Dobrý den, prosím o preventivní kontrolu. Děkuji.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Uživatel at 2014-05-22 16:49:47
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 107 GB (25%) free of 431 GB
Total RAM: 4094 MB (26% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:49:50, on 22.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Windows\System32\PrintDisp.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\F-Secure\fshoster32.exe
C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Program Files\trend micro\Uživatel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: F-Secure Online Safety - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [F-Secure Hoster (666)] "C:\Program Files (x86)\F-Secure\fshoster32.exe" -app -hosterid:1
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\fshoster32.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9373 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\F-Secure\fshoster32.exe" -hosterid:0
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE" /service /stopevent=680 /ipcexch=744
C:\Windows\SysWOW64\XSrvSetup.exe
"taskhost.exe"
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\PrintDisp.exe"
C:\Windows\system32\PrintCtrl.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE"
HydraDM64.exe -h:65910 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
"C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe" 3 816 812 824
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\F-Secure\fshoster32.exe" -app -hosterid:1
"C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash
oid 1.3.6.1.4.1.2213.11.1.27.64 HosterGroupType 0
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3772.1bbc2bc0.2037395026 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3772 "\\.\pipe\gecko-crash-server-pipe.3772" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --proxy-stub-channel=Flash4332.6A916010.23096 --host-broker-channel=Flash4332.6A916010.12360 --host-pid=4332 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --channel=4456.0031F2F8.1201778794 --proxy-stub-channel=Flash4332.6A916010.23096 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Uživatel\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DriverNavigator Scheduled Scan.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45BBE08D-81C5-4A67-AF20-B2A077C67747}]
F-Secure Online Safety - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https64.dll [2014-03-03 1288744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-16 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-16 211368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45BBE08D-81C5-4A67-AF20-B2A077C67747}]
F-Secure Online Safety - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll [2014-03-03 801832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24 13667032]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2011-01-03 976896]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2011-04-19 393216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series]
C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE [2007-03-01 211456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-08-08 1828136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe /systray /nologon []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2013-01-07 446648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2013-08-27 248208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\Winampa.exe [2002-04-26 12288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
D:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Uživatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-09-07 43608]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-12-06 766208]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"F-Secure Hoster (666)"=C:\Program Files (x86)\F-Secure\fshoster32.exe [2014-02-19 187432]
"F-Secure Manager"=C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [2014-02-28 310312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=0
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2014-05-18 20:28:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-18 06:46:35 ----SHD---- C:\found.001
2014-05-14 18:53:10 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-14 18:53:10 ----A---- C:\Windows\system32\mshtml.dll
2014-05-14 18:53:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-14 18:53:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-14 16:46:10 ----A---- C:\Windows\system32\shell32.dll
2014-05-14 16:46:06 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-14 16:44:59 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-14 16:44:57 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-14 16:44:57 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-14 16:44:57 ----A---- C:\Windows\system32\kerberos.dll
2014-05-14 16:44:56 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-14 16:44:56 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-14 16:44:56 ----A---- C:\Windows\system32\winlogon.exe
2014-05-14 16:44:56 ----A---- C:\Windows\system32\objsel.dll
2014-05-14 16:44:56 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-14 16:44:55 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-14 16:44:55 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-14 16:44:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-14 16:44:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-14 16:44:54 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-14 16:44:54 ----A---- C:\Windows\system32\wdigest.dll
2014-05-14 16:44:54 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-14 16:44:54 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-14 16:44:54 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-14 16:44:53 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-14 16:44:53 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-14 16:44:53 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-14 16:44:53 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-14 16:44:53 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-14 16:44:53 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-14 16:44:53 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-14 16:44:53 ----A---- C:\Windows\system32\sspicli.dll
2014-05-14 16:44:53 ----A---- C:\Windows\system32\schannel.dll
2014-05-14 16:44:53 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-14 16:44:53 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-14 16:44:53 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-14 16:44:53 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-14 16:44:53 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-14 16:44:53 ----A---- C:\Windows\system32\adprovider.dll
2014-05-14 16:44:52 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-14 16:44:52 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-14 16:44:52 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-14 16:44:52 ----A---- C:\Windows\system32\secur32.dll
2014-05-14 16:44:52 ----A---- C:\Windows\system32\lsass.exe
2014-05-14 16:44:52 ----A---- C:\Windows\system32\credssp.dll
2014-05-14 16:44:51 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-14 16:44:51 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-13 17:14:46 ----D---- C:\Sportingbet
2014-05-06 20:05:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-05-06 20:05:54 ----A---- C:\Windows\system32\ieui.dll
2014-05-06 20:05:53 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-05-06 20:05:53 ----A---- C:\Windows\system32\vbscript.dll
2014-05-06 20:05:50 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-06 20:05:50 ----A---- C:\Windows\system32\iernonce.dll
2014-05-06 20:05:50 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-05-06 20:05:50 ----A---- C:\Windows\system32\ie4uinit.exe
2014-05-06 20:05:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-05-06 20:05:49 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-05-06 20:05:49 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-05-06 20:05:49 ----A---- C:\Windows\system32\jscript9diag.dll
2014-05-06 20:05:49 ----A---- C:\Windows\system32\dxtrans.dll
2014-05-06 20:05:49 ----A---- C:\Windows\system32\dxtmsft.dll
2014-05-06 20:05:48 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-05-06 20:05:48 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-05-06 20:05:48 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-05-06 20:05:48 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-05-06 20:05:48 ----A---- C:\Windows\system32\msrating.dll
2014-05-06 20:05:48 ----A---- C:\Windows\system32\msfeeds.dll
2014-05-06 20:05:48 ----A---- C:\Windows\system32\jsproxy.dll
2014-05-06 20:05:48 ----A---- C:\Windows\system32\ieUnatt.exe
2014-05-06 20:05:47 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-05-06 20:05:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-05-06 20:05:47 ----A---- C:\Windows\system32\iesetup.dll
2014-05-06 20:05:45 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-05-06 20:05:45 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-05-06 20:05:44 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-05-06 20:05:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-06 20:05:44 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-05-06 20:05:44 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-05-06 20:05:44 ----A---- C:\Windows\system32\ieapfltr.dll
2014-05-06 20:05:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-05-06 20:05:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-05-06 20:05:43 ----A---- C:\Windows\system32\iertutil.dll
2014-05-06 20:05:42 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-05-06 20:05:42 ----A---- C:\Windows\system32\wininet.dll
2014-05-06 20:05:42 ----A---- C:\Windows\system32\urlmon.dll
2014-05-06 20:05:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-05-06 20:05:41 ----A---- C:\Windows\system32\ieframe.dll
2014-05-06 20:05:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-05-06 20:05:39 ----A---- C:\Windows\system32\jscript9.dll
2014-05-02 19:55:27 ----D---- C:\Users\Uživatel\AppData\Roaming\GoforFiles
2014-05-02 19:55:27 ----D---- C:\Program Files (x86)\GoforFiles
2014-05-02 18:55:38 ----D---- C:\Users\Uživatel\AppData\Roaming\BabSolution
2014-05-02 18:55:20 ----D---- C:\Program Files (x86)\WebSpades
2014-05-02 18:48:22 ----D---- C:\Program Files (x86)\ConstaSurf
2014-05-02 18:31:06 ----D---- C:\Users\Uživatel\AppData\Roaming\F-Secure
2014-05-02 18:30:13 ----A---- C:\Windows\system32\drivers\fsbts.sys
2014-05-02 18:29:39 ----A---- C:\Windows\prodsett_copy.ini
2014-05-02 18:26:09 ----D---- C:\Users\Uživatel\AppData\Roaming\Seznam.cz
2014-05-02 18:16:55 ----D---- C:\Program Files (x86)\F-Secure
2014-05-02 17:59:25 ----D---- C:\ProgramData\f-secure
2014-05-02 12:06:31 ----D---- C:\ProgramData\Kaspersky Lab
2014-05-02 11:50:17 ----A---- C:\TDSSKiller.3.0.0.34_02.05.2014_11.50.17_log.txt
2014-05-02 11:49:33 ----A---- C:\TDSSKiller.2.8.16.0_02.05.2014_11.49.33_log.txt
2014-05-02 11:35:36 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-04-30 14:25:49 ----A---- C:\Windows\system32\xvidvfw.dll
2014-04-30 14:25:48 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2014-04-30 14:25:48 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2014-04-30 14:25:48 ----A---- C:\Windows\system32\xvidcore.dll
2014-04-27 16:10:21 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-04-27 16:10:12 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-04-27 16:10:12 ----A---- C:\Windows\SYSWOW64\java.exe
2014-04-24 20:20:19 ----D---- C:\AdwCleaner
======List of files/folders modified in the last 1 months======
2014-05-22 16:49:50 ----D---- C:\Windows\Prefetch
2014-05-22 16:49:49 ----D---- C:\Program Files\trend micro
2014-05-22 16:47:10 ----D---- C:\Windows\Temp
2014-05-22 16:39:41 ----D---- C:\Windows\system32\config
2014-05-22 16:27:18 ----D---- C:\Windows\inf
2014-05-22 16:25:15 ----D---- C:\Windows\SysWOW64
2014-05-22 16:24:58 ----D---- C:\Windows
2014-05-22 16:24:49 ----D---- C:\Windows\System32
2014-05-21 21:41:13 ----D---- C:\Windows\SoftwareDistribution
2014-05-21 21:32:22 ----D---- C:\Windows\Minidump
2014-05-21 21:31:24 ----D---- C:\Users\Uživatel\AppData\Roaming\Jurecek Radek
2014-05-21 17:27:48 ----D---- C:\Users\Uživatel\AppData\Roaming\vlc
2014-05-19 21:05:03 ----D---- C:\Windows\rescache
2014-05-19 05:01:09 ----SHD---- C:\Windows\Installer
2014-05-19 05:01:08 ----SHD---- C:\Config.Msi
2014-05-19 04:58:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-18 20:28:46 ----RD---- C:\Program Files (x86)
2014-05-17 13:09:54 ----D---- C:\Windows\debug
2014-05-17 13:07:29 ----D---- C:\Users\Uživatel\AppData\Roaming\uTorrent
2014-05-16 18:43:37 ----D---- C:\Windows\Microsoft.NET
2014-05-16 18:35:20 ----RSD---- C:\Windows\assembly
2014-05-15 04:56:16 ----D---- C:\Windows\winsxs
2014-05-14 21:56:57 ----D---- C:\Windows\system32\cs-CZ
2014-05-14 21:56:57 ----D---- C:\Windows\PolicyDefinitions
2014-05-14 21:56:56 ----D---- C:\Windows\system32\drivers
2014-05-14 18:53:15 ----D---- C:\Windows\system32\catroot
2014-05-14 18:53:02 ----D---- C:\ProgramData\Microsoft Help
2014-05-14 18:51:53 ----D---- C:\Program Files (x86)\Common Files
2014-05-14 18:50:33 ----D---- C:\Windows\system32\MRT
2014-05-14 18:42:00 ----A---- C:\Windows\system32\MRT.exe
2014-05-14 18:38:47 ----SHD---- C:\System Volume Information
2014-05-14 16:44:16 ----D---- C:\Windows\system32\catroot2
2014-05-14 16:41:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-13 21:24:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-07 19:07:39 ----D---- C:\Windows\SYSWOW64\en-US
2014-05-07 19:07:39 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-05-07 19:07:39 ----D---- C:\Program Files\Internet Explorer
2014-05-07 19:07:38 ----D---- C:\Windows\system32\en-US
2014-05-07 19:07:38 ----D---- C:\Program Files (x86)\Internet Explorer
2014-05-03 12:00:54 ----D---- C:\Windows\system32\Tasks
2014-05-02 20:39:22 ----D---- C:\Windows\Tasks
2014-05-02 17:59:25 ----HD---- C:\ProgramData
2014-05-01 17:03:46 ----D---- C:\Program Files\CCleaner
2014-04-27 16:10:27 ----D---- C:\ProgramData\Oracle
2014-04-27 16:10:11 ----D---- C:\Program Files (x86)\Java
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2014-05-02 56016]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2012-09-17 123704]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-01 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-10-24 283200]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2014-05-21 69928]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2013-06-24 13248]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-12-06 13207552]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-12-06 626176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-09-24 94208]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2014-05-02 203304]
R3 fsni;fsni; \??\C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\fsni64.sys [2014-02-14 86056]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-02-25 3872984]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-12-18 888536]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2012-07-24 34032]
R3 xnacc;Služba ovladače pro řadič XBOX 360 pro systém Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-12-06 13207552]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2012-06-05 237968]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vzandnetadb;ADB Interface DriverNet for VZW; C:\Windows\System32\Drivers\lgvzandnetadb.sys [2012-03-12 31744]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-12-06 239616]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 fshoster;F-Secure Dll Hoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [2014-02-19 187432]
R2 FSORSPClient;F-Secure ORSP Client; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [2013-06-10 60352]
R2 JMB36X;JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [2009-08-06 65536]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-08-08 836904]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2009-10-28 65536]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072]
R3 FSMA;F-Secure Management Agent; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [2014-02-28 216104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-08 1432400]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-18 119408]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-03 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-23 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu - Motji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu - Motji
Zdravím 
Máte s počítačem nějaké problémy?
