Dobrý den,
Prosím o preventivku
Předem děkuji za odpověď.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Raubiri at 2016-05-28 19:42:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 20 GB (7%) free of 299 GB
Total RAM: 3799 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:42:31, on 28.5.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Raubiri\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Raubiri\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe
C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
C:\Program Files\trend micro\Raubiri.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=16609
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [DeathTaker] C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
O4 - HKCU\..\Run: [Power2GoExpress8] NA
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [B4F1AAE8FDEC0DADC85673900272A607F207036A._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [f.lux] "C:\Users\Raubiri\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Raubiri\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun (User 'Default user')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Global Startup: Kaspersky Software Updater Beta.lnk = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {444785F1-DE89-4295-863A-D46C3A781394} (UnityWebPlayer Control) - http://webplayer.unity3d.com/download_w ... Player.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Vzdálené plochy Chrome (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\50.0.2661.22\remoting_host.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\SysWOW64\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\SysWOW64\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13908 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
taskeng.exe {305B908C-B1AE-4A16-B5EB-781743FB5683}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
"C:\Users\Raubiri\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Users\Raubiri\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe"
"C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe"
"C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe" -nogui
"C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe" RUNMODE RESCHEDULEMODE modetorun firstrun modeargs reschedulemode
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
WLIDSvcM.exe 3344
OfficeC2RClient.exe /blockinstall
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
C:\Windows\System32\alg.exe
"C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\Raubiri\AppData\Local\Steam\htmlcache" -steampid=2376 -buildid=1461972496 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe" /update SCHEDULEDTASK displaylevel=False
"taskhost.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{0982DC76-6CCF-4035-BAB4-D8F5CDFA5365}
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe" patch patch
taskeng.exe {A0FBEEB3-63F9-4B1F-9DF3-7A7A0C9008D8}
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe58_ Global\UsGthrCtrlFltPipeMssGthrPipe58 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Raubiri\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Raubiri\AppData\Roaming\Mozilla\Firefox\Profiles\ul7ft6u8.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-15 213192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-05-15 608032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-15 2096432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-05-15 431392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-05-11 176952]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress8"=NA []
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-06-28 39408]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-04-30 3077712]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-04-25 23484296]
"B4F1AAE8FDEC0DADC85673900272A607F207036A._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-05-25 941720]
"DAEMON Tools Lite Automount"=C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2016-03-01 4290240]
"f.lux"=C:\Users\Raubiri\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"Spotify Web Helper"=C:\Users\Raubiri\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-04-29 1525360]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [2016-03-24 680528]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-05-17 53123712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google+ Auto Backup]
C:\Users\Raubiri\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-01-06 3619096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2014-03-31 4272840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12Agent]
