07-26 15:16 - 0009761 _____ () C:\Users\macbook_jano\AppData\Roaming\msrhpb.dat
2014-07-30 09:49 - 2014-07-30 09:49 - 0000037 ___SH () C:\Users\macbook_jano\AppData\Local\70149b02515b3bb20dd492.47983420
2015-05-12 19:04 - 2015-05-12 19:02 - 0458240 _____ (Microsoft Corporation) C:\Users\macbook_jano\AppData\Local\jnuakjy.exe
2015-05-12 19:04 - 2015-05-14 07:14 - 0696854 _____ () C:\Users\macbook_jano\AppData\Local\log.html
2015-05-17 10:08 - 2015-05-17 10:08 - 0029696 _____ () C:\Users\macbook_jano\AppData\Local\MSGBOX.EXE
2015-01-02 22:30 - 2015-01-02 22:30 - 0628496 _____ (CMI Limited) C:\Users\macbook_jano\AppData\Local\nsv3432.tmp
2015-05-12 19:04 - 2015-05-14 07:14 - 0000752 _____ () C:\Users\macbook_jano\AppData\Local\storage.bin
2015-05-13 16:30 - 2015-05-13 18:30 - 0001355 _____ () C:\ProgramData\HELP_RESTORE_FILES_fywee.TXT

Some content of TEMP:
====================
C:\Users\macbook_jano\AppData\Local\Temp\83d1.exe
C:\Users\macbook_jano\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\macbook_jano\AppData\Local\Temp\AskSLib.dll
C:\Users\macbook_jano\AppData\Local\Temp\b092b6b.exe
C:\Users\macbook_jano\AppData\Local\Temp\BackupSetup.exe
C:\Users\macbook_jano\AppData\Local\Temp\bitool.dll
C:\Users\macbook_jano\AppData\Local\Temp\install_reader11_sk_gtbd_chrd_dn_aaa_aih[1].exe
C:\Users\macbook_jano\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\macbook_jano\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\macbook_jano\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\macbook_jano\AppData\Local\Temp\nsj2CB6.exe
C:\Users\macbook_jano\AppData\Local\Temp\OnlineBackup.exe
C:\Users\macbook_jano\AppData\Local\Temp\Quarantine.exe
C:\Users\macbook_jano\AppData\Local\Temp\SkypeSetup.exe
C:\Users\macbook_jano\AppData\Local\Temp\sqlite3.dll
C:\Users\macbook_jano\AppData\Local\Temp\Uni000.exe
C:\Users\macbook_jano\AppData\Local\Temp\vcredist_x64.exe
C:\Users\macbook_jano\AppData\Local\Temp\{43AC9C55-9AD7-4E0E-BC15-298627A03FEB}-33.0.1750.154_chrome_installer.exe
C:\Users\macbook_jano\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-16 09:02

==================== End Of Log ============================

solide · #25 Příspěvek od **solide** » 17 kvě 2015 09:10

stell píše:Takto, treba vlozit aj FRST.txt

Nech sa paci, tu je:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by macbook_jano (administrator) on MACBOOK_JANO-PC on 17-05-2015 10:08:42
Running from C:\Users\macbook_jano\Desktop
Loaded Profiles: macbook_jano (Available profiles: macbook_jano)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Users\macbook_jano\AppData\Local\jnuakjy.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(forum.viry.cz) C:\Users\macbook_jano\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_169_ActiveX.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\identities.exe
(forum.viry.cz) C:\Users\macbook_jano\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [746336 2013-06-05] (Apple Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [Slu~ba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519504 2013-08-21] (Acronis)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-05-01] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [msninrSrv] => C:\Windows\SysWOW64\msninr.vbe [649 2014-06-23] ()
HKLM-x32\...\Run: [InboxAce EPM Support] => "C:\PROGRA~2\INBOXA~2\bar\1.bin\1gmedint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [InboxAce AppIntegrator 32-bit] => C:\PROGRA~2\INBOXA~2\bar\1.bin\AppIntegrator.exe
HKLM-x32\...\Run: [InboxAce AppIntegrator 64-bit] => C:\PROGRA~2\INBOXA~2\bar\1.bin\AppIntegrator64.exe
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [AVrSvc] => C:\Users\macbook_jano\AppData\Local\jnuakjy.exe [458240 2015-05-12] (Microsoft Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7801088 2013-09-20] ()
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105328 2013-01-10] (Acronis)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2014-02-18] (Siber Systems)
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\...\Run: [AVrSvc] => C:\Users\macbook_jano\AppData\Local\jnuakjy.exe [458240 2015-05-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2014-04-04]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-23] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-23] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-08-23] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3458910134-2776319785-4031348273-1000 -> {8A3C8824-E351-471E-9A7C-35552567EDDB} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3458910134-2776319785-4031348273-1000 -> {A87199C9-F241-4926-939B-971DD1917172} URL = https://search.yahoo.com/search?fr=chr- ... earchTerms}
SearchScopes: HKU\S-1-5-21-3458910134-2776319785-4031348273-1000 -> {B66E561E-06B5-45CA-BC68-A586C4B086D7} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13] (Siber Systems Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\Program Files\Translat_2014\WebIE.dll [2014-02-12] ()
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13] (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-16] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-16] (Oracle Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13] (Siber Systems Inc.)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files (x86)\PC Translator\webie.dll [2004-05-13] ()
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-3458910134-2776319785-4031348273-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13] (Siber Systems Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://anonymouse.org/cgi-bin/anon-www_ ... wflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.170.1 192.168.210.1 192.168.210.253