Tuto složku znáte?
C:\Sportingbet
Stáhněte Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
-Uložte program na plochu a spusťte . Pak se zobrazí se licenční podminky - potvrďte start libovolnou klávesou.
- vytvoří se záloha a proběhne skenování.
Po skončení skenování na Vás vyběhne log (bude uložen v c:\JRT jako JRT.txt) - zkopírujte jej sem
Stáhněte AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/
-Uložte program na plochu a ukončete všechny spuštěné programy .
-spusťte AdwCleaner, klikněte na Scan a po dokončení skenu na Clean
- provede se oprava, restartuje se pc - (případně restartujte) a objeví se log C:\AdwCleaner\AdwCleaner.txt , obsah logu zkopírujte zde.
Máte s počítačem nějaké problémy?
Tuto složku znáte? C:\Sportingbet Stáhněte Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe-Uložte program na plochu a spusťte . Pak se zobrazí se licenční podminky - potvrďte start libovolnou klávesou.
- vytvoří se záloha a proběhne skenování.
Po skončení skenování na Vás vyběhne log (bude uložen v c:\JRT jako JRT.txt) - zkopírujte jej sem
Stáhněte AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/-Uložte program na plochu a ukončete všechny spuštěné programy .
-spusťte AdwCleaner, klikněte na Scan a po dokončení skenu na Clean
- provede se oprava, restartuje se pc - (případně restartujte) a objeví se log C:\AdwCleaner\AdwCleaner.txt , obsah logu zkopírujte zde.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu - Motji
Tu složku neznám. Pc dlouho najíždělo, sekalo se, internet byl pomalý. Po pročištění je to o hodně lepší.
Log z JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by U§ivatel on p 23.05.2014 at 16:13:03,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2933677903-2961974296-2326318704-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\drivergenius"
Successfully deleted: [Folder] "C:\Users\U§ivatel\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\U§ivatel\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Program Files (x86)\goforfiles"
~~~ FireFox
Successfully deleted: [File] C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\or8xac3p.default\user.js
Successfully deleted the following from C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\or8xac3p.default\prefs.js
user_pref("extensions.a0f1ebb0b873c4137a5f19b9ca22849971152da4e8ec5417f9a4b8c7bbf9cb4a4com51382.51382.cookie.testingGaq.value", "%22hxxp%3A//extclickmedia-maynemyltf.netdna-ss
user_pref("extensions.a0f1ebb0b873c4137a5f19b9ca22849971152da4e8ec5417f9a4b8c7bbf9cb4a4com51382.51382.name", "1ClickMovie-Download V9.0");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.testingGaq.value", "%22hxxp%3A//extclickmedia-maynemyltf.netdna-ss
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.name", "Torntv V9.0");
user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 1&tsp=5235");
user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 1&tsp=5235");
user_pref("extensions.crossrider.bic", "145bddcea550ab1f0dc39f2cfa4f1afa");
Emptied folder: C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\or8xac3p.default\minidumps [380 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 23.05.2014 at 16:31:21,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log z AdwCleaner:
# AdwCleaner v3.210 - Report created 23/05/2014 at 16:49:41
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Uživatel - UŽIVATEL-PC
# Running from : C:\Users\Uživatel\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\ConstaSurf
Folder Deleted : C:\Users\Uživatel\AppData\Local\cool_mirage
Folder Deleted : C:\Users\Uživatel\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Uživatel\Documents\Mobogenie
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\ffxtlbr@buenosearch.com
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\0f1ebb0b-873c-4137-a5f1-9b9ca2284997@1152da4e-8ec5-417f-9a4b-8c7bbf9cb4a4.com
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com
File Deleted : C:\Users\Uživatel\daemonprocess.txt
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\searchplugins\buenosearch.xml
File Deleted : C:\Windows\System32\Tasks\GoforFilesUpdate
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updatequalitink_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updatequalitink_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{67FCE87F-F3EF-4A3C-87C2-8BD46E68807B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E6772887-C1E1-405E-94BB-D8760A1CF8DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{708D0DD7-FBC0-4437-B525-C098F450A62C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : [x64] HKLM\SOFTWARE\installedbrowserextensions
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (cs)
[ File : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\prefs.js ]
Line Deleted : user_pref("extensions.buenosearch.admin", false);
Line Deleted : user_pref("extensions.buenosearch.aflt", "babsst");
Line Deleted : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
Line Deleted : user_pref("extensions.buenosearch.autoRvrt", "false");
Line Deleted : user_pref("extensions.buenosearch.dfltLng", "cs");
Line Deleted : user_pref("extensions.buenosearch.excTlbr", false);
Line Deleted : user_pref("extensions.buenosearch.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.buenosearch.id", "20b2564b000000000000001a4d4fba28");
Line Deleted : user_pref("extensions.buenosearch.instlDay", "16192");
Line Deleted : user_pref("extensions.buenosearch.instlRef", "sst");
Line Deleted : user_pref("extensions.buenosearch.newTab", false);
Line Deleted : user_pref("extensions.buenosearch.prdct", "buenosearch");
Line Deleted : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
Line Deleted : user_pref("extensions.buenosearch.rvrt", "false");
Line Deleted : user_pref("extensions.buenosearch.smplGrp", "none");
Line Deleted : user_pref("extensions.buenosearch.tlbrId", "base");
Line Deleted : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
Line Deleted : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.718:55:40");
Line Deleted : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");
Line Deleted : user_pref("extensions.ividi.admin", false);
Line Deleted : user_pref("extensions.ividi.aflt", "3");
Line Deleted : user_pref("extensions.ividi.appId", "{685F23D9-FCFD-475C-B56A-362645945C5A}");
Line Deleted : user_pref("extensions.ividi.autoRvrt", "false");
Line Deleted : user_pref("extensions.ividi.dfltLng", "");
Line Deleted : user_pref("extensions.ividi.dfltSrch", true);
Line Deleted : user_pref("extensions.ividi.dnsErr", true);
Line Deleted : user_pref("extensions.ividi.excTlbr", true);
Line Deleted : user_pref("extensions.ividi.ffxUnstlRst", false);
Line Deleted : user_pref("extensions.ividi.hmpg", true);
Line Deleted : user_pref("extensions.ividi.hmpgUrl", "hxxp://search.ividi.org/?src=tbhp&id=20b2564b000000000000001a4d4fba28&affilt=3");
Line Deleted : user_pref("extensions.ividi.hpOld0", "hxxp://www.centrum.cz/");
Line Deleted : user_pref("extensions.ividi.id", "20b2564b000000000000001a4d4fba28");
Line Deleted : user_pref("extensions.ividi.instlDay", "16001");
Line Deleted : user_pref("extensions.ividi.instlRef", "");
Line Deleted : user_pref("extensions.ividi.kw_url", "hxxp://search.ividi.org/?src=tbsp&id=20b2564b000000000000001a4d4fba28&affilt=3&q=");
Line Deleted : user_pref("extensions.ividi.newTab", true);
Line Deleted : user_pref("extensions.ividi.newTabUrl", "hxxp://search.ividi.org/?q={searchTerms}&src=tbnt&id=20b2564b000000000000001a4d4fba28&affilt=3");
Line Deleted : user_pref("extensions.ividi.prdct", "ividi");
Line Deleted : user_pref("extensions.ividi.prtnrId", "ividi");
Line Deleted : user_pref("extensions.ividi.rvrt", "false");
Line Deleted : user_pref("extensions.ividi.smplGrp", "none");
Line Deleted : user_pref("extensions.ividi.srchPrvdr", "Search ");
Line Deleted : user_pref("extensions.ividi.tlbrId", "base");
Line Deleted : user_pref("extensions.ividi.tlbrSrchUrl", "hxxp://search.ividi.org/?src=tbsp&id=20b2564b000000000000001a4d4fba28&affilt=3&q=");
Line Deleted : user_pref("extensions.ividi.vrsn", "1.8.23.0");
Line Deleted : user_pref("extensions.ividi.vrsnTs", "1.8.23.019:12:15");
Line Deleted : user_pref("extensions.ividi.vrsni", "1.8.23.0");
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [6027 octets] - [24/04/2014 20:20:21]
AdwCleaner[R1].txt - [925 octets] - [02/05/2014 11:34:50]
AdwCleaner[R2].txt - [8447 octets] - [23/05/2014 16:39:38]
AdwCleaner[S0].txt - [5997 octets] - [24/04/2014 20:35:21]
AdwCleaner[S1].txt - [985 octets] - [02/05/2014 11:38:34]
AdwCleaner[S2].txt - [8454 octets] - [23/05/2014 16:49:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [8514 octets] ##########
Log z JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by U§ivatel on p 23.05.2014 at 16:13:03,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2933677903-2961974296-2326318704-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\drivergenius"
Successfully deleted: [Folder] "C:\Users\U§ivatel\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\U§ivatel\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Program Files (x86)\goforfiles"
~~~ FireFox
Successfully deleted: [File] C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\or8xac3p.default\user.js
Successfully deleted the following from C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\or8xac3p.default\prefs.js
user_pref("extensions.a0f1ebb0b873c4137a5f19b9ca22849971152da4e8ec5417f9a4b8c7bbf9cb4a4com51382.51382.cookie.testingGaq.value", "%22hxxp%3A//extclickmedia-maynemyltf.netdna-ss
user_pref("extensions.a0f1ebb0b873c4137a5f19b9ca22849971152da4e8ec5417f9a4b8c7bbf9cb4a4com51382.51382.name", "1ClickMovie-Download V9.0");
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.testingGaq.value", "%22hxxp%3A//extclickmedia-maynemyltf.netdna-ss
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.name", "Torntv V9.0");
user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 1&tsp=5235");
user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 1&tsp=5235");
user_pref("extensions.crossrider.bic", "145bddcea550ab1f0dc39f2cfa4f1afa");
Emptied folder: C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\or8xac3p.default\minidumps [380 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 23.05.2014 at 16:31:21,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log z AdwCleaner:
# AdwCleaner v3.210 - Report created 23/05/2014 at 16:49:41
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Uživatel - UŽIVATEL-PC
# Running from : C:\Users\Uživatel\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\ConstaSurf
Folder Deleted : C:\Users\Uživatel\AppData\Local\cool_mirage
Folder Deleted : C:\Users\Uživatel\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Uživatel\Documents\Mobogenie
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\ffxtlbr@buenosearch.com
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\0f1ebb0b-873c-4137-a5f1-9b9ca2284997@1152da4e-8ec5-417f-9a4b-8c7bbf9cb4a4.com
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com
File Deleted : C:\Users\Uživatel\daemonprocess.txt
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\searchplugins\buenosearch.xml
File Deleted : C:\Windows\System32\Tasks\GoforFilesUpdate
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updatequalitink_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updatequalitink_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{67FCE87F-F3EF-4A3C-87C2-8BD46E68807B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E6772887-C1E1-405E-94BB-D8760A1CF8DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{708D0DD7-FBC0-4437-B525-C098F450A62C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : [x64] HKLM\SOFTWARE\installedbrowserextensions
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (cs)
[ File : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\prefs.js ]
Line Deleted : user_pref("extensions.buenosearch.admin", false);
Line Deleted : user_pref("extensions.buenosearch.aflt", "babsst");
Line Deleted : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
Line Deleted : user_pref("extensions.buenosearch.autoRvrt", "false");
Line Deleted : user_pref("extensions.buenosearch.dfltLng", "cs");
Line Deleted : user_pref("extensions.buenosearch.excTlbr", false);
Line Deleted : user_pref("extensions.buenosearch.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.buenosearch.id", "20b2564b000000000000001a4d4fba28");
Line Deleted : user_pref("extensions.buenosearch.instlDay", "16192");
Line Deleted : user_pref("extensions.buenosearch.instlRef", "sst");
Line Deleted : user_pref("extensions.buenosearch.newTab", false);
Line Deleted : user_pref("extensions.buenosearch.prdct", "buenosearch");
Line Deleted : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
Line Deleted : user_pref("extensions.buenosearch.rvrt", "false");
Line Deleted : user_pref("extensions.buenosearch.smplGrp", "none");
Line Deleted : user_pref("extensions.buenosearch.tlbrId", "base");
Line Deleted : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
Line Deleted : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.718:55:40");
Line Deleted : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");
Line Deleted : user_pref("extensions.ividi.admin", false);
Line Deleted : user_pref("extensions.ividi.aflt", "3");
Line Deleted : user_pref("extensions.ividi.appId", "{685F23D9-FCFD-475C-B56A-362645945C5A}");
Line Deleted : user_pref("extensions.ividi.autoRvrt", "false");
Line Deleted : user_pref("extensions.ividi.dfltLng", "");
Line Deleted : user_pref("extensions.ividi.dfltSrch", true);
Line Deleted : user_pref("extensions.ividi.dnsErr", true);
Line Deleted : user_pref("extensions.ividi.excTlbr", true);
Line Deleted : user_pref("extensions.ividi.ffxUnstlRst", false);
Line Deleted : user_pref("extensions.ividi.hmpg", true);
Line Deleted : user_pref("extensions.ividi.hmpgUrl", "hxxp://search.ividi.org/?src=tbhp&id=20b2564b000000000000001a4d4fba28&affilt=3");
Line Deleted : user_pref("extensions.ividi.hpOld0", "hxxp://www.centrum.cz/");
Line Deleted : user_pref("extensions.ividi.id", "20b2564b000000000000001a4d4fba28");
Line Deleted : user_pref("extensions.ividi.instlDay", "16001");
Line Deleted : user_pref("extensions.ividi.instlRef", "");
Line Deleted : user_pref("extensions.ividi.kw_url", "hxxp://search.ividi.org/?src=tbsp&id=20b2564b000000000000001a4d4fba28&affilt=3&q=");
Line Deleted : user_pref("extensions.ividi.newTab", true);
Line Deleted : user_pref("extensions.ividi.newTabUrl", "hxxp://search.ividi.org/?q={searchTerms}&src=tbnt&id=20b2564b000000000000001a4d4fba28&affilt=3");
Line Deleted : user_pref("extensions.ividi.prdct", "ividi");
Line Deleted : user_pref("extensions.ividi.prtnrId", "ividi");
Line Deleted : user_pref("extensions.ividi.rvrt", "false");
Line Deleted : user_pref("extensions.ividi.smplGrp", "none");
Line Deleted : user_pref("extensions.ividi.srchPrvdr", "Search ");
Line Deleted : user_pref("extensions.ividi.tlbrId", "base");
Line Deleted : user_pref("extensions.ividi.tlbrSrchUrl", "hxxp://search.ividi.org/?src=tbsp&id=20b2564b000000000000001a4d4fba28&affilt=3&q=");
Line Deleted : user_pref("extensions.ividi.vrsn", "1.8.23.0");
Line Deleted : user_pref("extensions.ividi.vrsnTs", "1.8.23.019:12:15");
Line Deleted : user_pref("extensions.ividi.vrsni", "1.8.23.0");
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [6027 octets] - [24/04/2014 20:20:21]
AdwCleaner[R1].txt - [925 octets] - [02/05/2014 11:34:50]
AdwCleaner[R2].txt - [8447 octets] - [23/05/2014 16:39:38]
AdwCleaner[S0].txt - [5997 octets] - [24/04/2014 20:35:21]
AdwCleaner[S1].txt - [985 octets] - [02/05/2014 11:38:34]
AdwCleaner[S2].txt - [8454 octets] - [23/05/2014 16:49:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [8514 octets] ##########
Re: Prosím o kontrolu - Motji
Tak tu složku smažte.