C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [2012-09-19 374560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12DMREngine]
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [2012-09-19 505872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DeathTaker"=C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe [2013-04-03 303616]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Kaspersky Software Updater Beta.lnk - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FICV"=ficvdec_x64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-05-28 19:42:22 ----D---- C:\rsit
2016-05-28 19:42:22 ----D---- C:\Program Files\trend micro
2016-05-28 16:15:48 ----RD---- C:\Program Files (x86)\Skype
2016-05-28 16:06:39 ----D---- C:\Program Files (x86)\iTunes
2016-05-28 16:06:38 ----D---- C:\Program Files\iPod
2016-05-27 18:25:32 ----D---- C:\Program Files (x86)\WinDirStat
2016-05-09 15:53:33 ----D---- C:\Users\Raubiri\AppData\Roaming\Opera Software
2016-05-09 15:52:36 ----D---- C:\Program Files (x86)\Opera
2016-05-09 15:05:58 ----D---- C:\Program Files (x86)\RocketDock
2016-05-07 13:25:04 ----D---- C:\Program Files (x86)\QuickTime
2016-05-07 11:13:04 ----D---- C:\Program Files (x86)\Battle for Wesnoth 1.12.5
2016-05-05 21:44:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-05-04 10:37:35 ----D---- C:\Program Files (x86)\Project64 1.6
2016-05-01 15:48:51 ----D---- C:\Program Files (x86)\Microsoft Security Client
2016-05-01 15:48:40 ----D---- C:\Program Files\Microsoft Security Client
2016-05-01 15:26:21 ----D---- C:\Program Files\Common Files\AV
2016-05-01 15:17:45 ----D---- C:\ProgramData\AVAST Software
2016-05-01 09:38:43 ----D---- C:\Users\Raubiri\AppData\Roaming\Trimble Connect for SketchUp
2016-05-01 09:36:24 ----D---- C:\Users\Raubiri\AppData\Roaming\SketchUp
2016-05-01 09:30:36 ----AD---- C:\ProgramData\Reprise
2016-05-01 09:29:35 ----D---- C:\ProgramData\SketchUp
2016-04-30 19:25:18 ----D---- C:\Windows\rescache
2016-04-30 10:28:18 ----D---- C:\Program Files (x86)\Scratch
2016-04-29 19:23:58 ----D---- C:\Users\Raubiri\AppData\Roaming\Spotify
2016-04-29 13:11:42 ----D---- C:\Program Files (x86)\VS Revo Group
2016-04-29 12:44:24 ----D---- C:\Program Files (x86)\Canon
2016-04-29 12:23:01 ----A---- C:\Windows\SYSWOW64\vsocklib.dll
2016-04-29 12:23:01 ----A---- C:\Windows\system32\vsocklib.dll
2016-04-29 12:23:00 ----A---- C:\Windows\system32\drivers\vsock.sys
2016-04-29 12:22:57 ----A---- C:\Windows\system32\drivers\vmx86.sys
2016-04-29 12:22:14 ----A---- C:\Windows\SYSWOW64\vmnetdhcp.exe
2016-04-29 12:22:11 ----A---- C:\Windows\SYSWOW64\vmnat.exe
2016-04-29 12:22:05 ----A---- C:\Windows\system32\drivers\vmnetuserif.sys
2016-04-29 12:21:54 ----A---- C:\Windows\system32\vnetlib64.dll
2016-04-29 12:21:26 ----A---- C:\Windows\system32\drivers\hcmon.sys
2016-04-29 12:20:39 ----D---- C:\Program Files\Common Files\VMware
======List of files/folders modified in the last 1 month======
2016-05-28 19:42:32 ----D---- C:\Windows\Prefetch
2016-05-28 19:42:25 ----D---- C:\Windows\Temp
2016-05-28 19:42:22 ----RD---- C:\Program Files
2016-05-28 16:43:01 ----D---- C:\Windows\system32\drivers
2016-05-28 16:24:53 ----D---- C:\Users\Raubiri\AppData\Roaming\Samsung
2016-05-28 16:17:08 ----D---- C:\Program Files\7-Zip
2016-05-28 16:16:56 ----SHD---- C:\Windows\Installer
2016-05-28 16:15:48 ----RD---- C:\Program Files (x86)
2016-05-28 16:15:48 ----D---- C:\Program Files (x86)\Common Files
2016-05-28 16:15:41 ----D---- C:\ProgramData\Skype
2016-05-28 16:14:12 ----D---- C:\Users\Raubiri\AppData\Roaming\Notepad++
2016-05-28 16:13:20 ----D---- C:\Program Files (x86)\Samsung
2016-05-28 16:07:55 ----D---- C:\Program Files\iTunes
2016-05-28 16:06:38 ----D---- C:\Program Files\Common Files\Apple
2016-05-28 15:56:19 ----D---- C:\Windows\system32\Tasks
2016-05-28 15:56:01 ----D---- C:\Users\Raubiri\AppData\Roaming\Skype
2016-05-28 15:46:13 ----D---- C:\Program Files (x86)\Java
2016-05-28 15:42:21 ----D---- C:\Windows\SysWOW64
2016-05-28 15:40:17 ----SHD---- C:\System Volume Information
2016-05-28 14:39:37 ----D---- C:\Users\Raubiri\AppData\Roaming\VMware
2016-05-28 13:25:51 ----D---- C:\ProgramData\Nokia
2016-05-28 13:25:51 ----D---- C:\Program Files (x86)\Nokia
2016-05-28 13:17:09 ----D---- C:\Users\Raubiri\AppData\Roaming\Mp3tag
2016-05-28 13:06:45 ----D---- C:\Windows\Microsoft.NET
2016-05-28 11:59:16 ----D---- C:\Windows\System32
2016-05-28 11:59:16 ----D---- C:\Windows\inf
2016-05-28 11:59:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-28 11:33:25 ----D---- C:\ProgramData\Samsung
2016-05-28 11:28:13 ----D---- C:\Windows