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\macbook_jano\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [226144 2013-06-05] ()
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [506928 2013-02-05] (Samsung Electronics Co., Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AppleCamera; C:\Windows\System32\DRIVERS\AppleCamera.sys [1777408 2013-05-09] (Apple Inc.)
R3 applemtp; C:\Windows\System32\DRIVERS\applemtp.sys [39424 2013-01-28] (Apple Inc.)
R0 cbfltfs3; C:\Windows\System32\drivers\cbfltfs3.sys [320192 2015-04-01] (EldoS Corporation)
R3 CirrusLFD; C:\Windows\System32\DRIVERS\CSLFD.sys [53648 2013-05-10] (Cirrus Logic Inc.)
R3 CirrusUFD; C:\Windows\System32\DRIVERS\CSUFD.sys [11416 2013-05-10] (Cirrus Logic Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-04-30] (Intel Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-05-16] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-05-16] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-05-16] (Acronis International GmbH)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 10:08 - 2015-05-17 10:08 - 00029696 _____ () C:\Users\macbook_jano\AppData\Local\MSGBOX.EXE
2015-05-17 10:08 - 2015-05-17 10:08 - 00015327 _____ () C:\Users\macbook_jano\Desktop\LM.bat
2015-05-17 09:49 - 2015-05-17 10:08 - 00016611 _____ () C:\Users\macbook_jano\Desktop\FRST.txt
2015-05-17 09:49 - 2015-05-17 09:48 - 02107392 _____ (Farbar) C:\Users\macbook_jano\Desktop\FRST64.exe
2015-05-17 09:48 - 2015-05-17 09:48 - 02107392 _____ (Farbar) C:\Users\macbook_jano\Downloads\FRST64.exe
2015-05-17 09:47 - 2015-05-17 09:47 - 00024873 _____ () C:\Users\macbook_jano\Desktop\farbar-recovery-scan-tool.htm
2015-05-17 09:46 - 2015-05-17 09:46 - 00112640 _____ (forum.viry.cz) C:\Users\macbook_jano\Desktop\FRSTLauncher.exe
2015-05-17 09:43 - 2015-05-17 10:08 - 00000000 ____D () C:\FRST
2015-05-17 07:28 - 2015-05-17 07:28 - 00009256 _____ () C:\Users\macbook_jano\Downloads\config.bin
2015-05-16 10:07 - 2015-05-16 10:11 - 00000000 ____D () C:\ProgramData\Acronis
2015-05-16 10:07 - 2015-05-16 10:07 - 01464096 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 01120032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 00367200 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 00269600 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 00183224 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 00161568 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 00117024 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2015-05-16 10:07 - 2015-05-16 10:07 - 00001213 _____ () C:\Users\Public\Desktop\Acronis True Image 2014.lnk
2015-05-16 10:07 - 2015-05-16 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2015-05-16 10:07 - 2015-05-16 10:07 - 00000000 ____D () C:\Program Files (x86)\Acronis
2015-05-15 16:16 - 2015-05-15 16:16 - 00003444 _____ () C:\Windows\System32\Tasks\CryptoMonitor_SU
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\macbook_jano\Downloads\#duxklsjtmjklwkxeikiws
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\macbook_jano\Documents\%kxjreklsjtmjklwkxeexo
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\macbook_jano\Desktop\%klsjtmjklwkxejkfwkzim
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\macbook_jano\AAODFtpockklsjtmjklwkxedcp
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\$tpockklsjtmjklwkxedcp
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\#dhtnqklsjtmjklwkxedgp
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\!ysgsklsjtmjklwkxekgzd
2015-05-15 16:16 - 2015-04-01 16:31 - 00320192 _____ (EldoS Corporation) C:\Windows\system32\Drivers\cbfltfs3.sys
2015-05-15 16:15 - 2015-05-15 16:15 - 00001340 _____ () C:\Users\Public\Desktop\CryptoMonitor.lnk
2015-05-15 16:15 - 2015-05-15 16:15 - 00000000 ____D () C:\Users\macbook_jano\AppData\Roaming\EasySync Solutions
2015-05-15 16:15 - 2015-05-15 16:15 - 00000000 ____D () C:\Users\macbook_jano\AppData\Local\EasySync_Solutions
2015-05-15 16:15 - 2015-05-15 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasySync CryptoMonitor
2015-05-15 16:15 - 2015-05-15 16:15 - 00000000 ____D () C:\ProgramData\Caphyon
2015-05-15 16:15 - 2015-05-15 16:15 - 00000000 ____D () C:\Program Files\EasySync Solutions
2015-05-14 07:27 - 2015-05-14 07:27 - 00035840 _____ () C:\Users\macbook_jano\Documents\rastliny_2015.xls
2015-05-14 07:14 - 2015-05-14 07:14 - 02163454 _____ () C:\Users\macbook_jano\Desktop\HELP_RESTORE_FILES.bmp
2015-05-14 07:14 - 2015-05-14 07:14 - 00001738 _____ () C:\Users\macbook_jano\Desktop\Save_Files.lnk
2015-05-14 07:14 - 2015-05-14 07:14 - 00001355 _____ () C:\Users\macbook_jano\Desktop\HELP_RESTORE_FILES.txt
2015-05-13 18:32 - 2015-05-13 18:32 - 00001355 _____ () C:\Users\Public\HELP_RESTORE_FILES_fywee.TXT
2015-05-13 18:32 - 2015-05-13 18:32 - 00001355 _____ () C:\Users\Public\Downloads\HELP_RESTORE_FILES_fywee.TXT
2015-05-13 18:32 - 2015-05-13 18:32 - 00001355 _____ () C:\Users\macbook_jano\HELP_RESTORE_FILES_fywee.TXT
2015-05-13 18:31 - 2015-05-13 18:31 - 00001355 _____ () C:\Users\macbook_jano\Downloads\HELP_RESTORE_FILES_fywee.TXT
2015-05-13 18:31 - 2015-05-13 18:31 - 00001355 _____ () C:\Users\macbook_jano\Documents\HELP_RESTORE_FILES_fywee.TXT
2015-05-13 18:30 - 2015-05-13 18:30 - 00001355 _____ () C:\Users\macbook_jano\AppData\HELP_RESTORE_FILES_fywee.TXT
2015-05-13 16:30 - 2015-05-13 18:32 - 00001355 _____ () C:\Users\Public\Documents\HELP_RESTORE_FILES_fywee.TXT
2015-05-13 16:30 - 2015-05-13 18:30 - 00001355 _____ () C:\ProgramData\HELP_RESTORE_FILES_fywee.TXT
2015-05-12 19:04 - 2015-05-17 09:33 - 00000232 _____ () C:\Users\macbook_jano\Documents\RECOVERY_FILE.TXT
2015-05-12 19:04 - 2015-05-14 07:14 - 00696854 _____ () C:\Users\macbook_jano\AppData\Local\log.html
2015-05-12 19:04 - 2015-05-14 07:14 - 00000752 _____ () C:\Users\macbook_jano\AppData\Local\storage.bin
2015-05-12 19:04 - 2015-05-12 19:04 - 00001355 _____ () C:\Users\HELP_RESTORE_FILES_vweux.TXT
2015-05-12 19:04 - 2015-05-12 19:04 - 00001355 _____ () C:\Program Files\Common Files\HELP_RESTORE_FILES_vweux.TXT
2015-05-12 19:04 - 2015-05-12 19:02 - 00458240 _____ (Microsoft Corporation) C:\Users\macbook_jano\AppData\Local\jnuakjy.exe
2015-05-12 07:50 - 2015-05-12 07:50 - 00003068 _____ () C:\Windows\System32\Tasks\{EF882114-C20D-44AB-A006-FCE7E0D803C5}
2015-05-07 10:09 - 2015-05-13 18:30 - 00000876 _____ () C:\Users\macbook_jano\Desktop\repeater.txt.exx
2015-05-05 16:52 - 2015-05-13 18:31 - 02575308 _____ () C:\Users\macbook_jano\DSC_0548.JPG.exx
2015-04-23 07:49 - 2015-05-13 18:30 - 00481564 _____ () C:\Users\macbook_jano\Desktop\hruska.jpg.exx
2015-04-22 08:47 - 2015-05-13 18:30 - 00013100 _____ () C:\Users\macbook_jano\Desktop\Nakup konecna varianta.docx.exx
2015-04-21 15:56 - 2015-05-13 18:30 - 00017084 _____ () C:\Users\macbook_jano\Documents\material hruska.docx.exx
2015-04-21 13:46 - 2015-05-13 18:30 - 00859932 _____ () C:\Users\macbook_jano\Desktop\chata maros.jpg.exx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 09:54 - 2014-01-29 08:50 - 00000000 ____D () C:\Users\macbook_jano\AppData\Roaming\Skype
2015-05-17 09:39 - 2009-07-14 06:45 - 00031152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-17 09:39 - 2009-07-14 06:45 - 00031152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-17 09:37 - 2014-01-27 21:36 - 01778376 _____ () C:\Windows\WindowsUpdate.log