Ještě použijte mbam a ccleaner, z předchozích kontrol je máte v pc?
Ještě použijte mbam a ccleaner, z předchozích kontrol je máte v pc?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu - Motji
Složka vymazána. Oba dva mám pořád v PC. Pročištěno.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.05.24.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Uživatel :: UŽIVATEL-PC [administrátor]
24.5.2014 19:28:40
MBAM-log-2014-05-24 (19-35-30).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 268598
Uplynulý čas: 5 minut, 21 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BB28F3E6-6CFE-4BBE-A955-24DC60CBD110} (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\ProgramData\InstallMate\{BB28F3E6-6CFE-4BBE-A955-24DC60CBD110}\Setup.exe (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\Users\Uživatel\Downloads\FurMark_112 - CHIP Downloader.exe (PUP.Optional.InstallCore.A) -> Nebyla provedena žádná instrukce.
(konec)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.05.24.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Uživatel :: UŽIVATEL-PC [administrátor]
24.5.2014 19:28:40
MBAM-log-2014-05-24 (19-35-30).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 268598
Uplynulý čas: 5 minut, 21 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BB28F3E6-6CFE-4BBE-A955-24DC60CBD110} (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\ProgramData\InstallMate\{BB28F3E6-6CFE-4BBE-A955-24DC60CBD110}\Setup.exe (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\Users\Uživatel\Downloads\FurMark_112 - CHIP Downloader.exe (PUP.Optional.InstallCore.A) -> Nebyla provedena žádná instrukce.
(konec)
Re: Prosím o kontrolu - Motji
Vše smazat a poporsím onový log z Frstu. Jak to vypadá s počítačem?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu - Motji
Vše smazáno. Pc se už chová normálně.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-05-2014 1
Ran by Uživatel (administrator) on UŽIVATEL-PC on 24-05-2014 20:40:08
Running from C:\Users\Uživatel\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ActMask Co.,Ltd - http://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [976896 2011-01-03] (ActMask Co.,Ltd - http://www.all2pdf.com)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2007392 2014-04-01] (Wondershare)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [F-Secure Hoster (666)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2014-02-28] (F-Secure Corporation)
HKU\S-1-5-21-2933677903-2961974296-2326318704-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-04-19] (AMD)
HKU\S-1-5-21-2933677903-2961974296-2326318704-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2933677903-2961974296-2326318704-1000\...\MountPoints2: {02e3c54b-1df8-11e2-99be-001a4d4fba28} - H:\setup.exe
==================== Internet (Whitelisted) ====================
SearchScopes: HKCU - {2147521C-BE1D-4860-8FDF-C32A8AA5E945} URL = http://search.ividi.org/?q={searchTerms ... lt=3&r=885
BHO: F-Secure Online Safety - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: F-Secure Online Safety - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default
FF DefaultSearchEngine: Centrum.cz
FF SearchEngineOrder.1: Search
FF Homepage: hxxp://www.centrum.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Uživatel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\searchplugins\inbox-hledn.xml
FF SearchPlugin: C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\searchplugins\qipsearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: 20-20 3D Viewer - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\2020Player@2020Technologies.com [2012-10-23]
FF Extension: Centrum doménový pomocník - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\centrumpomocnik@centrum.cz [2012-10-23]
FF Extension: Lišta Centrum.cz - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\toolbar@centrumholdings.com [2014-01-17]
FF Extension: PutLocker Downloader - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\ptl@ptl.com.xpi [2013-06-26]
FF Extension: Greasemonkey - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-08-06]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [12x3q4@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF HKLM-x32\...\Firefox\Extensions: [{3f143e91-b854-442c-9aa5-6a5e7cb9d6db}] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https
FF Extension: Online Safety - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https [2014-05-02]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [safesearch@f-secure.com] - C:\Users\Uživatel\AppData\Roaming\F-Secure\SafeSearch\FFPlugIn\
FF Extension: F-Secure Search - C:\Users\Uživatel\AppData\Roaming\F-Secure\SafeSearch\FFPlugIn\ []
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [faklkmlkcleeoibffcbligohmkciloif] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx []
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_chrome_https\fs_chrome_https.crx [2014-03-04]
CHR HKLM-x32\...\Chrome\Extension: [ldgmpbcakgigkdogbbfhenpjagfeimcm] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha642\ch\WebexpEnhancedV1alpha642.crx [2014-03-04]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2014-03-04]
==================== Services (Whitelisted) =================
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2014-02-28] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-10] (F-Secure Corporation)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [65536 2009-08-06] ()
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904 2007-08-08] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG)
==================== Drivers (Whitelisted) ====================
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-24] (DT Soft Ltd)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-05-02] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69928 2014-05-21] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2014-05-02] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\fsni64.sys [86056 2014-02-14] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] ()
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2012-07-24] (Sony Ericsson Mobile Communications)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-02-01] ()
S3 vzandnetadb; C:\Windows\System32\Drivers\lgvzandnetadb.sys [31744 2012-03-12] (Google Inc)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-24 20:40 - 2014-05-24 20:40 - 00015261 _____ () C:\Users\Uživatel\Desktop\FRST.txt
2014-05-23 20:01 - 2014-05-23 20:16 - 1472487424 _____ () C:\Users\Uživatel\Downloads\Total Recall (2012).avi
2014-05-23 17:09 - 2014-05-23 17:12 - 586065332 _____ () C:\Users\Uživatel\Downloads\czech-bitch-31.mp4
2014-05-23 16:13 - 2014-05-23 16:13 - 00000000 ____D () C:\Windows\ERUNT
2014-05-23 16:11 - 2014-05-23 16:11 - 01326389 _____ () C:\Users\Uživatel\Desktop\AdwCleaner.exe
2014-05-23 16:11 - 2014-05-23 16:11 - 01016261 _____ (Thisisu) C:\Users\Uživatel\Desktop\JRT.exe
2014-05-22 20:43 - 2014-05-24 20:40 - 00000000 ____D () C:\FRST
2014-05-22 20:41 - 2014-05-24 20:39 - 02066432 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2014-05-22 18:35 - 2014-05-22 18:35 - 00974568 _____ (Copyright © 2013 eSupport.com, Inc • All Rights Reserved ) C:\Users\Uživatel\Downloads\driveragent-setup-1213.exe
2014-05-22 18:31 - 2014-05-22 18:31 - 05032470 _____ (Geeks3D ) C:\Users\Uživatel\Downloads\FurMark_112.exe
2014-05-22 18:28 - 2014-05-22 18:28 - 01496480 _____ ( ) C:\Users\Uživatel\Downloads\cpu-z_1.69-setup-en.exe
2014-05-22 16:47 - 2014-05-22 16:47 - 00401720 _____ (Trend Micro Inc.) C:\Users\Uživatel\Downloads\HijackThis.exe
2014-05-21 21:40 - 2014-05-24 18:25 - 00104824 ____N () C:\Windows\WindowsUpdate.log
2014-05-21 16:35 - 2014-05-21 16:38 - 882650406 _____ () C:\Users\Uživatel\Downloads\borec-picha-bohovskou-35.mp4
2014-05-18 20:28 - 2014-05-18 20:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-18 06:46 - 2014-05-18 06:46 - 00000000 __SHD () C:\found.001
2014-05-17 20:03 - 2014-05-17 08:55 - 1622964586 _____ () C:\Users\Uživatel\Desktop\Jack Rayen - v utajení.avi
2014-05-17 13:45 - 2014-05-17 13:50 - 1633884450 _____ () C:\Users\Uživatel\Downloads\4851.rar
2014-05-16 21:11 - 2014-05-16 12:22 - 1944776704 _____ () C:\Users\Uživatel\Desktop\Robocop 2014.avi
2014-05-16 20:43 - 2014-05-16 20:48 - 1955427852 _____ () C:\Users\Uživatel\Downloads\94.rar
2014-05-14 18:53 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 18:53 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 18:53 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 18:53 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 18:53 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 18:53 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 16:46 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 16:46 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 16:44 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 16:44 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 16:44 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 16:44 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 16:44 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 16:44 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 16:44 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 16:44 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 16:44 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 16:44 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 16:44 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 16:44 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 16:44 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 16:44 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 16:44 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 16:44 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 16:44 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 16:44 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 16:44 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 16:44 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 16:44 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 16:44 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 16:44 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 16:44 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 16:44 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 16:44 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 16:44 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 16:44 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 16:44 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 17:14 - 2014-05-13 17:20 - 00000000 ____D () C:\Users\Uživatel\P5JavaClientSettings
2014-05-13 17:14 - 2014-05-13 17:14 - 00000000 ____D () C:\Users\Uživatel\AppData\Local\P5
2014-05-13 17:13 - 2014-05-13 17:13 - 01543536 _____ (SBS ) C:\Users\Uživatel\Downloads\ParadisePoker.exe
2014-05-12 20:42 - 2014-05-23 20:06 - 00000000 ____D () C:\Users\Uživatel\AppData\Local\PokerStars
2014-05-12 20:42 - 2014-05-12 20:42 - 00000755 _____ () C:\Users\Public\Desktop\PokerStars.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000755 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars
2014-05-12 20:40 - 2014-05-12 20:41 - 33503792 _____ (PokerStars) C:\Users\Uživatel\Downloads\PokerStarsInstall.exe
2014-05-07 19:21 - 2014-05-07 19:26 - 1808044032 _____ () C:\Users\Uživatel\Downloads\krsnb.avi