2016-05-28 11:28:07 ----D---- C:\Windows\system32\config
2016-05-28 11:27:52 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-05-28 11:19:50 ----D---- C:\Program Files (x86)\Microsoft Office
2016-05-28 10:12:16 ----D---- C:\ProgramData\VMware
2016-05-28 10:10:51 ----D---- C:\Program Files (x86)\Steam
2016-05-27 19:54:55 ----D---- C:\Windows\winsxs
2016-05-13 20:25:03 ----D---- C:\Games
2016-05-12 19:16:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-05-11 14:31:02 ----D---- C:\Windows\Tasks
2016-05-08 16:48:57 ----D---- C:\Users\Raubiri\AppData\Roaming\ViberPC
2016-05-08 12:16:47 ----RD---- C:\Install
2016-05-07 17:56:11 ----D---- C:\Users\Raubiri\AppData\Roaming\Audacity
2016-05-07 15:23:29 ----D---- C:\Users\Raubiri\AppData\Roaming\MPC-HC
2016-05-07 14:53:09 ----D---- C:\Program Files (x86)\Google
2016-05-07 13:16:07 ----D---- C:\Users\Raubiri\AppData\Roaming\Adobe
2016-05-07 13:16:07 ----D---- C:\ProgramData\Adobe
2016-05-07 13:16:03 ----D---- C:\Program Files (x86)\Adobe
2016-05-07 11:09:56 ----D---- C:\Program Files (x86)\Battle for Wesnoth 1.12.1
2016-05-06 13:16:06 ----D---- C:\Program Files (x86)\Battle.net
2016-05-06 13:01:59 ----D---- C:\ProgramData\Origin
2016-05-06 13:01:58 ----D---- C:\Program Files (x86)\Origin
2016-05-06 11:17:49 ----D---- C:\Program Files (x86)\Smajlici
2016-05-06 11:14:22 ----SD---- C:\Windows\SYSWOW64\GWX
2016-05-06 11:14:22 ----SD---- C:\Windows\system32\GWX
2016-05-06 11:14:05 ----D---- C:\ProgramData\Microsoft Help
2016-05-06 07:43:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-05 16:18:24 ----D---- C:\Program Files (x86)\Fizzy
2016-05-05 07:48:05 ----D---- C:\Windows\system32\appraiser
2016-05-04 14:40:25 ----D---- C:\Users\Raubiri\AppData\Roaming\DAEMON Tools Lite
2016-05-04 10:37:17 ----D---- C:\Windows\system32\catroot2
2016-05-02 17:49:11 ----D---- C:\Users\Raubiri\AppData\Roaming\TeamViewer
2016-05-02 17:49:09 ----D---- C:\Users\Raubiri\AppData\Roaming\Media Player Classic
2016-05-02 17:49:08 ----D---- C:\Users\Raubiri\AppData\Roaming\TS3Client
2016-05-02 17:46:23 ----D---- C:\Windows\Minidump
2016-05-02 00:25:50 ----D---- C:\Windows\system32\catroot
2016-05-01 15:26:21 ----D---- C:\Program Files\Common Files
2016-05-01 15:17:45 ----AHD---- C:\ProgramData
2016-05-01 09:52:31 ----D---- C:\Program Files (x86)\Mp3tag
2016-04-30 17:09:50 ----D---- C:\Program Files (x86)\Hearthstone
2016-04-30 15:29:16 ----D---- C:\Program Files (x86)\MyFree Codec
2016-04-30 15:26:25 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-04-29 16:51:25 ----D---- C:\Program Files\DVD Maker
2016-04-29 14:11:32 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2
2016-04-29 13:17:04 ----D---- C:\Program Files (x86)\Mirillis
2016-04-29 12:22:59 ----D---- C:\Windows\system32\DriverStore
2016-04-29 12:20:49 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-11-13 289120]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2015-11-05 90816]
R0 vsock;vSockets Driver; C:\Windows\system32\drivers\vsock.sys [2015-11-05 75512]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2016-02-10 137280]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2016-03-10 57536]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-06-20 83704]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2016-04-14 48832]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2016-04-14 26816]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2016-04-14 66752]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2011-04-20 1930240]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-11-24 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-03-08 47672]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k60x64.sys [2009-06-10 220672]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 KbFilter_Kb_FlexDef3x;HID Keyboard(FlexDef3x) Driver Service; C:\Windows\system32\DRIVERS\KbFilter_FlexDef3x.sys [2012-10-16 22016]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2016-04-14 28864]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 26440]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 16200]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-01-08 120416]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2013-02-05 57840]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2016-03-22 34720]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-11-13 133816]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_conn_usb_driver;SAMSUNG Mobile USB Connectivity Device Driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [2016-01-08 33376]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-01-08 