2015-05-17 09:37 - 2009-07-14 07:13 - 00006410 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-17 09:33 - 2014-02-12 18:10 - 00000000 ____D () C:\Users\macbook_jano\Documents\Súbory programu Outlook
2015-05-17 09:33 - 2014-01-27 22:54 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-17 09:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-17 09:33 - 2009-07-14 06:51 - 00068540 _____ () C:\Windows\setupact.log
2015-05-17 09:25 - 2014-03-10 16:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-17 09:22 - 2014-07-26 15:16 - 00000027 _____ () C:\Users\macbook_jano\AppData\Roaming\msqboqg.dat
2015-05-17 07:17 - 2014-01-27 22:54 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-16 10:09 - 2010-11-21 05:47 - 00038808 _____ () C:\Windows\PFRO.log
2015-05-15 16:16 - 2014-01-27 22:40 - 00000000 ____D () C:\Users\macbook_jano
2015-05-15 07:43 - 2014-07-26 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-15 07:29 - 2014-03-25 00:19 - 00000000 ____D () C:\Users\macbook_jano\bluetooth
2015-05-13 18:32 - 2011-04-12 15:40 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-13 18:32 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-13 18:31 - 2015-04-03 10:50 - 00028396 _____ () C:\Users\macbook_jano\Downloads\Kupna_zmluva_Zabreh_2.doc.exx
2015-05-13 18:31 - 2015-03-21 09:26 - 00000000 ____D () C:\Users\macbook_jano\Downloads\Wanastovi-věci
2015-05-13 18:31 - 2015-03-21 09:20 - 69809260 _____ () C:\Users\macbook_jano\Downloads\Wanastovi-věci.rar.exx
2015-05-13 18:31 - 2015-03-21 09:18 - 00000000 ____D () C:\Users\macbook_jano\Downloads\NoName---Best-Of.Mp3_HQ-by-PiPeTamer
2015-05-13 18:31 - 2015-03-21 09:09 - 119022348 _____ () C:\Users\macbook_jano\Downloads\NoName---Best-Of.Mp3_HQ-by-PiPeTamer.zip.exx
2015-05-13 18:31 - 2015-03-21 09:05 - 00000000 ____D () C:\Users\macbook_jano\Downloads\Kryštof---Rubikon
2015-05-13 18:31 - 2015-03-21 08:48 - 63946684 _____ () C:\Users\macbook_jano\Downloads\Kryštof---Rubikon.zip.exx
2015-05-13 18:31 - 2015-03-21 08:39 - 00000000 ____D () C:\Users\macbook_jano\Downloads\Krystof---Best-Of-2007
2015-05-13 18:31 - 2015-03-21 08:28 - 88300428 _____ () C:\Users\macbook_jano\Downloads\Krystof---Best-Of-2007.zip.exx
2015-05-13 18:31 - 2015-03-21 08:24 - 00000000 ____D () C:\Users\macbook_jano\Downloads\Xindl-X---Praxe-Relativity-(2010)
2015-05-13 18:31 - 2015-03-13 10:57 - 01295596 _____ () C:\Users\macbook_jano\Downloads\adwcleaner (1).rar.exx
2015-05-13 18:31 - 2015-02-22 09:43 - 00000000 ____D () C:\Users\macbook_jano\Documents\sport
2015-05-13 18:31 - 2015-02-03 21:01 - 00000000 ____D () C:\Users\macbook_jano\Downloads\SwiftKey-Keyboard-v4.1.3.149-Full---namluvné-SMS
2015-05-13 18:31 - 2015-01-29 08:58 - 04430540 _____ () C:\Users\macbook_jano\Downloads\LOCUS-PRO-NEJNOVEJSI-VERZE-crack.zip.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 35791996 _____ () C:\Users\macbook_jano\Documents\Viber_5.2.1.36.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 16022892 _____ () C:\Users\macbook_jano\Documents\Walkman_8.5.A.0.6.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 12205804 _____ () C:\Users\macbook_jano\Documents\VLC_0.9.10.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 11638860 _____ () C:\Users\macbook_jano\Documents\YouTube_6.0.13.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 09758540 _____ () C:\Users\macbook_jano\Documents\Zomato_6.3.4.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 06891388 _____ () C:\Users\macbook_jano\Documents\VPlayer_3.2.6.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 06249612 _____ () C:\Users\macbook_jano\Documents\TrackID™_3.82.12.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 06076364 _____ () C:\Users\macbook_jano\Documents\Wisepilot for XPERIA™_5.0.1.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 04717964 _____ () C:\Users\macbook_jano\Documents\Xperia Link_2.7.A.0.4.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 03644940 _____ () C:\Users\macbook_jano\Documents\WineryApp_3.01 Production with Social.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 03434268 _____ () C:\Users\macbook_jano\Documents\TV Program_1.98.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 02253340 _____ () C:\Users\macbook_jano\Documents\Telekom_1.4.2.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 02249804 _____ () C:\Users\macbook_jano\Documents\Xperia Lounge_2.4.2.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 02064172 _____ () C:\Users\macbook_jano\Documents\X-plore_3.67.01.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 01436556 _____ () C:\Users\macbook_jano\Documents\ZlavaDna.sk_1.1.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 00565564 _____ () C:\Users\macbook_jano\Documents\TrekBuddy_1.30.apk.exx
2015-05-13 18:31 - 2015-01-21 19:55 - 00044652 _____ () C:\Users\macbook_jano\Documents\TOP GAMES_1.0.0.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 28999628 _____ () C:\Users\macbook_jano\Documents\Služby Google Play_6.5.99 (1642632-036).apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 19309452 _____ () C:\Users\macbook_jano\Documents\Skype_5.1.0.58677.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 18678204 _____ () C:\Users\macbook_jano\Documents\Smart Banking SK_1.4.21.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 15230476 _____ () C:\Users\macbook_jano\Documents\Tapatalk_4.10.4.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 14979356 _____ () C:\Users\macbook_jano\Documents\Sense flip clock & weather_0.87.11.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 14087868 _____ () C:\Users\macbook_jano\Documents\TeamViewer_10.0.2712.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 10681740 _____ () C:\Users\macbook_jano\Documents\Skica_2.0.A.1.7.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 10475676 _____ () C:\Users\macbook_jano\Documents\Socialife_4.1.20.30.1.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 08162972 _____ () C:\Users\macbook_jano\Documents\SwiftKey_4.1.2.147.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 07185324 _____ () C:\Users\macbook_jano\Documents\Smart Connect_5.7.14.218.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 06329196 _____ () C:\Users\macbook_jano\Documents\Svetlo_1.76.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 06079932 _____ () C:\Users\macbook_jano\Documents\Staffino_1.1.11.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 04283580 _____ () C:\Users\macbook_jano\Documents\Správy a počasie_2.2 (1623380).apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 03150684 _____ () C:\Users\macbook_jano\Documents\TalkBack_3.5.2.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 03072124 _____ () C:\Users\macbook_jano\Documents\Prekladateľ_1.12.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 02675148 _____ () C:\Users\macbook_jano\Documents\SHMUDroid_3.0.5.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 02642668 _____ () C:\Users\macbook_jano\Documents\smshare_5.1.0 .apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 02011996 _____ () C:\Users\macbook_jano\Documents\Safe In Cloud_4.4.apk.exx