2014-05-06 20:05 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-06 20:05 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-06 20:05 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-06 20:05 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-06 20:05 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-06 20:05 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-06 20:05 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-06 20:05 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-06 20:05 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-06 20:05 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-06 20:05 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-06 20:05 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-06 20:05 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-06 20:05 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-06 20:05 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-06 20:05 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-06 20:05 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-06 20:05 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-06 20:05 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-06 20:05 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-06 20:05 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-06 20:05 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-06 20:05 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-06 20:05 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-06 20:05 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-06 20:05 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-06 20:05 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-06 20:05 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-06 20:05 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-06 20:05 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-06 20:05 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-06 20:05 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-06 20:05 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-06 20:05 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-06 20:05 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-06 20:05 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-06 20:05 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-06 20:05 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-06 20:05 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-06 20:05 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-06 20:05 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-06 20:05 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-06 20:05 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-06 20:05 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-05 09:29 - 2014-05-05 09:30 - 89957278 _____ () C:\Users\Uživatel\Downloads\1.flv
2014-05-03 18:17 - 2009-12-25 13:07 - 04851416 _____ (AVSoftware ) C:\Users\Uživatel\Downloads\HideIPSetup.exe
2014-05-03 18:17 - 2009-12-25 12:36 - 73515400 _____ (F-Secure Corporation) C:\Users\Uživatel\Downloads\F-Secure Internet Security 2010.exe
2014-05-03 12:45 - 2013-03-28 04:10 - 00000000 ____D () C:\Users\Uživatel\Desktop\Sniper_Ghost_Warrior_2_Siberian_Strike_DLC-FLTDOX
2014-05-03 10:18 - 2014-05-03 12:01 - 1955151748 _____ () C:\Users\Uživatel\Downloads\flt-sgw2ssdlc.rar
2014-05-03 10:12 - 2014-05-03 10:12 - 00531675 _____ () C:\Users\Uživatel\Downloads\SGH2_cz.exe
2014-05-02 18:59 - 2014-05-02 18:59 - 00000000 ____D () C:\Users\Uživatel\AppData\Local\F-Secure
2014-05-02 18:55 - 2014-05-02 18:55 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-05-02 18:47 - 2014-05-02 18:47 - 00000000 ____D () C:\Users\Uživatel\.android
2014-05-02 18:31 - 2014-05-02 18:31 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\F-Secure
2014-05-02 18:30 - 2014-05-02 18:30 - 00056016 _____ () C:\Windows\system32\Drivers\fsbts.sys
2014-05-02 18:29 - 2014-05-02 18:29 - 00020395 _____ () C:\Windows\prodsett_copy.ini
2014-05-02 18:26 - 2014-05-02 18:52 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\Seznam.cz
2014-05-02 18:26 - 2014-05-02 18:26 - 00990872 _____ (F-Secure Corporation) C:\Users\Uživatel\Documents\F-SecureNetworkInstaller_IS2012-ESTORE-TRIAL-GLOBAL_.exe
2014-05-02 18:26 - 2014-05-02 18:26 - 00003172 _____ () C:\Windows\System32\Tasks\{5FC547E8-31AB-436B-A4B0-FC8D5C0F6681}
2014-05-02 18:17 - 2014-05-02 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure
2014-05-02 18:16 - 2014-05-03 18:19 - 00000000 ____D () C:\Program Files (x86)\F-Secure
2014-05-02 17:59 - 2014-05-02 18:30 - 00000000 ____D () C:\ProgramData\f-secure
2014-05-02 12:06 - 2014-05-02 12:06 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-02 12:05 - 2014-05-02 12:05 - 136013840 _____ () C:\Users\Uživatel\Desktop\setup_11.0.1.1245.x01_2014_05_02_11_48.exe
2014-05-02 11:49 - 2014-05-02 11:49 - 04143997 _____ () C:\Users\Uživatel\Downloads\tdsskiller.zip
2014-05-02 11:49 - 2014-04-29 18:21 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Uživatel\Desktop\TDSSKiller.exe
2014-05-02 11:47 - 2014-05-02 11:47 - 03972608 _____ () C:\Users\Uživatel\Downloads\RogueKiller.exe
2014-05-02 11:40 - 2014-05-02 11:40 - 00003200 _____ () C:\Windows\System32\Tasks\{4B45A62E-4944-40EA-A174-D0833965AEA7}
2014-05-02 11:35 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-01 17:03 - 2014-05-01 17:03 - 04745984 _____ (Piriform Ltd) C:\Users\Uživatel\Downloads\ccsetup413.exe
2014-05-01 13:42 - 2014-05-01 13:42 - 01009763 _____ () C:\Users\Uživatel\Downloads\gm692(1).zip
2014-05-01 13:42 - 2007-03-23 00:00 - 00000000 ____D () C:\Users\Uživatel\Desktop\GM
2014-04-30 14:25 - 2014-04-30 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2014-04-30 14:25 - 2011-05-30 15:42 - 00255488 _____ () C:\Windows\system32\xvidvfw.dll
2014-04-30 14:25 - 2011-05-30 15:42 - 00240640 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-04-30 14:25 - 2011-05-23 11:52 - 00153088 _____ () C:\Windows\SysWOW64\xvid.ax
2014-04-30 14:25 - 2011-05-23 09:49 - 00173568 _____ () C:\Windows\system32\xvid.ax
2014-04-30 14:25 - 2011-05-23 09:46 - 00645632 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-04-30 14:25 - 2011-05-23 09:45 - 00696832 _____ () C:\Windows\system32\xvidcore.dll
2014-04-30 14:07 - 2014-04-30 14:07 - 00000741 _____ () C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Lost Alpha.lnk
2014-04-30 14:07 - 2014-04-30 14:07 - 00000741 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.T.A.L.K.E.R. - Lost Alpha.lnk
2014-04-30 09:38 - 2014-04-30 15:40 - 2145906322 _____ () C:\Users\Uživatel\Downloads\S.T.A.L.K.E.R.-Stalker-Lost-Alpha.rar
2014-04-27 16:10 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-27 16:10 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-27 16:10 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-27 16:09 - 2014-04-27 16:10 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-27 13:40 - 2014-04-27 13:40 - 00000000 ____D () C:\Users\Uživatel\Documents\TrialsFusion
2014-04-25 21:40 - 2014-04-25 21:40 - 00000874 _____ () C:\Users\Uživatel\Desktop\Trials Fusion.lnk
2014-04-25 21:40 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trials Fusion
2014-04-25 21:31 - 1999-12-12 01:00 - 1425000448 _____ () C:\Users\Uživatel\Desktop\cod.Tf.iso
2014-04-25 18:17 - 2014-04-25 18:36 - 2076180480 _____ () C:\Users\Uživatel\Downloads\cod.Tf.part1.rar
2014-04-25 18:17 - 2014-04-25 18:35 - 2076180480 _____ () C:\Users\Uživatel\Downloads\cod.Tf.part2.rar
2014-04-25 18:17 - 2014-04-25 18:31 - 1600738978 _____ () C:\Users\Uživatel\Downloads\cod.Tf.part3.rar
2014-04-25 18:16 - 2014-04-25 18:23 - 00000000 ____D () C:\Users\Uživatel\Downloads\Wondershare PDF Editor 3.1.0.6
2014-04-24 20:20 - 2014-05-23 16:49 - 00000000 ____D () C:\AdwCleaner
==================== One Month Modified Files and Folders =======
2014-05-24 20:40 - 2014-05-24 20:40 - 00015261 _____ () C:\Users\Uživatel\Desktop\FRST.txt
2014-05-24 20:40 - 2014-05-22 20:43 - 00000000 ____D () C:\FRST
2014-05-24 20:39 - 2014-05-22 20:41 - 02066432 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2014-05-24 20:24 - 2012-10-23 19:40 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-24 19:26 - 2012-12-14 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParadisePoker
2014-05-24 18:28 - 2009-07-14 06:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-24 18:28 - 2009-07-14 06:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-24 18:25 - 2014-05-21 21:40 - 00104824 ____N () C:\Windows\WindowsUpdate.log
2014-05-24 18:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-23 22:14 - 2012-10-26 20:16 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\uTorrent
2014-05-23 20:16 - 2014-05-23 20:01 - 1472487424 _____ () C:\Users\Uživatel\Downloads\Total Recall (2012).avi
2014-05-23 20:06 - 2014-05-12 20:42 - 00000000 ____D () C:\Users\Uživatel\AppData\Local\PokerStars
2014-05-23 17:12 - 2014-05-23 17:09 - 586065332 _____ () C:\Users\Uživatel\Downloads\czech-bitch-31.mp4
2014-05-23 16:49 - 2014-04-24 20:20 - 00000000 ____D () C:\AdwCleaner
2014-05-23 16:49 - 2012-10-12 22:57 - 00000000 ____D () C:\Users\Uživatel
2014-05-23 16:13 - 2014-05-23 16:13 - 00000000 ____D () C:\Windows\ERUNT
2014-05-23 16:11 - 2014-05-23 16:11 - 01326389 _____ () C:\Users\Uživatel\Desktop\AdwCleaner.exe
2014-05-23 16:11 - 2014-05-23 16:11 - 01016261 _____ (Thisisu) C:\Users\Uživatel\Desktop\JRT.exe
2014-05-22 18:35 - 2014-05-22 18:35 - 00974568 _____ (Copyright © 2013 eSupport.com, Inc • All Rights Reserved ) C:\Users\Uživatel\Downloads\driveragent-setup-1213.exe
2014-05-22 18:31 - 2014-05-22 18:31 - 05032470 _____ (Geeks3D ) C:\Users\Uživatel\Downloads\FurMark_112.exe
2014-05-22 18:28 - 2014-05-22 18:28 - 01496480 _____ ( ) C:\Users\Uživatel\Downloads\cpu-z_1.69-setup-en.exe
2014-05-22 18:25 - 2013-11-05 20:49 - 00007598 _____ () C:\Users\Uživatel\AppData\Local\Resmon.ResmonCfg
2014-05-22 16:49 - 2013-09-28 22:28 - 00000000 ____D () C:\Program Files\trend micro
2014-05-22 16:47 - 2014-05-22 16:47 - 00401720 _____ (Trend Micro Inc.) C:\Users\Uživatel\Downloads\HijackThis.exe
2014-05-21 21:32 - 2013-07-30 17:32 - 00000000 ____D () C:\Windows\Minidump
2014-05-21 21:31 - 2013-08-17 10:21 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\Jurecek Radek
2014-05-21 17:27 - 2013-11-12 16:44 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\vlc
2014-05-21 16:38 - 2014-05-21 16:35 - 882650406 _____ () C:\Users\Uživatel\Downloads\borec-picha-bohovskou-35.mp4
2014-05-19 21:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-19 05:00 - 2014-04-17 21:45 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-19 04:58 - 2012-10-25 17:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-18 20:28 - 2014-05-18 20:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-18 06:46 - 2014-05-18 06:46 - 00000000 __SHD () C:\found.001
2014-05-17 13:50 - 2014-05-17 13:45 - 1633884450 _____ () C:\Users\Uživatel\Downloads\4851.rar
2014-05-17 08:55 - 2014-05-17 20:03 - 1622964586 _____ () C:\Users\Uživatel\Desktop\Jack Rayen - v utajení.avi
2014-05-16 20:48 - 2014-05-16 20:43 - 1955427852 _____ () C:\Users\Uživatel\Downloads\94.rar
2014-05-16 12:22 - 2014-05-16 21:11 - 1944776704 _____ () C:\Users\Uživatel\Desktop\Robocop 2014.avi
2014-05-15 20:27 - 2013-12-26 20:19 - 00000000 ____D () C:\Users\Uživatel\Downloads\Top Paid Android Apps Pack - December 2013 by TOREN
2014-05-15 04:56 - 2012-10-12 22:57 - 00000000 ___RD () C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 04:56 - 2012-10-12 22:57 - 00000000 ___RD () C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 21:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-14 18:53 - 2012-10-12 23:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 18:50 - 2013-08-14 20:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 18:42 - 2012-10-23 20:49 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 16:41 - 2009-07-14 17:18 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-05-14 16:41 - 2009-07-14 17:18 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-05-14 16:41 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-13 21:24 - 2012-10-23 19:40 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 21:24 - 2012-10-23 19:40 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 21:24 - 2012-10-23 19:40 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 17:20 - 2014-05-13 17:14 - 00000000 ____D () C:\Users\Uživatel\P5JavaClientSettings
2014-05-13 17:14 - 2014-05-13 17:14 - 00000000 ____D () C:\Users\Uživatel\AppData\Local\P5
2014-05-13 17:13 - 2014-05-13 17:13 - 01543536 _____ (SBS ) C:\Users\Uživatel\Downloads\ParadisePoker.exe
2014-05-12 20:42 - 2014-05-12 20:42 - 00000755 _____ () C:\Users\Public\Desktop\PokerStars.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000755 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars
2014-05-12 20:41 - 2014-05-12 20:40 - 33503792 _____ (PokerStars) C:\Users\Uživatel\Downloads\PokerStarsInstall.exe
2014-05-07 19:26 - 2014-05-07 19:21 - 1808044032 _____ () C:\Users\Uživatel\Downloads\krsnb.avi
2014-05-06 20:04 - 2013-10-16 21:13 - 00000000 ____D () C:\Users\Uživatel\Documents\FIFA 14
2014-05-06 06:40 - 2014-05-14 18:53 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 18:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 18:53 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 18:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 18:53 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 18:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 09:30 - 2014-05-05 09:29 - 89957278 _____ () C:\Users\Uživatel\Downloads\1.flv