213088]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-06-10 54784]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-09-19 90640]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-05-15 2911472]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-09-19 78352]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-09-19 295440]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-01-29 23808]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2016-02-27 131784]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [2016-04-14 97864]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\SysWOW64\vmnetdhcp.exe [2016-04-14 358080]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2016-03-10 907968]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\SysWOW64\vmnat.exe [2016-04-14 392896]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [2016-03-01 1444544]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-05-11 651576]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-04-30 835664]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 chromoting;Služba Vzdálené plochy Chrome; C:\Program Files (x86)\Google\Chrome Remote Desktop\50.0.2661.22\remoting_host.exe [2016-03-08 69016]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12 269504]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-06-28 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-05 146888]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-01-29 374344]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-05-06 2120712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-05-16 211160]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-04-02 5132888]
S3 VSStandardCollectorService140;Visual Studio Standard Collector Service; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [2016-03-22 56552]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-05 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka
Zdravim 
Jde ciste jen o prevenci, nebo je i nejaky problem?
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Jde ciste jen o prevenci, nebo je i nejaky problem? Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Občas když je nějáký program přes celou obrazovku tak automaticky minimalizuje do lišty jinak nic.Márty84 píše:
AdwCleaner:
# AdwCleaner v5.118 - Log vytvořen 29/05/2016 v 08:30:48
# Aktualizováno 23/05/2016 by Xplode
# Databáze : 2016-05-26.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Raubiri - PC-KLUCI
# Spuštěno z : C:\Users\Raubiri\Desktop\adwcleaner_5.118.exe
# Nastavení : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
[x] Složka Ne Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genius
[x] Složka Ne Smazáno : C:\Program Files (x86)\Genius
[-] Složka Smazáno : C:\Program Files (x86)\myfree codec
***** [ Soubory ] *****
[-] Soubor Smazáno : C:\Users\Raubiri\daemonprocess.txt
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Klíč Smazáno : HKCU\Software\WIN
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1468 bytů] - [29/05/2016 08:30:48]
C:\AdwCleaner\AdwCleaner[S1].txt - [1550 bytů] - [29/05/2016 08:27:55]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1614 bytů] ##########
MBAM:
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 29.5.2016
Čas skenování: 8:39
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.05.29.02
Databáze rootkitů: v2016.05.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Raubiri
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 829800
Uplynulý čas: 11 hod, 53 min, 37 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Vypnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
PUP.Optional.OpenCandy, C:\Install\Nástroje\DTLite4471-0333.exe, , [ddc9b9223b5e0e28e256f1784cb8a35d],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Preventivka
Nalez MBAM muzete smazat. Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach (Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
Ran by Raubiri (administrator) on PC-KLUCI (30-05-2016 14:12:22)
Running from C:\Users\Raubiri\Desktop
Loaded Profiles: Raubiri (Available Profiles: Raubiri)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\50.0.2661.22\remoting_host.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\50.0.2661.22\remoting_host.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Flux Software LLC) C:\Users\Raubiri\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\Raubiri\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\IntegratedOffice.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
() C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
() C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc.)