2015-05-13 18:31 - 2015-01-21 19:54 - 01372828 _____ () C:\Users\macbook_jano\Documents\Sound Recorder_1.6.0.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 18507772 _____ () C:\Users\macbook_jano\Documents\Prekladač_3.1.0.RC06.83908714.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 17188604 _____ () C:\Users\macbook_jano\Documents\OfficeSuite_7.2.1339.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 16009404 _____ () C:\Users\macbook_jano\Documents\NAVIGON_4.7.1.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 11425212 _____ () C:\Users\macbook_jano\Documents\Nástroj od Googlu na prevod textu na reč_3.3.13.1635260.arm.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 10171420 _____ () C:\Users\macbook_jano\Documents\Obchod Google Play_5.1.11.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 02956588 _____ () C:\Users\macbook_jano\Documents\OpenSignal_3.31.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 02741036 _____ () C:\Users\macbook_jano\Documents\Narodeniny_3.0.0.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 01369244 _____ () C:\Users\macbook_jano\Documents\NeoReader_4.06.04.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 00533084 _____ () C:\Users\macbook_jano\Documents\Obedovat.sk_1.0.BETA5.apk.exx
2015-05-13 18:31 - 2015-01-21 19:53 - 00252844 _____ () C:\Users\macbook_jano\Documents\PlayNow™_1.11.6.apk.exx
2015-05-13 18:31 - 2015-01-21 18:57 - 00012156 _____ () C:\Users\macbook_jano\Documents\Prevzatie vozidla na opravu.docx.exx
2015-05-13 18:31 - 2014-08-29 11:56 - 00000236 _____ () C:\Users\macbook_jano\Documents\telekom komunikacia.txt.exx
2015-05-13 18:31 - 2014-08-04 14:11 - 00000000 ____D () C:\Users\macbook_jano\Documents\poziarne auta
2015-05-13 18:31 - 2014-07-28 08:44 - 00000000 ____D () C:\Users\macbook_jano\Documents\Vlastné šablóny balíka Office
2015-05-13 18:31 - 2014-07-26 15:15 - 00000000 ____D () C:\Users\macbook_jano\Downloads\Net-Framework-V4.0.30319
2015-05-13 18:31 - 2014-07-03 10:39 - 00000396 ____H () C:\Users\macbook_jano\Documents\~$Jano oslava.xlsx.exx
2015-05-13 18:31 - 2014-06-18 09:51 - 49827692 _____ () C:\Users\macbook_jano\Documents\Schluss mit Wühler im Garten +++ Folge 1 (von 2).mp4.exx
2015-05-13 18:31 - 2014-06-04 18:20 - 00141036 _____ () C:\Users\macbook_jano\Documents\splnomocnenie na odhlasenie vozidla Eustream.doc.exx
2015-05-13 18:31 - 2014-04-07 15:29 - 00000000 ____D () C:\Users\macbook_jano\Documents\Scan
2015-05-13 18:30 - 2015-04-03 10:52 - 00028908 _____ () C:\Users\macbook_jano\Desktop\Kupna_zmluva_Zabreh_2.doc.exx
2015-05-13 18:30 - 2015-04-03 10:51 - 00139084 _____ () C:\Users\macbook_jano\Desktop\dobraci_razitko.png.exx
2015-05-13 18:30 - 2015-03-28 08:06 - 01419580 _____ () C:\Users\macbook_jano\Documents\A5_Octavia_Columbus_NavigationSystem.pdf.exx
2015-05-13 18:30 - 2015-03-06 23:40 - 121501724 _____ () C:\Users\macbook_jano\Desktop\slovakia.osm.2014.1.map.exx
2015-05-13 18:30 - 2015-02-16 20:23 - 00005548 _____ () C:\Users\macbook_jano\Desktop\imagesA6NSTN2L.jpg.exx
2015-05-13 18:30 - 2015-01-29 08:58 - 00000000 ____D () C:\Users\macbook_jano\Desktop\LOCUS_PRO_NEJNOVEJSI_VERZE_crack
2015-05-13 18:30 - 2015-01-21 19:53 - 32166492 _____ () C:\Users\macbook_jano\Documents\Chrome_39.0.2171.93.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 25928732 _____ () C:\Users\macbook_jano\Documents\Mobile Print_3.04.22.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 15057372 _____ () C:\Users\macbook_jano\Documents\iSki Tracker_1.7 (1.4).apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 14307612 _____ () C:\Users\macbook_jano\Documents\Mapy_9.2.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 08634364 _____ () C:\Users\macbook_jano\Documents\Kiosk Google Play_3.3.1.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 07307644 _____ () C:\Users\macbook_jano\Documents\McAfee Security_3.1.0.802.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 01521308 _____ () C:\Users\macbook_jano\Documents\Meniny a mená_3.35.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 00843276 _____ () C:\Users\macbook_jano\Documents\MyPhoneExplorer Client_1.0.34.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 00099740 _____ () C:\Users\macbook_jano\Documents\Meniny Widget_1.8.apk.exx
2015-05-13 18:30 - 2015-01-21 19:53 - 00076428 _____ () C:\Users\macbook_jano\Documents\Mobile GIS_1.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 37168316 _____ () C:\Users\macbook_jano\Documents\Aplikácia Google_4.1.24.1672412.arm.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 28231052 _____ () C:\Users\macbook_jano\Documents\Facebook_24.0.0.30.15.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 25568828 _____ () C:\Users\macbook_jano\Documents\Google+_4.8.0.81189390.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 15330156 _____ () C:\Users\macbook_jano\Documents\Hangouts_2.5.83281670.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 13156924 _____ () C:\Users\macbook_jano\Documents\Filmy_8.0.A.0.6.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 11248700 _____ () C:\Users\macbook_jano\Documents\Gmail_5.0.1 (1642443).apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 09425388 _____ () C:\Users\macbook_jano\Documents\Alza.sk_3.2.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 08550092 _____ () C:\Users\macbook_jano\Documents\Earth_8.0.1.2311.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 07647948 _____ () C:\Users\macbook_jano\Documents\ASTRO File Manager_ASTRO-4.5.629.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 06659868 _____ () C:\Users\macbook_jano\Documents\DU Battery Saver_3.9.7.1.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 06559148 _____ () C:\Users\macbook_jano\Documents\Filmy Google Play_3.6.14.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 05117916 _____ () C:\Users\macbook_jano\Documents\Hry Google Play_2.2.05 (1620489-006).apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 04843276 _____ () C:\Users\macbook_jano\Documents\Expres_1.3.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 01738156 _____ () C:\Users\macbook_jano\Documents\Editor fotografií_3.1.A.0.46.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00317820 _____ () C:\Users\macbook_jano\Documents\Calendar Snooze_2.14.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00043004 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.shutdownanim.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00024748 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.r2r.client.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00006620 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.home.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00004972 _____ () C:\Users\macbook_jano\Documents\com.android.providers.partnerbookmarks.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00004780 _____ () C:\Users\macbook_jano\Documents\android.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00004188 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.conversations.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00004172 _____ () C:\Users\macbook_jano\Documents\com.android.browser.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003804 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.capabilities.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003692 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.android.socialphonebook.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003516 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.setupwizard.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003420 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.initialbootsetup.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003420 _____ () C:\Users\macbook_jano\Documents\com.android.phone.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003388 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.trackid.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003388 _____ () C:\Users\macbook_jano\Documents\com.android.settings.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003372 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.simcontacts.res.overlay_303.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:52 - 00003260 _____ () C:\Users\macbook_jano\Documents\com.sonyericsson.music.product.overlay_7.15.A.0.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:51 - 13116924 _____ () C:\Users\macbook_jano\Documents\Album_6.6.A.0.6.apk.exx