2014-05-03 18:19 - 2014-05-02 18:16 - 00000000 ____D () C:\Program Files (x86)\F-Secure
2014-05-03 12:01 - 2014-05-03 10:18 - 1955151748 _____ () C:\Users\Uživatel\Downloads\flt-sgw2ssdlc.rar
2014-05-03 10:12 - 2014-05-03 10:12 - 00531675 _____ () C:\Users\Uživatel\Downloads\SGH2_cz.exe
2014-05-02 18:59 - 2014-05-02 18:59 - 00000000 ____D () C:\Users\Uživatel\AppData\Local\F-Secure
2014-05-02 18:55 - 2014-05-02 18:55 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-05-02 18:52 - 2014-05-02 18:26 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\Seznam.cz
2014-05-02 18:47 - 2014-05-02 18:47 - 00000000 ____D () C:\Users\Uživatel\.android
2014-05-02 18:47 - 2012-12-08 21:45 - 00000000 ____D () C:\Users\Uživatel\AppData\Local\cache
2014-05-02 18:31 - 2014-05-02 18:31 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\F-Secure
2014-05-02 18:30 - 2014-05-02 18:30 - 00056016 _____ () C:\Windows\system32\Drivers\fsbts.sys
2014-05-02 18:30 - 2014-05-02 17:59 - 00000000 ____D () C:\ProgramData\f-secure
2014-05-02 18:29 - 2014-05-02 18:29 - 00020395 _____ () C:\Windows\prodsett_copy.ini
2014-05-02 18:26 - 2014-05-02 18:26 - 00990872 _____ (F-Secure Corporation) C:\Users\Uživatel\Documents\F-SecureNetworkInstaller_IS2012-ESTORE-TRIAL-GLOBAL_.exe
2014-05-02 18:26 - 2014-05-02 18:26 - 00003172 _____ () C:\Windows\System32\Tasks\{5FC547E8-31AB-436B-A4B0-FC8D5C0F6681}
2014-05-02 18:17 - 2014-05-02 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure
2014-05-02 12:06 - 2014-05-02 12:06 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-02 12:05 - 2014-05-02 12:05 - 136013840 _____ () C:\Users\Uživatel\Desktop\setup_11.0.1.1245.x01_2014_05_02_11_48.exe
2014-05-02 11:49 - 2014-05-02 11:49 - 04143997 _____ () C:\Users\Uživatel\Downloads\tdsskiller.zip
2014-05-02 11:47 - 2014-05-02 11:47 - 03972608 _____ () C:\Users\Uživatel\Downloads\RogueKiller.exe
2014-05-02 11:40 - 2014-05-02 11:40 - 00003200 _____ () C:\Windows\System32\Tasks\{4B45A62E-4944-40EA-A174-D0833965AEA7}
2014-05-01 17:03 - 2014-05-01 17:03 - 04745984 _____ (Piriform Ltd) C:\Users\Uživatel\Downloads\ccsetup413.exe
2014-05-01 17:03 - 2012-10-23 19:26 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-01 17:03 - 2012-10-23 19:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-01 13:42 - 2014-05-01 13:42 - 01009763 _____ () C:\Users\Uživatel\Downloads\gm692(1).zip
2014-04-30 15:40 - 2014-04-30 09:38 - 2145906322 _____ () C:\Users\Uživatel\Downloads\S.T.A.L.K.E.R.-Stalker-Lost-Alpha.rar
2014-04-30 14:25 - 2014-04-30 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2014-04-30 14:07 - 2014-04-30 14:07 - 00000741 _____ () C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Lost Alpha.lnk
2014-04-30 14:07 - 2014-04-30 14:07 - 00000741 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.T.A.L.K.E.R. - Lost Alpha.lnk
2014-04-29 18:21 - 2014-05-02 11:49 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Uživatel\Desktop\TDSSKiller.exe
2014-04-28 11:16 - 2014-04-21 18:35 - 00000000 ____D () C:\Users\Uživatel\Desktop\Zase práce
2014-04-27 16:10 - 2014-04-27 16:09 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-27 16:10 - 2013-10-22 18:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-27 16:10 - 2012-10-12 23:18 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-27 13:40 - 2014-04-27 13:40 - 00000000 ____D () C:\Users\Uživatel\Documents\TrialsFusion
2014-04-25 21:40 - 2014-04-25 21:40 - 00000874 _____ () C:\Users\Uživatel\Desktop\Trials Fusion.lnk
2014-04-25 21:40 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trials Fusion
2014-04-25 18:36 - 2014-04-25 18:17 - 2076180480 _____ () C:\Users\Uživatel\Downloads\cod.Tf.part1.rar
2014-04-25 18:35 - 2014-04-25 18:17 - 2076180480 _____ () C:\Users\Uživatel\Downloads\cod.Tf.part2.rar
2014-04-25 18:31 - 2014-04-25 18:17 - 1600738978 _____ () C:\Users\Uživatel\Downloads\cod.Tf.part3.rar
2014-04-25 18:23 - 2014-04-25 18:16 - 00000000 ____D () C:\Users\Uživatel\Downloads\Wondershare PDF Editor 3.1.0.6
2014-04-24 20:07 - 2014-04-18 16:53 - 00000330 _____ () C:\Users\Uživatel\rgut
Files to move or delete:
====================
C:\ProgramData\hpe41B1.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-19 20:56
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-05-2014 1
Ran by Uživatel (administrator) on UŽIVATEL-PC on 24-05-2014 20:40:08
Running from C:\Users\Uživatel\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ActMask Co.,Ltd - http://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [976896 2011-01-03] (ActMask Co.,Ltd - http://www.all2pdf.com)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2007392 2014-04-01] (Wondershare)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [F-Secure Hoster (666)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2014-02-28] (F-Secure Corporation)
HKU\S-1-5-21-2933677903-2961974296-2326318704-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-04-19] (AMD)
HKU\S-1-5-21-2933677903-2961974296-2326318704-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2933677903-2961974296-2326318704-1000\...\MountPoints2: {02e3c54b-1df8-11e2-99be-001a4d4fba28} - H:\setup.exe
==================== Internet (Whitelisted) ====================
SearchScopes: HKCU - {2147521C-BE1D-4860-8FDF-C32A8AA5E945} URL = http://search.ividi.org/?q={searchTerms ... lt=3&r=885
BHO: F-Secure Online Safety - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: F-Secure Online Safety - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default
FF DefaultSearchEngine: Centrum.cz
FF SearchEngineOrder.1: Search
FF Homepage: hxxp://www.centrum.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Uživatel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\searchplugins\inbox-hledn.xml
FF SearchPlugin: C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\searchplugins\qipsearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: 20-20 3D Viewer - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\2020Player@2020Technologies.com [2012-10-23]
FF Extension: Centrum doménový pomocník - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\centrumpomocnik@centrum.cz [2012-10-23]
FF Extension: Lišta Centrum.cz - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\toolbar@centrumholdings.com [2014-01-17]
FF Extension: PutLocker Downloader - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\ptl@ptl.com.xpi [2013-06-26]
FF Extension: Greasemonkey - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\or8xac3p.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-08-06]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [12x3q4@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF HKLM-x32\...\Firefox\Extensions: [{3f143e91-b854-442c-9aa5-6a5e7cb9d6db}] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https
FF Extension: Online Safety - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https [2014-05-02]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [safesearch@f-secure.com] - C:\Users\Uživatel\AppData\Roaming\F-Secure\SafeSearch\FFPlugIn\
FF Extension: F-Secure Search - C:\Users\Uživatel\AppData\Roaming\F-Secure\SafeSearch\FFPlugIn\ []
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [faklkmlkcleeoibffcbligohmkciloif] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx []
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_chrome_https\fs_chrome_https.crx [2014-03-04]
CHR HKLM-x32\...\Chrome\Extension: [ldgmpbcakgigkdogbbfhenpjagfeimcm] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha642\ch\WebexpEnhancedV1alpha642.crx [2014-03-04]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2014-03-04]
==================== Services (Whitelisted) =================
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2014-02-28] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-10] (F-Secure Corporation)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [65536 2009-08-06] ()
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904 2007-08-08] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG)
==================== Drivers (Whitelisted) ====================
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-24] (DT Soft Ltd)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-05-02] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69928 2014-05-21] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2014-05-02] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\fsni64.sys [86056 2014-02-14] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] ()
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2012-07-24] (Sony Ericsson Mobile Communications)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-02-01] ()
S3 vzandnetadb; C:\Windows\System32\Drivers\lgvzandnetadb.sys [31744 2012-03-12] (Google Inc)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-24 20:40 - 2014-05-24 20:40 - 00015261 _____ () C:\Users\Uživatel\Desktop\FRST.txt
2014-05-23 20:01 - 2014-05-23 20:16 - 1472487424 _____ () C:\Users\Uživatel\Downloads\Total Recall (2012).avi
2014-05-23 17:09 - 2014-05-23 17:12 - 586065332 _____ () C:\Users\Uživatel\Downloads\czech-bitch-31.mp4
2014-05-23 16:13 - 2014-05-23 16:13 - 00000000 ____D () C:\Windows\ERUNT
2014-05-23 16:11 - 2014-05-23 16:11 - 01326389 _____ () C:\Users\Uživatel\Desktop\AdwCleaner.exe
2014-05-23 16:11 - 2014-05-23 16:11 - 01016261 _____ (Thisisu) C:\Users\Uživatel\Desktop\JRT.exe
2014-05-22 20:43 - 2014-05-24 20:40 - 00000000 ____D () C:\FRST
2014-05-22 20:41 - 2014-05-24 20:39 - 02066432 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2014-05-22 18:35 - 2014-05-22 18:35 - 00974568 _____ (Copyright © 2013 eSupport.com, Inc • All Rights Reserved ) C:\Users\Uživatel\Downloads\driveragent-setup-1213.exe
2014-05-22 18:31 - 2014-05-22 18:31 - 05032470 _____ (Geeks3D ) C:\Users\Uživatel\Downloads\FurMark_112.exe
2014-05-22 18:28 - 2014-05-22 18:28 - 01496480 _____ ( ) C:\Users\Uživatel\Downloads\cpu-z_1.69-setup-en.exe
2014-05-22 16:47 - 2014-05-22 16:47 - 00401720 _____ (Trend Micro Inc.) C:\Users\Uživatel\Downloads\HijackThis.exe
2014-05-21 21:40 - 2014-05-24 18:25 - 00104824 ____N () C:\Windows\WindowsUpdate.log
2014-05-21 16:35 - 2014-05-21 16:38 - 882650406 _____ () C:\Users\Uživatel\Downloads\borec-picha-bohovskou-35.mp4
2014-05-18 20:28 - 2014-05-18 20:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-18 06:46 - 2014-05-18 06:46 - 00000000 __SHD () C:\found.001
2014-05-17 20:03 - 2014-05-17 08:55 - 1622964586 _____ () C:\Users\Uživatel\Desktop\Jack Rayen - v utajení.avi
2014-05-17 13:45 - 2014-05-17 13:50 - 1633884450 _____ () C:\Users\Uživatel\Downloads\4851.rar
2014-05-16 21:11 - 2014-05-16 12:22 - 1944776704 _____ () C:\Users\Uživatel\Desktop\Robocop 2014.avi
2014-05-16 20:43 - 2014-05-16 20:48 - 1955427852 _____ () C:\Users\Uživatel\Downloads\94.rar
2014-05-14 18:53 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 18:53 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 18:53 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 18:53 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 18:53 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 18:53 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 16:46 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 16:46 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 16:44 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 16:44 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 16:44 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 16:44 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 16:44 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 16:44 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 16:44 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 16:44 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 16:44 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 16:44 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 16:44 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 16:44 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 16:44 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 16:44 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 16:44 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 16:44 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 16:44 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 16:44 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 16:44 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 16:44 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 16:44 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 16:44 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 16:44 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 16:44 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 16:44 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 16:44 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 16:44 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 16:44 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 16:44 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 16:44 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 17:14 - 2014-05-13 17:20 - 00000000 ____D () C:\Users\Uživatel\P5JavaClientSettings