HKLM-x32\...\Run: [DeathTaker] => C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe [303616 2013-04-03] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-28] (Google Inc.)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23484296 2016-04-25] (Google)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [B4F1AAE8FDEC0DADC85673900272A607F207036A._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-05-25] (Google Inc.)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [f.lux] => C:\Users\Raubiri\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Spotify Web Helper] => C:\Users\Raubiri\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-29] (Spotify Ltd)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [680528 2016-03-24] (ZONER software)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\MountPoints2: {1e2303c5-b77a-11e5-a82f-0024818fb20d} - E:\AUTORUN.EXE
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\MountPoints2: {98f442d6-e4fc-11e5-b351-0024818fb20d} - F:\AUTORUN.EXE
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\MountPoints2: {98f442db-e4fc-11e5-b351-0024818fb20d} - F:\setup.EXE /AUTORUN
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\MountPoints2: {c87b3d34-7f47-11e3-bc71-0024818fb20d} - E:\SETUP.EXE
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\MountPoints2: {dba268e5-221a-11e5-845d-0024818fb20d} - E:\autorun.exe DVDBrowser.hta
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\MountPoints2: {dba268e8-221a-11e5-845d-0024818fb20d} - F:\SETUP.EXE
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2016-04-17]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (AO Kaspersky Lab)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2013-06-21]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-04-21]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{DD297012-4805-4143-B6F6-76A4633D8D55}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.alawarhry.cz/?pid=16609
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-15] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-05-15] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-15] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-05-15] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-2593731983-1712290180-166656690-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {444785F1-DE89-4295-863A-D46C3A781394} hxxp://webplayer.unity3d.com/download_webplayer-2.x/UnityWebPlayer.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Raubiri\AppData\Roaming\Mozilla\Firefox\Profiles\ul7ft6u8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2593731983-1712290180-166656690-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Raubiri\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
Chrome:
=======
CHR Session Restore: Profile 5 -> is enabled.
CHR Profile: C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Prezentace Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-24]
CHR Extension: (Dokumenty Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-24]
CHR Extension: (Disk Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-12-21]
CHR Extension: (Volání přes Skype) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-11-10]
CHR Extension: (YouTube) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Oznámení Google+) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi [2015-09-26]
CHR Extension: (Todoist for Gmail) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\clgenfnodoocmhnlnpknojdbjjnmecff [2016-03-19]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2015-11-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Play.cz) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dacomocbpihfdldecacpjedmmcbdgdop [2015-09-26]
CHR Extension: (Google+) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2015-12-11]
CHR Extension: (Kalendář Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-13]
CHR Extension: (Tabulky Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-24]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-02-19]
CHR Extension: (Filmy Google Play) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gdijeikdkaembjbdobgfkoidjkpbmlkd [2016-02-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Cut the Rope) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2015-09-26]
CHR Extension: (feedly) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2015-11-07]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-03-24]
CHR Extension: (Google Play Music) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-09-26]
CHR Extension: (SoundCloud) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2016-02-20]
CHR Extension: (2048) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jcjbnkncddbeomhaacaeokhfnefibpde [2015-11-07]
CHR Extension: (Ostrov Thassos - Ypsarion - Řecko) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jjieeeaamkaciponhajagonlnillhgnn [2015-09-26]
CHR Extension: (Převod měn) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2015-09-26]
CHR Extension: (Hangouts Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\knipolnnllmklapflnccelgolnpehhpl [2016-03-17]
CHR Extension: (Google Play) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-09-26]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-24]