2015-05-13 18:30 - 2015-01-21 19:51 - 00909484 _____ () C:\Users\macbook_jano\Documents\Account Manager_2.2.0.apk.exx
2015-05-13 18:30 - 2015-01-21 19:51 - 00191212 _____ () C:\Users\macbook_jano\Documents\AirPush Detector_3.2.apk.exx
2015-05-13 18:30 - 2014-12-25 16:47 - 00000332 _____ () C:\Users\macbook_jano\Documents\Kramar.txt.exx
2015-05-13 18:30 - 2014-12-24 10:27 - 00069612 _____ () C:\Users\macbook_jano\Desktop\Novbyt_nedoplatok_stankovic.pdf.exx
2015-05-13 18:30 - 2014-12-08 11:27 - 00022636 _____ () C:\Users\macbook_jano\Desktop\tatra.jpg.exx
2015-05-13 18:30 - 2014-12-08 11:26 - 00092236 _____ () C:\Users\macbook_jano\Desktop\tatra.png.exx
2015-05-13 18:30 - 2014-12-07 21:31 - 00174636 _____ () C:\Users\macbook_jano\Desktop\dennis 2.jpg.exx
2015-05-13 18:30 - 2014-12-07 21:30 - 00116492 _____ () C:\Users\macbook_jano\Desktop\dennis1.jpg.exx
2015-05-13 18:30 - 2014-12-07 21:10 - 00203980 _____ () C:\Users\macbook_jano\Desktop\dennis_996.jpg.exx
2015-05-13 18:30 - 2014-12-07 21:09 - 00208140 _____ () C:\Users\macbook_jano\Desktop\dennis_9911.jpg.exx
2015-05-13 18:30 - 2014-12-07 21:09 - 00164284 _____ () C:\Users\macbook_jano\Desktop\dennis_991.jpg.exx
2015-05-13 18:30 - 2014-11-30 16:19 - 00000000 ____D () C:\Users\macbook_jano\Documents\Conformite erklarung
2015-05-13 18:30 - 2014-11-26 17:38 - 00000000 ____D () C:\Users\macbook_jano\.shsh
2015-05-13 18:30 - 2014-11-26 17:37 - 00000000 ____D () C:\ProgramData\Sun
2015-05-13 18:30 - 2014-11-26 17:37 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-13 18:30 - 2014-11-04 18:20 - 00039660 _____ () C:\Users\macbook_jano\Desktop\co treba udelat.xls.exx
2015-05-13 18:30 - 2014-10-13 09:36 - 00007500 _____ () C:\Users\macbook_jano\Desktop\krt.jpg.exx
2015-05-13 18:30 - 2014-10-07 14:11 - 00039660 _____ () C:\Users\macbook_jano\Documents\Cesta zo stanice Zwolle do hotela.doc.exx
2015-05-13 18:30 - 2014-10-07 14:11 - 00016892 _____ () C:\Users\macbook_jano\Documents\Cesta zo stanice Zwolle do hotela.docx.exx
2015-05-13 18:30 - 2014-09-14 20:45 - 00002268 _____ () C:\Users\macbook_jano\Documents\na krtince.txt.exx
2015-05-13 18:30 - 2014-08-18 19:09 - 00000716 _____ () C:\Users\macbook_jano\Documents\dobraci s.r.o udaje.txt.exx
2015-05-13 18:30 - 2014-08-11 08:07 - 00000000 ____D () C:\Users\macbook_jano\AppData\OICE_15_974FA576_32C1D314_125
2015-05-13 18:30 - 2014-07-30 08:05 - 00000316 _____ () C:\Users\macbook_jano\Documents\capek udaje.txt.exx
2015-05-13 18:30 - 2014-07-23 15:35 - 00000396 ____H () C:\Users\macbook_jano\Desktop\~$podpis.docx.exx
2015-05-13 18:30 - 2014-06-29 22:44 - 00053484 _____ () C:\Users\macbook_jano\Documents\kupni-smlouva_nákup auta_Poricany.doc.exx
2015-05-13 18:30 - 2014-06-29 18:01 - 00012092 _____ () C:\Users\macbook_jano\Documents\Jano oslava menu.xlsx.exx
2015-05-13 18:30 - 2014-06-29 16:25 - 00013388 _____ () C:\Users\macbook_jano\Documents\Jano oslava.xlsx.exx
2015-05-13 18:30 - 2014-05-17 09:10 - 00037100 _____ () C:\Users\macbook_jano\Documents\kupna zmluva osobne Iveta Fiesta.doc.exx
2015-05-13 18:30 - 2014-04-04 16:37 - 00000000 ____D () C:\ProgramData\Samsung
2015-05-13 18:30 - 2014-04-02 12:37 - 00000348 _____ () C:\Users\macbook_jano\Documents\chata voda.txt.exx
2015-05-13 18:30 - 2014-02-18 13:17 - 00000000 ____D () C:\ProgramData\RoboForm
2015-05-13 18:30 - 2014-02-18 13:16 - 00000000 ____D () C:\Users\macbook_jano\Documents\My RoboForm Data
2015-05-13 18:30 - 2014-02-18 13:11 - 28168908 _____ () C:\Users\macbook_jano\Documents\AI.Roboform.Enterprise.v7.7.0.0.rar.exx
2015-05-13 18:30 - 2014-02-18 09:17 - 00000000 ____D () C:\Users\macbook_jano\.android
2015-05-13 18:30 - 2014-01-29 08:50 - 00000000 ____D () C:\ProgramData\Skype
2015-05-13 16:30 - 2014-12-15 22:06 - 00000000 ____D () C:\OutputFolder
2015-05-13 16:30 - 2014-11-27 16:50 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-13 16:30 - 2014-06-30 08:09 - 00000000 ____D () C:\AdwCleaner
2015-05-13 16:30 - 2014-02-18 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2015-05-13 16:30 - 2014-02-18 11:05 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-13 16:30 - 2014-02-12 17:56 - 00000000 ____D () C:\ProgramData\LangSoft
2015-05-13 16:30 - 2014-01-27 22:43 - 00000000 ____D () C:\ProgramData\Apple
2015-05-13 16:30 - 2014-01-27 21:31 - 00000000 ____D () C:\Intel
2015-05-12 19:04 - 2014-12-13 09:37 - 00000284 _____ () C:\AdwCleanerDebug.txt.exx
2015-05-12 19:04 - 2014-11-27 16:50 - 00000000 ____D () C:\Program Files\iTunes
2015-05-12 19:04 - 2014-11-27 16:50 - 00000000 ____D () C:\Program Files\iPod
2015-05-12 19:04 - 2014-11-27 16:50 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-12 19:04 - 2014-11-27 16:50 - 00000000 ____D () C:\Program Files\Bonjour
2015-05-12 19:04 - 2014-10-22 19:29 - 00000000 ____D () C:\Program Files\KMSnano
2015-05-12 19:04 - 2014-07-26 10:45 - 00000000 ____D () C:\Program Files\KMSpico
2015-05-12 19:04 - 2014-07-26 10:43 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-05-12 19:04 - 2014-07-26 10:41 - 00000000 __RHD () C:\MSOCache
2015-05-12 19:04 - 2014-07-26 10:41 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2015-05-12 19:04 - 2014-04-13 05:15 - 00000000 __SHD () C:\found.000
2015-05-12 19:04 - 2014-02-12 18:00 - 00000000 ____D () C:\Program Files\7-Zip
2015-05-12 19:04 - 2014-01-27 22:45 - 00000000 ____D () C:\Program Files\Intel
2015-05-12 19:04 - 2014-01-27 22:45 - 00000000 ____D () C:\Program Files\Boot Camp
2015-05-12 19:04 - 2014-01-27 22:43 - 00000000 ____D () C:\Program Files\DIFX
2015-05-12 19:04 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2015-05-12 19:04 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-05-12 19:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-12 19:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\SpeechEngines
2015-05-12 19:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Services
2015-05-12 19:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-07 12:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-22 22:05 - 2014-01-27 23:26 - 00001110 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-04-22 22:05 - 2014-01-27 23:26 - 00001098 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2015-04-21 13:25 - 2014-03-10 16:08 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-21 13:25 - 2014-03-10 16:08 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-21 13:25 - 2014-03-10 16:08 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories =======