2014-05-13 17:14 - 2014-05-13 17:14 - 00000000 ____D () C:\Users\Uživatel\AppData\Local\P5
2014-05-13 17:13 - 2014-05-13 17:13 - 01543536 _____ (SBS ) C:\Users\Uživatel\Downloads\ParadisePoker.exe
2014-05-12 20:42 - 2014-05-23 20:06 - 00000000 ____D () C:\Users\Uživatel\AppData\Local\PokerStars
2014-05-12 20:42 - 2014-05-12 20:42 - 00000755 _____ () C:\Users\Public\Desktop\PokerStars.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000755 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars
2014-05-12 20:40 - 2014-05-12 20:41 - 33503792 _____ (PokerStars) C:\Users\Uživatel\Downloads\PokerStarsInstall.exe
2014-05-07 19:21 - 2014-05-07 19:26 - 1808044032 _____ () C:\Users\Uživatel\Downloads\krsnb.avi
2014-05-06 20:05 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-06 20:05 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-06 20:05 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-06 20:05 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-06 20:05 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-06 20:05 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-06 20:05 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-06 20:05 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-06 20:05 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-06 20:05 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-06 20:05 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-06 20:05 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-06 20:05 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-06 20:05 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-06 20:05 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-06 20:05 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-06 20:05 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-06 20:05 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-06 20:05 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-06 20:05 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-06 20:05 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-06 20:05 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-06 20:05 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-06 20:05 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-06 20:05 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-06 20:05 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-06 20:05 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-06 20:05 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-06 20:05 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-06 20:05 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-06 20:05 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-06 20:05 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-06 20:05 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-06 20:05 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-06 20:05 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-06 20:05 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-06 20:05 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-06 20:05 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-06 20:05 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-06 20:05 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-06 20:05 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-06 20:05 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-06 20:05 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-06 20:05 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-05 09:29 - 2014-05-05 09:30 - 89957278 _____ () C:\Users\Uživatel\Downloads\1.flv
2014-05-03 18:17 - 2009-12-25 13:07 - 04851416 _____ (AVSoftware ) C:\Users\Uživatel\Downloads\HideIPSetup.exe
2014-05-03 18:17 - 2009-12-25 12:36 - 73515400 _____ (F-Secure Corporation) C:\Users\Uživatel\Downloads\F-Secure Internet Security 2010.exe
2014-05-03 12:45 - 2013-03-28 04:10 - 00000000 ____D () C:\Users\Uživatel\Desktop\Sniper_Ghost_Warrior_2_Siberian_Strike_DLC-FLTDOX
2014-05-03 10:18 - 2014-05-03 12:01 - 1955151748 _____ () C:\Users\Uživatel\Downloads\flt-sgw2ssdlc.rar
2014-05-03 10:12 - 2014-05-03 10:12 - 00531675 _____ () C:\Users\Uživatel\Downloads\SGH2_cz.exe
2014-05-02 18:59 - 2014-05-02 18:59 - 00000000 ____D () C:\Users\Uživatel\AppData\Local\F-Secure
2014-05-02 18:55 - 2014-05-02 18:55 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-05-02 18:47 - 2014-05-02 18:47 - 00000000 ____D () C:\Users\Uživatel\.android
2014-05-02 18:31 - 2014-05-02 18:31 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\F-Secure
2014-05-02 18:30 - 2014-05-02 18:30 - 00056016 _____ () C:\Windows\system32\Drivers\fsbts.sys
2014-05-02 18:29 - 2014-05-02 18:29 - 00020395 _____ () C:\Windows\prodsett_copy.ini
2014-05-02 18:26 - 2014-05-02 18:52 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\Seznam.cz
2014-05-02 18:26 - 2014-05-02 18:26 - 00990872 _____ (F-Secure Corporation) C:\Users\Uživatel\Documents\F-SecureNetworkInstaller_IS2012-ESTORE-TRIAL-GLOBAL_.exe
2014-05-02 18:26 - 2014-05-02 18:26 - 00003172 _____ () C:\Windows\System32\Tasks\{5FC547E8-31AB-436B-A4B0-FC8D5C0F6681}
2014-05-02 18:17 - 2014-05-02 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure
2014-05-02 18:16 - 2014-05-03 18:19 - 00000000 ____D () C:\Program Files (x86)\F-Secure
2014-05-02 17:59 - 2014-05-02 18:30 - 00000000 ____D () C:\ProgramData\f-secure
2014-05-02 12:06 - 2014-05-02 12:06 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-02 12:05 - 2014-05-02 12:05 - 136013840 _____ () C:\Users\Uživatel\Desktop\setup_11.0.1.1245.x01_2014_05_02_11_48.exe
2014-05-02 11:49 - 2014-05-02 11:49 - 04143997 _____ () C:\Users\Uživatel\Downloads\tdsskiller.zip
2014-05-02 11:49 - 2014-04-29 18:21 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Uživatel\Desktop\TDSSKiller.exe
2014-05-02 11:47 - 2014-05-02 11:47 - 03972608 _____ () C:\Users\Uživatel\Downloads\RogueKiller.exe
2014-05-02 11:40 - 2014-05-02 11:40 - 00003200 _____ () C:\Windows\System32\Tasks\{4B45A62E-4944-40EA-A174-D0833965AEA7}
2014-05-02 11:35 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-01 17:03 - 2014-05-01 17:03 - 04745984 _____ (Piriform Ltd) C:\Users\Uživatel\Downloads\ccsetup413.exe
2014-05-01 13:42 - 2014-05-01 13:42 - 01009763 _____ () C:\Users\Uživatel\Downloads\gm692(1).zip
2014-05-01 13:42 - 2007-03-23 00:00 - 00000000 ____D () C:\Users\Uživatel\Desktop\GM
2014-04-30 14:25 - 2014-04-30 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2014-04-30 14:25 - 2011-05-30 15:42 - 00255488 _____ () C:\Windows\system32\xvidvfw.dll
2014-04-30 14:25 - 2011-05-30 15:42 - 00240640 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-04-30 14:25 - 2011-05-23 11:52 - 00153088 _____ () C:\Windows\SysWOW64\xvid.ax
2014-04-30 14:25 - 2011-05-23 09:49 - 00173568 _____ () C:\Windows\system32\xvid.ax
2014-04-30 14:25 - 2011-05-23 09:46 - 00645632 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-04-30 14:25 - 2011-05-23 09:45 - 00696832 _____ () C:\Windows\system32\xvidcore.dll
2014-04-30 14:07 - 2014-04-30 14:07 - 00000741 _____ () C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Lost Alpha.lnk
2014-04-30 14:07 - 2014-04-30 14:07 - 00000741 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.T.A.L.K.E.R. - Lost Alpha.lnk
2014-04-30 09:38 - 2014-04-30 15:40 - 2145906322 _____ () C:\Users\Uživatel\Downloads\S.T.A.L.K.E.R.-Stalker-Lost-Alpha.rar
2014-04-27 16:10 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-27 16:10 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-27 16:10 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-27 16:09 - 2014-04-27 16:10 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-27 13:40 - 2014-04-27 13:40 - 00000000 ____D () C:\Users\Uživatel\Documents\TrialsFusion
2014-04-25 21:40 - 2014-04-25 21:40 - 00000874 _____ () C:\Users\Uživatel\Desktop\Trials Fusion.lnk
2014-04-25 21:40 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trials Fusion
2014-04-25 21:31 - 1999-12-12 01:00 - 1425000448 _____ () C:\Users\Uživatel\Desktop\cod.Tf.iso
2014-04-25 18:17 - 2014-04-25 18:36 - 2076180480 _____ () C:\Users\Uživatel\Downloads\cod.Tf.part1.rar
2014-04-25 18:17 - 2014-04-25 18:35 - 2076180480 _____ () C:\Users\Uživatel\Downloads\cod.Tf.part2.rar
2014-04-25 18:17 - 2014-04-25 18:31 - 1600738978 _____ () C:\Users\Uživatel\Downloads\cod.Tf.part3.rar
2014-04-25 18:16 - 2014-04-25 18:23 - 00000000 ____D () C:\Users\Uživatel\Downloads\Wondershare PDF Editor 3.1.0.6
2014-04-24 20:20 - 2014-05-23 16:49 - 00000000 ____D () C:\AdwCleaner
==================== One Month Modified Files and Folders =======
2014-05-24 20:40 - 2014-05-24 20:40 - 00015261 _____ () C:\Users\Uživatel\Desktop\FRST.txt
2014-05-24 20:40 - 2014-05-22 20:43 - 00000000 ____D () C:\FRST
2014-05-24 20:39 - 2014-05-22 20:41 - 02066432 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST64.exe
2014-05-24 20:24 - 2012-10-23 19:40 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-24 19:26 - 2012-12-14 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParadisePoker
2014-05-24 18:28 - 2009-07-14 06:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-24 18:28 - 2009-07-14 06:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-24 18:25 - 2014-05-21 21:40 - 00104824 ____N () C:\Windows\WindowsUpdate.log
2014-05-24 18:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-23 22:14 - 2012-10-26 20:16 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\uTorrent
2014-05-23 20:16 - 2014-05-23 20:01 - 1472487424 _____ () C:\Users\Uživatel\Downloads\Total Recall (2012).avi
2014-05-23 20:06 - 2014-05-12 20:42 - 00000000 ____D () C:\Users\Uživatel\AppData\Local\PokerStars
2014-05-23 17:12 - 2014-05-23 17:09 - 586065332 _____ () C:\Users\Uživatel\Downloads\czech-bitch-31.mp4
2014-05-23 16:49 - 2014-04-24 20:20 - 00000000 ____D () C:\AdwCleaner
2014-05-23 16:49 - 2012-10-12 22:57 - 00000000 ____D () C:\Users\Uživatel
2014-05-23 16:13 - 2014-05-23 16:13 - 00000000 ____D () C:\Windows\ERUNT
2014-05-23 16:11 - 2014-05-23 16:11 - 01326389 _____ () C:\Users\Uživatel\Desktop\AdwCleaner.exe
2014-05-23 16:11 - 2014-05-23 16:11 - 01016261 _____ (Thisisu) C:\Users\Uživatel\Desktop\JRT.exe
2014-05-22 18:35 - 2014-05-22 18:35 - 00974568 _____ (Copyright © 2013 eSupport.com, Inc • All Rights Reserved ) C:\Users\Uživatel\Downloads\driveragent-setup-1213.exe
2014-05-22 18:31 - 2014-05-22 18:31 - 05032470 _____ (Geeks3D ) C:\Users\Uživatel\Downloads\FurMark_112.exe
2014-05-22 18:28 - 2014-05-22 18:28 - 01496480 _____ ( ) C:\Users\Uživatel\Downloads\cpu-z_1.69-setup-en.exe
2014-05-22 18:25 - 2013-11-05 20:49 - 00007598 _____ () C:\Users\Uživatel\AppData\Local\Resmon.ResmonCfg
2014-05-22 16:49 - 2013-09-28 22:28 - 00000000 ____D () C:\Program Files\trend micro
2014-05-22 16:47 - 2014-05-22 16:47 - 00401720 _____ (Trend Micro Inc.) C:\Users\Uživatel\Downloads\HijackThis.exe
2014-05-21 21:32 - 2013-07-30 17:32 - 00000000 ____D () C:\Windows\Minidump
2014-05-21 21:31 - 2013-08-17 10:21 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\Jurecek Radek
2014-05-21 17:27 - 2013-11-12 16:44 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\vlc
2014-05-21 16:38 - 2014-05-21 16:35 - 882650406 _____ () C:\Users\Uživatel\Downloads\borec-picha-bohovskou-35.mp4
2014-05-19 21:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-19 05:00 - 2014-04-17 21:45 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-19 04:58 - 2012-10-25 17:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-18 20:28 - 2014-05-18 20:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-18 06:46 - 2014-05-18 06:46 - 00000000 __SHD () C:\found.001
2014-05-17 13:50 - 2014-05-17 13:45 - 1633884450 _____ () C:\Users\Uživatel\Downloads\4851.rar
2014-05-17 08:55 - 2014-05-17 20:03 - 1622964586 _____ () C:\Users\Uživatel\Desktop\Jack Rayen - v utajení.avi
2014-05-16 20:48 - 2014-05-16 20:43 - 1955427852 _____ () C:\Users\Uživatel\Downloads\94.rar