CHR Extension: (Mapy Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-26]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-09-26]
CHR Extension: (Pocket) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2015-11-07]
CHR Extension: (Google Play Books) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2015-09-26]
CHR Extension: (feedly) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ndhinffkekpekljifjkkkkkhopnjodja [2015-10-06]
CHR Extension: (Save to Pocket) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-03-26]
CHR Extension: (Twitch Now) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2016-02-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-24]
CHR Extension: (TeamViewer) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2016-03-04]
CHR Extension: (Gmail) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-24]
CHR Profile: C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5
CHR Extension: (Disk Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-26]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-05-28]
CHR Extension: (Volání přes Skype) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2016-03-26]
CHR Extension: (YouTube) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-23]
CHR Extension: (Oznámení Google+) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi [2016-03-26]
CHR Extension: (Todoist for Gmail) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\clgenfnodoocmhnlnpknojdbjjnmecff [2016-03-26]
CHR Extension: (Play.cz) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\dacomocbpihfdldecacpjedmmcbdgdop [2016-03-26]
CHR Extension: (Google+) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-03-26]
CHR Extension: (Simple red theme) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ealcinkolodcnkokioepdoheohkffejc [2016-05-14]
CHR Extension: (Kalendář Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-03-26]
CHR Extension: (Tabulky Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-05-05]
CHR Extension: (Filmy Google Play) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gdijeikdkaembjbdobgfkoidjkpbmlkd [2016-03-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26]
CHR Extension: (AdBlock) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-28]
CHR Extension: (Cut the Rope) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2016-03-26]
CHR Extension: (feedly) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2016-03-26]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-05-28]
CHR Extension: (Google Play Music) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-03-26]
CHR Extension: (SoundCloud) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2016-03-26]
CHR Extension: (2048) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\jcjbnkncddbeomhaacaeokhfnefibpde [2016-03-26]
CHR Extension: (Převod měn) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2016-03-26]
CHR Extension: (Hangouts Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\knipolnnllmklapflnccelgolnpehhpl [2016-05-28]
CHR Extension: (Google Play) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-03-26]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-03-26]
CHR Extension: (Mapy Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-03-26]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-03-26]
CHR Extension: (Pocket) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-03-26]
CHR Extension: (Google Play Books) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2016-04-23]
CHR Extension: (feedly) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ndhinffkekpekljifjkkkkkhopnjodja [2016-03-26]
CHR Extension: (Save to Pocket) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-05-28]
CHR Extension: (Twitch Now) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2016-03-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (TeamViewer) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2016-03-26]
CHR HKU\S-1-5-21-2593731983-1712290180-166656690-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Raubiri\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-10-13]
CHR HKU\S-1-5-21-2593731983-1712290180-166656690-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\50.0.2661.22\remoting_host.exe [69016 2016-03-08] (Google Inc.)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-09-19] (CyberLink Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911472 2016-05-15] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-09-19] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-09-19] (CyberLink)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-06] (Electronic Arts)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-11-24] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-08] (Disc Soft Ltd)
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k60x64.sys [220672 2009-06-10] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 KbFilter_Kb_FlexDef3x; C:\Windows\System32\DRIVERS\KbFilter_FlexDef3x.sys [22016 2012-10-16] (Siliten)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [33376 2016-01-08] (DEVGURU Co., LTD.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-09-19] (CyberLink Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-30 14:12 - 2016-05-30 14:13 - 00031916 _____ C:\Users\Raubiri\Desktop\FRST.txt