2015-05-12 19:04 - 2015-05-12 19:04 - 0001355 _____ () C:\Program Files\Common Files\HELP_RESTORE_FILES_vweux.TXT
2014-02-19 20:23 - 2014-02-19 20:23 - 0037770 _____ () C:\Users\macbook_jano\AppData\Roaming\Hodnoty oddelené čiarkou (systém DOS).ADR
2014-07-26 15:16 - 2015-05-17 09:22 - 0000027 _____ () C:\Users\macbook_jano\AppData\Roaming\msqboqg.dat
2014-07-26 15:16 - 2014-07-26 15:16 - 0009761 _____ () C:\Users\macbook_jano\AppData\Roaming\msrhpb.dat
2014-07-30 09:49 - 2014-07-30 09:49 - 0000037 ___SH () C:\Users\macbook_jano\AppData\Local\70149b02515b3bb20dd492.47983420
2015-05-12 19:04 - 2015-05-12 19:02 - 0458240 _____ (Microsoft Corporation) C:\Users\macbook_jano\AppData\Local\jnuakjy.exe
2015-05-12 19:04 - 2015-05-14 07:14 - 0696854 _____ () C:\Users\macbook_jano\AppData\Local\log.html
2015-05-17 10:08 - 2015-05-17 10:08 - 0029696 _____ () C:\Users\macbook_jano\AppData\Local\MSGBOX.EXE
2015-01-02 22:30 - 2015-01-02 22:30 - 0628496 _____ (CMI Limited) C:\Users\macbook_jano\AppData\Local\nsv3432.tmp
2015-05-12 19:04 - 2015-05-14 07:14 - 0000752 _____ () C:\Users\macbook_jano\AppData\Local\storage.bin
2015-05-13 16:30 - 2015-05-13 18:30 - 0001355 _____ () C:\ProgramData\HELP_RESTORE_FILES_fywee.TXT