2014-05-16 12:22 - 2014-05-16 21:11 - 1944776704 _____ () C:\Users\Uživatel\Desktop\Robocop 2014.avi
2014-05-15 20:27 - 2013-12-26 20:19 - 00000000 ____D () C:\Users\Uživatel\Downloads\Top Paid Android Apps Pack - December 2013 by TOREN
2014-05-15 04:56 - 2012-10-12 22:57 - 00000000 ___RD () C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 04:56 - 2012-10-12 22:57 - 00000000 ___RD () C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 21:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-14 18:53 - 2012-10-12 23:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 18:50 - 2013-08-14 20:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 18:42 - 2012-10-23 20:49 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 16:41 - 2009-07-14 17:18 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-05-14 16:41 - 2009-07-14 17:18 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-05-14 16:41 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-13 21:24 - 2012-10-23 19:40 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 21:24 - 2012-10-23 19:40 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 21:24 - 2012-10-23 19:40 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 17:20 - 2014-05-13 17:14 - 00000000 ____D () C:\Users\Uživatel\P5JavaClientSettings
2014-05-13 17:14 - 2014-05-13 17:14 - 00000000 ____D () C:\Users\Uživatel\AppData\Local\P5
2014-05-13 17:13 - 2014-05-13 17:13 - 01543536 _____ (SBS ) C:\Users\Uživatel\Downloads\ParadisePoker.exe
2014-05-12 20:42 - 2014-05-12 20:42 - 00000755 _____ () C:\Users\Public\Desktop\PokerStars.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000755 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.lnk
2014-05-12 20:42 - 2014-05-12 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars
2014-05-12 20:41 - 2014-05-12 20:40 - 33503792 _____ (PokerStars) C:\Users\Uživatel\Downloads\PokerStarsInstall.exe
2014-05-07 19:26 - 2014-05-07 19:21 - 1808044032 _____ () C:\Users\Uživatel\Downloads\krsnb.avi
2014-05-06 20:04 - 2013-10-16 21:13 - 00000000 ____D () C:\Users\Uživatel\Documents\FIFA 14
2014-05-06 06:40 - 2014-05-14 18:53 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 18:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 18:53 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 18:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 18:53 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 18:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 09:30 - 2014-05-05 09:29 - 89957278 _____ () C:\Users\Uživatel\Downloads\1.flv
2014-05-03 18:19 - 2014-05-02 18:16 - 00000000 ____D () C:\Program Files (x86)\F-Secure
2014-05-03 12:01 - 2014-05-03 10:18 - 1955151748 _____ () C:\Users\Uživatel\Downloads\flt-sgw2ssdlc.rar
2014-05-03 10:12 - 2014-05-03 10:12 - 00531675 _____ () C:\Users\Uživatel\Downloads\SGH2_cz.exe
2014-05-02 18:59 - 2014-05-02 18:59 - 00000000 ____D () C:\Users\Uživatel\AppData\Local\F-Secure
2014-05-02 18:55 - 2014-05-02 18:55 - 00000000 ____D () C:\Program Files (x86)\WebSpades
2014-05-02 18:52 - 2014-05-02 18:26 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\Seznam.cz
2014-05-02 18:47 - 2014-05-02 18:47 - 00000000 ____D () C:\Users\Uživatel\.android
2014-05-02 18:47 - 2012-12-08 21:45 - 00000000 ____D () C:\Users\Uživatel\AppData\Local\cache
2014-05-02 18:31 - 2014-05-02 18:31 - 00000000 ____D () C:\Users\Uživatel\AppData\Roaming\F-Secure
2014-05-02 18:30 - 2014-05-02 18:30 - 00056016 _____ () C:\Windows\system32\Drivers\fsbts.sys
2014-05-02 18:30 - 2014-05-02 17:59 - 00000000 ____D () C:\ProgramData\f-secure
2014-05-02 18:29 - 2014-05-02 18:29 - 00020395 _____ () C:\Windows\prodsett_copy.ini
2014-05-02 18:26 - 2014-05-02 18:26 - 00990872 _____ (F-Secure Corporation) C:\Users\Uživatel\Documents\F-SecureNetworkInstaller_IS2012-ESTORE-TRIAL-GLOBAL_.exe
2014-05-02 18:26 - 2014-05-02 18:26 - 00003172 _____ () C:\Windows\System32\Tasks\{5FC547E8-31AB-436B-A4B0-FC8D5C0F6681}
2014-05-02 18:17 - 2014-05-02 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure
2014-05-02 12:06 - 2014-05-02 12:06 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-02 12:05 - 2014-05-02 12:05 - 136013840 _____ () C:\Users\Uživatel\Desktop\setup_11.0.1.1245.x01_2014_05_02_11_48.exe
2014-05-02 11:49 - 2014-05-02 11:49 - 04143997 _____ () C:\Users\Uživatel\Downloads\tdsskiller.zip
2014-05-02 11:47 - 2014-05-02 11:47 - 03972608 _____ () C:\Users\Uživatel\Downloads\RogueKiller.exe
2014-05-02 11:40 - 2014-05-02 11:40 - 00003200 _____ () C:\Windows\System32\Tasks\{4B45A62E-4944-40EA-A174-D0833965AEA7}
2014-05-01 17:03 - 2014-05-01 17:03 - 04745984 _____ (Piriform Ltd) C:\Users\Uživatel\Downloads\ccsetup413.exe
2014-05-01 17:03 - 2012-10-23 19:26 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-01 17:03 - 2012-10-23 19:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-01 13:42 - 2014-05-01 13:42 - 01009763 _____ () C:\Users\Uživatel\Downloads\gm692(1).zip
2014-04-30 15:40 - 2014-04-30 09:38 - 2145906322 _____ () C:\Users\Uživatel\Downloads\S.T.A.L.K.E.R.-Stalker-Lost-Alpha.rar
2014-04-30 14:25 - 2014-04-30 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2014-04-30 14:07 - 2014-04-30 14:07 - 00000741 _____ () C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Lost Alpha.lnk
2014-04-30 14:07 - 2014-04-30 14:07 - 00000741 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.T.A.L.K.E.R. - Lost Alpha.lnk
2014-04-29 18:21 - 2014-05-02 11:49 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Uživatel\Desktop\TDSSKiller.exe
2014-04-28 11:16 - 2014-04-21 18:35 - 00000000 ____D () C:\Users\Uživatel\Desktop\Zase práce
2014-04-27 16:10 - 2014-04-27 16:09 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-27 16:10 - 2013-10-22 18:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-27 16:10 - 2012-10-12 23:18 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-27 13:40 - 2014-04-27 13:40 - 00000000 ____D () C:\Users\Uživatel\Documents\TrialsFusion
2014-04-25 21:40 - 2014-04-25 21:40 - 00000874 _____ () C:\Users\Uživatel\Desktop\Trials Fusion.lnk
2014-04-25 21:40 - 2014-04-25 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trials Fusion
2014-04-25 18:36 - 2014-04-25 18:17 - 2076180480 _____ () C:\Users\Uživatel\Downloads\cod.Tf.part1.rar
2014-04-25 18:35 - 2014-04-25 18:17 - 2076180480 _____ () C:\Users\Uživatel\Downloads\cod.Tf.part2.rar
2014-04-25 18:31 - 2014-04-25 18:17 - 1600738978 _____ () C:\Users\Uživatel\Downloads\cod.Tf.part3.rar
2014-04-25 18:23 - 2014-04-25 18:16 - 00000000 ____D () C:\Users\Uživatel\Downloads\Wondershare PDF Editor 3.1.0.6
2014-04-24 20:07 - 2014-04-18 16:53 - 00000330 _____ () C:\Users\Uživatel\rgut
Files to move or delete:
====================
C:\ProgramData\hpe41B1.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-19 20:56
==================== End Of Log ============================
Re: Prosím o kontrolu - Motji
Pro jistotu ještě kuknuna stav disku
stáhněte
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V
stáhnětehttp://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu - Motji
----------------------------------------------------------------------------
CrystalDiskInfo 6.1.9 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2014/05/26 20:03:33
-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9 Family 2 port Serial ATA Storage Controller 2 - 2926 [ATA]
+ ATA Channel 0 (0)
- ASUS DRW-1814BLT ATA Device
+ ATA Channel 1 (1)
- SAMSUNG HD161HJ ATA Device
- ST1500DM003-9YN16G ATA Device
+ Intel(R) ICH9 Family 2 port Serial ATA Storage Controller 1 - 2921 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- JMicron JMB36X Controller [SCSI]
-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD161HJ : 160,0 GB [0/4/0, pd1]
(2) ST1500DM003-9YN16G : 1500,3 GB [1/2/0, pd1] - st
----------------------------------------------------------------------------
(1) SAMSUNG HD161HJ
----------------------------------------------------------------------------
Model : SAMSUNG HD161HJ
Firmware : JF100-19
Serial Number : S0V3JDWPA05778
Disk Size : 160,0 GB (8,4/137,4/160,0/160,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 312579695
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : ---- | SATA/300
Power On Hours : 8968 hod.
Power On Count : 3267 krát
Temperature : 27 C (80 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 253 100 _51 000000000000 Počet chyb čtení
03 253 253 _25 000000001140 Čas na roztočení ploten
04 _93 _93 __0 000000001E2A Počet spuštění/zastavení
05 253 253 _10 000000000000 Počet přemapovaných sektorů
07 253 253 _51 000000000000 Počet chybných hledání
08 253 253 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 000000002308 Hodin v činnosti
0A 253 253 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 253 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000CC3 Počet cyklů zapnutí zařízení
0D 100 100 __0 000000003B20 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B8 253 253 _99 000000000000 Ukončovacích chyb
BB 253 253 __0 000000000000 Ohlášeno neopravitelných chyb
BC 253 253 __0 000000000000 Časový limit příkazu
BE 169 124 __0 000026090017 Teplota toku vzduchu
C2 157 121 __0 00002709001B Teplota
C3 100 100 __0 000000003B20 Počet oprav chybného čtení
C4 253 253 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 253 253 __0 000000000000 Počet podezřelých sektorů
C6 253 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 253 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 100 __0 000000000000 Počet chyb při čtení programů z disku
CA 253 253 __0 000000000000 Počet chyb při směrování údajů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 022A 003F 0000 0000 0000
010: 5330 5633 4A44 5750 4130 3537 3738 2020 2020 2020
020: 0003 4000 0004 4A46 3130 302D 3139 5341 4D53 554E
030: 4720 4844 3136 3148 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 004C 0040
080: 00F8 0052 746B 7F09 4123 7469 BC01 4123 20FF 0019
090: 0019 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 966F 12A1 0000 0000 0000 0000 0000 0000 5000 0F00
110: DBA0 5778 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: FFFF 0400 4E00 0003 0000 9A00 0300 2400 6E20 3037
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 DAA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 FD 64 00 00 00 00 00 00 00 03 07
010: 00 FD FD 40 11 00 00 00 00 00 04 32 00 5D 5D 2A
020: 1E 00 00 00 00 00 05 33 00 FD FD 00 00 00 00 00
030: 00 00 07 0F 00 FD FD 00 00 00 00 00 00 00 08 25
040: 00 FD FD 00 00 00 00 00 00 00 09 32 00 64 64 08
050: 23 00 00 00 00 00 0A 33 00 FD FD 00 00 00 00 00
060: 00 00 0B 12 00 FD 64 00 00 00 00 00 00 00 0C 32
070: 00 61 61 C3 0C 00 00 00 00 00 0D 0E 00 64 64 20
080: 3B 00 00 00 00 00 B8 33 00 FD FD 00 00 00 00 00
090: 00 00 BB 32 00 FD FD 00 00 00 00 00 00 00 BC 32
0A0: 00 FD FD 00 00 00 00 00 00 00 BE 22 00 A9 7C 17
0B0: 00 09 26 00 00 00 C2 22 00 9D 79 1B 00 09 27 00
0C0: 00 00 C3 1A 00 64 64 20 3B 00 00 00 00 00 C4 32
0D0: 00 FD FD 00 00 00 00 00 00 00 C5 12 00 FD FD 00
0E0: 00 00 00 00 00 00 C6 30 00 FD FD 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 C8 0A
100: 00 FD 64 00 00 00 00 00 00 00 C9 0A 00 FD 64 00
110: 00 00 00 00 00 00 CA 32 00 FD FD 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 02 00 94 0B 00 5B
170: 03 00 01 00 02 32 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7E
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 19
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 33 00 00 00 00 00 00 00 00 00 00 08 0F
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 33 00 00 00 00 00 00 00 00
060: 00 00 0B 00 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 0D 00 00 00 00 00
080: 00 00 00 00 00 00 B8 63 00 00 00 00 00 00 00 00
090: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BC 00
0A0: 00 00 00 00 00 00 00 00 00 00 BE 00 00 00 00 00
0B0: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
0C0: 00 00 C3 00 00 00 00 00 00 00 00 00 00 00 C4 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
100: 00 00 00 00 00 00 00 00 00 00 C9 00 00 00 00 00
110: 00 00 00 00 00 00 CA 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8C
----------------------------------------------------------------------------
(2) ST1500DM003-9YN16G
----------------------------------------------------------------------------
Model : ST1500DM003-9YN16G
Firmware : CC4B
Serial Number : S1E08XYZ
Disk Size : 1500,3 GB (8,4/137,4/1500,3/1500,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 2930275055
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 2035 hod.
Power On Count : 624 krát
Temperature : 32 C (89 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 118 _99 __6 00000B4A12D8 Počet chyb čtení
03 _96 _94 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 000000000279 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _78 _60 _30 000004B1BD61 Počet chybných hledání
09 _98 _98 __0 0000000007F3 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 000000000270 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _99 __0 000000000001 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _68 _57 _45 000020170020 Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000044 Počet vypnutí disku
C1 _99 _99 __0 0000000008DC Počet cyklů načítání/vymazání
C2 _32 _43 __0 001300000020 Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 DC780000080B Čas nastavování hlaviček - v hodinách
F1 100 253 __0 00AE80B994B8 Total Host Writes
F2 100 253 __0 0B3A1D665ACF Total Host Reads
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5331 4530 3858 595A
020: 0000 0000 0004 4343 3442 2020 2020 5354 3135 3030
030: 444D 3030 332D 3959 4E31 3647 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0004 004C 0040
080: 01F0 0029 346B 7D09 4163 3469 BC09 4163 207F 0049
090: 0049 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: 72EF AEA8 0000 0000 0000 0000 6003 0000 5000 C500
110: 4B59 4445 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 7B30
130: AEA8 7B30 AEA8 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 007F 0280 0000 0000
150: 000A 0000 0000 0000 0000 0000 0000 0000 5800 89E0
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1020 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 05A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 76 63 D8 12 4A 0B 00 00 00 03 03
010: 00 60 5E 00 00 00 00 00 00 00 04 32 00 64 64 79
020: 02 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 4E 3C 61 BD B1 04 00 00 00 09 32
040: 00 62 62 F3 07 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 70 02 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 63 01 00 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 44 39 20 00 17 20 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 44 00 00 00 00
0C0: 00 00 C1 32 00 63 63 DC 08 00 00 00 00 00 C2 22
0D0: 00 20 2B 20 00 00 00 13 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD 0B 08 00 00 78 DC 32 F1 00 00 64 FD B8
110: 94 B9 80 AE 00 00 F2 00 00 64 FD CF 5A 66 1D 3A
120: 0B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 3F 02 00 73
170: 03 00 01 00 01 98 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 30 08 00 00 02 06 06 02 02 02 02 06
190: 06 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 4C 70 8C 4E AA 06 00 00
1B0: 00 00 00 00 01 00 21 01 B8 94 B9 80 AE 00 00 00
1C0: CF 5A 66 1D 3A 0B 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 E5 1A 00 00 01 00 00 00
1E0: 00 00 00 00 F8 7B 00 00 00 00 00 00 00 00 00 01
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9D
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E3
CrystalDiskInfo 6.1.9 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2014/05/26 20:03:33
-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9 Family 2 port Serial ATA Storage Controller 2 - 2926 [ATA]
+ ATA Channel 0 (0)
- ASUS DRW-1814BLT ATA Device
+ ATA Channel 1 (1)
- SAMSUNG HD161HJ ATA Device
- ST1500DM003-9YN16G ATA Device
+ Intel(R) ICH9 Family 2 port Serial ATA Storage Controller 1 - 2921 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- JMicron JMB36X Controller [SCSI]
-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD161HJ : 160,0 GB [0/4/0, pd1]
(2) ST1500DM003-9YN16G : 1500,3 GB [1/2/0, pd1] - st
----------------------------------------------------------------------------
(1) SAMSUNG HD161HJ
----------------------------------------------------------------------------
Model : SAMSUNG HD161HJ
Firmware : JF100-19
Serial Number : S0V3JDWPA05778
Disk Size : 160,0 GB (8,4/137,4/160,0/160,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 312579695
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : ---- | SATA/300
Power On Hours : 8968 hod.
Power On Count : 3267 krát
Temperature : 27 C (80 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 253 100 _51 000000000000 Počet chyb čtení
03 253 253 _25 000000001140 Čas na roztočení ploten
04 _93 _93 __0 000000001E2A Počet spuštění/zastavení
05 253 253 _10 000000000000 Počet přemapovaných sektorů
07 253 253 _51 000000000000 Počet chybných hledání
08 253 253 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 000000002308 Hodin v činnosti
0A 253 253 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 253 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000CC3 Počet cyklů zapnutí zařízení
0D 100 100 __0 000000003B20 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B8 253 253 _99 000000000000 Ukončovacích chyb
BB 253 253 __0 000000000000 Ohlášeno neopravitelných chyb
BC 253 253 __0 000000000000 Časový limit příkazu
BE 169 124 __0 000026090017 Teplota toku vzduchu
C2 157 121 __0 00002709001B Teplota
C3 100 100 __0 000000003B20 Počet oprav chybného čtení
C4 253 253 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 253 253 __0 000000000000 Počet podezřelých sektorů
C6 253 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 253 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 100 __0 000000000000 Počet chyb při čtení programů z disku
CA 253 253 __0 000000000000 Počet chyb při směrování údajů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 022A 003F 0000 0000 0000
010: 5330 5633 4A44 5750 4130 3537 3738 2020 2020 2020
020: 0003 4000 0004 4A46 3130 302D 3139 5341 4D53 554E
030: 4720 4844 3136 3148 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 004C 0040
080: 00F8 0052 746B 7F09 4123 7469 BC01 4123 20FF 0019
090: 0019 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 966F 12A1 0000 0000 0000 0000 0000 0000 5000 0F00
110: DBA0 5778 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: FFFF 0400 4E00 0003 0000 9A00 0300 2400 6E20 3037
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 DAA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 FD 64 00 00 00 00 00 00 00 03 07
010: 00 FD FD 40 11 00 00 00 00 00 04 32 00 5D 5D 2A
020: 1E 00 00 00 00 00 05 33 00 FD FD 00 00 00 00 00
030: 00 00 07 0F 00 FD FD 00 00 00 00 00 00 00 08 25
040: 00 FD FD 00 00 00 00 00 00 00 09 32 00 64 64 08
050: 23 00 00 00 00 00 0A 33 00 FD FD 00 00 00 00 00
060: 00 00 0B 12 00 FD 64 00 00 00 00 00 00 00 0C 32
070: 00 61 61 C3 0C 00 00 00 00 00 0D 0E 00 64 64 20
080: 3B 00 00 00 00 00 B8 33 00 FD FD 00 00 00 00 00
090: 00 00 BB 32 00 FD FD 00 00 00 00 00 00 00 BC 32
0A0: 00 FD FD 00 00 00 00 00 00 00 BE 22 00 A9 7C 17
0B0: 00 09 26 00 00 00 C2 22 00 9D 79 1B 00 09 27 00
0C0: 00 00 C3 1A 00 64 64 20 3B 00 00 00 00 00 C4 32
0D0: 00 FD FD 00 00 00 00 00 00 00 C5 12 00 FD FD 00
0E0: 00 00 00 00 00 00 C6 30 00 FD FD 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 C8 0A
100: 00 FD 64 00 00 00 00 00 00 00 C9 0A 00 FD 64 00
110: 00 00 00 00 00 00 CA 32 00 FD FD 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 02 00 94 0B 00 5B
170: 03 00 01 00 02 32 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7E
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 19
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 33 00 00 00 00 00 00 00 00 00 00 08 0F
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 33 00 00 00 00 00 00 00 00
060: 00 00 0B 00 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 0D 00 00 00 00 00
080: 00 00 00 00 00 00 B8 63 00 00 00 00 00 00 00 00
090: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BC 00
0A0: 00 00 00 00 00 00 00 00 00 00 BE 00 00 00 00 00
0B0: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
0C0: 00 00 C3 00 00 00 00 00 00 00 00 00 00 00 C4 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
100: 00 00 00 00 00 00 00 00 00 00 C9 00 00 00 00 00
110: 00 00 00 00 00 00 CA 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8C
----------------------------------------------------------------------------
(2) ST1500DM003-9YN16G
----------------------------------------------------------------------------
Model : ST1500DM003-9YN16G
Firmware : CC4B
Serial Number : S1E08XYZ
Disk Size : 1500,3 GB (8,4/137,4/1500,3/1500,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 2930275055
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 2035 hod.
Power On Count : 624 krát
Temperature : 32 C (89 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 118 _99 __6 00000B4A12D8 Počet chyb čtení
03 _96 _94 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 000000000279 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _78 _60 _30 000004B1BD61 Počet chybných hledání
09 _98 _98 __0 0000000007F3 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 000000000270 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _99 __0 000000000001 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _68 _57 _45 000020170020 Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000044 Počet vypnutí disku
C1 _99 _99 __0 0000000008DC Počet cyklů načítání/vymazání
C2 _32 _43 __0 001300000020 Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 DC780000080B Čas nastavování hlaviček - v hodinách
F1 100 253 __0 00AE80B994B8 Total Host Writes
F2 100 253 __0 0B3A1D665ACF Total Host Reads
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5331 4530 3858 595A
020: 0000 0000 0004 4343 3442 2020 2020 5354 3135 3030
030: 444D 3030 332D 3959 4E31 3647 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0004 004C 0040
080: 01F0 0029 346B 7D09 4163 3469 BC09 4163 207F 0049
090: 0049 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: 72EF AEA8 0000 0000 0000 0000 6003 0000 5000 C500
110: 4B59 4445 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 7B30
130: AEA8 7B30 AEA8 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 007F 0280 0000 0000
150: 000A 0000 0000 0000 0000 0000 0000 0000 5800 89E0
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1020 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 05A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 76 63 D8 12 4A 0B 00 00 00 03 03
010: 00 60 5E 00 00 00 00 00 00 00 04 32 00 64 64 79
020: 02 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 4E 3C 61 BD B1 04 00 00 00 09 32
040: 00 62 62 F3 07 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 70 02 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 63 01 00 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 44 39 20 00 17 20 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 44 00 00 00 00
0C0: 00 00 C1 32 00 63 63 DC 08 00 00 00 00 00 C2 22
0D0: 00 20 2B 20 00 00 00 13 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD 0B 08 00 00 78 DC 32 F1 00 00 64 FD B8
110: 94 B9 80 AE 00 00 F2 00 00 64 FD CF 5A 66 1D 3A
120: 0B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 3F 02 00 73
170: 03 00 01 00 01 98 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 30 08 00 00 02 06 06 02 02 02 02 06
190: 06 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 4C 70 8C 4E AA 06 00 00
1B0: 00 00 00 00 01 00 21 01 B8 94 B9 80 AE 00 00 00
1C0: CF 5A 66 1D 3A 0B 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 E5 1A 00 00 01 00 00 00
1E0: 00 00 00 00 F8 7B 00 00 00 00 00 00 00 00 00 01
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9D
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E3
Re: Prosím o kontrolu - Motji
Oba disky jsou v pořádku. Pokud nejsou problémy,je to vše
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu - Motji
Děkuji za vyřešení problému. 
Re: Prosím o kontrolu - Motji
není zač
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?