Some content of TEMP:
====================
C:\Users\macbook_jano\AppData\Local\Temp\83d1.exe
C:\Users\macbook_jano\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\macbook_jano\AppData\Local\Temp\AskSLib.dll
C:\Users\macbook_jano\AppData\Local\Temp\b092b6b.exe
C:\Users\macbook_jano\AppData\Local\Temp\BackupSetup.exe
C:\Users\macbook_jano\AppData\Local\Temp\bitool.dll
C:\Users\macbook_jano\AppData\Local\Temp\install_reader11_sk_gtbd_chrd_dn_aaa_aih[1].exe
C:\Users\macbook_jano\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\macbook_jano\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\macbook_jano\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\macbook_jano\AppData\Local\Temp\nsj2CB6.exe
C:\Users\macbook_jano\AppData\Local\Temp\OnlineBackup.exe
C:\Users\macbook_jano\AppData\Local\Temp\Quarantine.exe
C:\Users\macbook_jano\AppData\Local\Temp\SkypeSetup.exe
C:\Users\macbook_jano\AppData\Local\Temp\sqlite3.dll
C:\Users\macbook_jano\AppData\Local\Temp\Uni000.exe
C:\Users\macbook_jano\AppData\Local\Temp\vcredist_x64.exe
C:\Users\macbook_jano\AppData\Local\Temp\{43AC9C55-9AD7-4E0E-BC15-298627A03FEB}-33.0.1750.154_chrome_installer.exe
C:\Users\macbook_jano\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-16 09:02

==================== End Of Log ============================

#26 Příspěvek od **stell** » 17 kvě 2015 09:19

Hm, solidne zavirene, musis pockat kym napisem textak ma mazanie.

solide · #27 Příspěvek od **solide** » 17 kvě 2015 09:22

velmi pekne dakujem a ako sa vola ten virus?

#28 Příspěvek od **stell** » 17 kvě 2015 09:52

tento konkretny smejd co si zaobstaral, sa vola teslaCryptolocker, ale mas tam aj ine....

Teraz presne sprav co napisem
1:Spust poznamkovy blok.
2:Skopiruj nasledujuci zeleny text do poznamkoveho bloku.

Kód: Vybrat vše

start
CreateRestorePoint:
CloseProcesses:
Hosts:
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
RemoveProxy:
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
CMD: del /F /Q /S "C:\HELP_RESTORE_FILES.bmp"
CMD: del /F /Q /S "C:\HELP_RESTORE_FILES.txt"
CMD: del /F /Q /S "C:\HELP_RESTORE_FILES_fywee.TXT"
CMD: del /F /Q /S "C:\HELP_RESTORE_FILES_vweux.TXT"
Task: {D622047F-431D-4647-8799-332103FD720D} - System32\Tasks\{EF882114-C20D-44AB-A006-FCE7E0D803C5} => Iexplore.exe http://ui.skype.com/ui/0/7.2.60.103/sk/ ... age=tsBing
Task: {E76D6036-46EA-4DC3-815D-ECDC97A6EA10} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {52D52598-0BAE-4C71-A72C-0E6E651D5747} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMNMJMPMOMKJMMLJJMCNHMKJOJOJCNLMKJHMNJCNGMNJPMKJCNJJLJOJPMJMIMMMHMLMKJIMIMJNJICMIMCNIMCNPMFMHMCNPMCNIMJMPMOMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMNMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMCJOJMJNJAJAJEJAKFJOJBJAJJNKJCMJNNICMJNDJCMMIEJ"
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [msninrSrv] => C:\Windows\SysWOW64\msninr.vbe [649 2014-06-23] ()
C:\Windows\SysWOW64\msninr.vbe
HKLM-x32\...\Run: [InboxAce EPM Support] => "C:\PROGRA~2\INBOXA~2\bar\1.bin\1gmedint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [InboxAce AppIntegrator 32-bit] => C:\PROGRA~2\INBOXA~2\bar\1.bin\AppIntegrator.exe
HKLM-x32\...\Run: [InboxAce AppIntegrator 64-bit] => C:\PROGRA~2\INBOXA~2\bar\1.bin\AppIntegrator64.exe
C:\PROGRA~2\INBOXA~2\bar\1.bin\1gmedint.exe
C:\PROGRA~2\INBOXA~2\bar\1.bin\AppIntegrator.exe
C:\PROGRA~2\INBOXA~2\bar\1.bin\AppIntegrator64.exe
HKLM-x32\...\Run: [AVrSvc] => C:\Users\macbook_jano\AppData\Local\jnuakjy.exe [458240 2015-05-12] (Microsoft Corporation)
C:\Users\macbook_jano\AppData\Local\jnuakjy.exe
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [107000 2014-02-18] (Siber Systems)
HKU\S-1-5-21-3458910134-2776319785-4031348273-1000\...\Run: [AVrSvc] => C:\Users\macbook_jano\AppData\Local\jnuakjy.exe [458240 2015-05-12] (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @InboxAce_1g.com/Plugin -> C:\Program Files (x86)\InboxAce_1g\bar\1.bin\NP1gStub.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR dev: Chrome dev build detected! <======= ATTENTION
cmd:rd /s /q "C:\Users\macbook_jano\AppData\Local\Google\Chrome\User Data\Default\"
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
2015-05-17 10:08 - 2015-05-17 10:08 - 00029696 _____ () C:\Users\macbook_jano\AppData\Local\MSGBOX.EXE
C:\Users\macbook_jano\AppData\Local\MSGBOX.EXE
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\macbook_jano\Downloads\#duxklsjtmjklwkxeikiws
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\macbook_jano\Documents\%kxjreklsjtmjklwkxeexo
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\macbook_jano\Desktop\%klsjtmjklwkxejkfwkzim
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\macbook_jano\AAODFtpockklsjtmjklwkxedcp
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\Users\$tpockklsjtmjklwkxedcp
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\#dhtnqklsjtmjklwkxedgp
2015-05-15 16:16 - 2015-05-15 16:16 - 00000000 ___HD () C:\!ysgsklsjtmjklwkxekgzd
2015-05-12 19:04 - 2015-05-12 19:02 - 00458240 _____ (Microsoft Corporation) C:\Users\macbook_jano\AppData\Local\jnuakjy.exe
C:\Users\macbook_jano\AppData\Local\jnuakjy.exe
C:\Users\macbook_jano\AppData\Local\Temp\83d1.exe
C:\Users\macbook_jano\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\macbook_jano\AppData\Local\Temp\AskSLib.dll
C:\Users\macbook_jano\AppData\Local\Temp\b092b6b.exe
C:\Users\macbook_jano\AppData\Local\Temp\BackupSetup.exe
C:\Users\macbook_jano\AppData\Local\Temp\bitool.dll
C:\Users\macbook_jano\AppData\Local\Temp\install_reader11_sk_gtbd_chrd_dn_aaa_aih[1].exe
C:\Users\macbook_jano\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\macbook_jano\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\macbook_jano\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\macbook_jano\AppData\Local\Temp\nsj2CB6.exe
C:\Users\macbook_jano\AppData\Local\Temp\OnlineBackup.exe
C:\Users\macbook_jano\AppData\Local\Temp\Quarantine.exe
C:\Users\macbook_jano\AppData\Local\Temp\SkypeSetup.exe
C:\Users\macbook_jano\AppData\Local\Temp\sqlite3.dll
C:\Users\macbook_jano\AppData\Local\Temp\Uni000.exe
C:\Users\macbook_jano\AppData\Local\Temp\vcredist_x64.exe
C:\Users\macbook_jano\AppData\Local\Temp\{43AC9C55-9AD7-4E0E-BC15-298627A03FEB}-33.0.1750.154_chrome_installer.exe
C:\Users\macbook_jano\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
Emptytemp:
End

Uloz to tam kde mas program FRST.exe
Ulozis to ako>>vsetky programy>>nazov>> fixlist.txt

Spust program FRST ako spravca>>ale teraz kliknes na Gombik FIX
Pockaj kym program dokonci opravu, pravdepodobne bude chciet restartovat pc, tak suhlasis>>restart.
Po restarte uvidis textak>>najdi >> FIXLOG.TXT
Obsah skopiruj sem.

solide · #29 Příspěvek od **solide** » 17 kvě 2015 09:59

Po restarte po FIXe napis o zablokovani suborov zmizol. Fix log nejde ale poslat, toto mi vypisuje:
Vaše zpráva obsahuje 215701 znaků. Maximální povolený počet znaků je 100000.

#30 Příspěvek od **stell** » 17 kvě 2015 10:21

hm, jasne som napisal, ANO

Uloz to tam kde mas program FRST.exe

VIRY.CZ

Your personal files are encrypted -da sa s tim neco udelat?

Re: Your personal files are encrypted -da sa s tim neco udel

Re: Your personal files are encrypted -da sa s tim neco udel

Re: Your personal files are encrypted -da sa s tim neco udel

Re: Your personal files are encrypted -da sa s tim neco udel

Re: Your personal files are encrypted -da sa s tim neco udel

Re: Your personal files are encrypted -da sa s tim neco udel

Re: Your personal files are encrypted -da sa s tim neco udel

Re: Your personal files are encrypted -da sa s tim neco udel

Re: Your personal files are encrypted -da sa s tim neco udel

Re: Your personal files are encrypted -da sa s tim neco udel

Re: Your personal files are encrypted -da sa s tim neco udel

Re: Your personal files are encrypted -da sa s tim neco udel

Re: Your personal files are encrypted -da sa s tim neco udel

Re: Your personal files are encrypted -da sa s tim neco udel

Re: Your personal files are encrypted -da sa s tim neco udel