2016-05-30 14:11 - 2016-05-30 14:12 - 00000000 ____D C:\FRST
2016-05-30 14:10 - 2016-05-30 14:10 - 02383872 _____ (Farbar) C:\Users\Raubiri\Desktop\FRST64.exe
2016-05-29 14:34 - 2016-05-29 20:34 - 00003077 _____ C:\Users\Raubiri\Desktop\Nový textový dokument.txt
2016-05-29 08:27 - 2016-05-29 08:30 - 00000000 ____D C:\AdwCleaner
2016-05-29 08:27 - 2016-05-29 08:27 - 03678272 _____ C:\Users\Raubiri\Desktop\adwcleaner_5.118.exe
2016-05-28 20:24 - 2016-05-28 20:24 - 00001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-05-28 20:23 - 2016-05-28 20:24 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-05-28 20:14 - 2016-05-28 20:14 - 09666952 _____ (TeamViewer GmbH) C:\Users\Raubiri\Desktop\TeamViewer_Setup_cs.exe
2016-05-28 19:42 - 2016-05-28 19:42 - 00000000 ____D C:\rsit
2016-05-28 19:42 - 2016-05-28 19:42 - 00000000 ____D C:\Program Files\trend micro
2016-05-28 19:40 - 2016-05-28 19:40 - 01222144 _____ C:\Users\Raubiri\Desktop\RSITx64.exe
2016-05-28 17:31 - 2016-05-28 20:25 - 00000913 _____ C:\Users\Raubiri\Desktop\Apps.txt
2016-05-28 16:43 - 2016-05-28 16:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ss_conn_usb_driver_01007.Wdf
2016-05-28 16:24 - 2016-05-28 16:24 - 00000000 ____D C:\Users\Raubiri\Documents\SideSync
2016-05-28 16:15 - 2016-05-28 16:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-28 16:15 - 2016-05-28 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-05-28 16:11 - 2016-05-28 16:12 - 48364048 _____ (Samsung) C:\Users\Raubiri\Desktop\SideSync_4.3.0.92.exe
2016-05-28 16:07 - 2016-05-28 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-05-28 16:06 - 2016-05-28 16:06 - 00000000 ____D C:\Program Files\iPod
2016-05-28 16:06 - 2016-05-28 16:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-05-28 15:56 - 2016-05-28 15:56 - 00003112 _____ C:\Windows\System32\Tasks\{A5608C89-6583-43AF-9ED3-8CFC04632E3D}
2016-05-28 15:49 - 2016-05-28 15:49 - 00003112 _____ C:\Windows\System32\Tasks\{CB7A0586-9891-4355-8CF4-3EE0BBA906D5}
2016-05-28 12:31 - 2016-05-28 12:30 - 00054756 _____ C:\Users\Raubiri\Desktop\mx_player_1.7.40.xml
2016-05-28 12:29 - 2016-05-28 12:26 - 02278711 _____ C:\Users\Raubiri\Desktop\ITnetwork_1.1.apk
2016-05-28 12:27 - 2016-03-30 09:42 - 31006631 _____ C:\Users\Raubiri\Desktop\Instant Buttons_1.0.8.apk
2016-05-27 18:25 - 2016-05-27 18:25 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-05-27 18:25 - 2016-05-27 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-05-27 18:25 - 2016-05-27 18:25 - 00000000 ____D C:\Program Files (x86)\WinDirStat
2016-05-14 21:12 - 2016-05-14 21:12 - 00002648 _____ C:\Users\Raubiri\AppData\Local\recently-used.xbel
2016-05-09 15:53 - 2016-05-12 14:01 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1462801998
2016-05-09 15:53 - 2016-05-09 15:53 - 00001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-05-09 15:53 - 2016-05-09 15:53 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Opera Software
2016-05-09 15:53 - 2016-05-09 15:53 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Opera Software
2016-05-09 15:52 - 2016-05-12 14:01 - 00000000 ____D C:\Program Files (x86)\Opera
2016-05-09 15:42 - 2016-05-09 15:42 - 00000110 ____H C:\Users\Raubiri\Desktop\IMG_0620.JPG.uid-zps
2016-05-09 15:42 - 2016-05-09 15:42 - 00000110 ____H C:\Users\Raubiri\Desktop\IMG_0616.JPG.uid-zps
2016-05-09 15:05 - 2016-05-09 15:25 - 00000000 ____D C:\Program Files (x86)\RocketDock
2016-05-08 16:43 - 2016-05-08 16:43 - 00000966 _____ C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2016-05-08 16:43 - 2016-05-08 16:43 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber
2016-05-07 18:07 - 2016-05-08 16:34 - 00000000 ____D C:\Users\Raubiri\Documents\Polda II
2016-05-07 13:25 - 2016-05-15 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-05-07 13:25 - 2016-05-15 20:27 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-05-07 13:16 - 2016-05-07 13:16 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-05-07 13:16 - 2016-05-07 13:16 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-05-07 11:21 - 2016-05-07 11:22 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle for Wesnoth 1.12.5
2016-05-07 11:13 - 2016-05-07 11:21 - 00000000 ____D C:\Program Files (x86)\Battle for Wesnoth 1.12.5
2016-05-05 21:44 - 2016-05-06 07:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-04 10:37 - 2016-05-04 10:38 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2016-05-04 10:37 - 2016-05-04 10:37 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2016-05-03 13:30 - 2016-05-03 13:30 - 00000000 ____D C:\Users\Public\Documents\sun
2016-05-01 15:49 - 2016-05-01 15:49 - 00002124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-05-01 15:48 - 2016-05-01 15:49 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-05-01 15:48 - 2016-05-01 15:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-05-01 15:41 - 2016-05-01 15:41 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2016-05-01 15:26 - 2016-05-01 15:26 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-05-01 15:26 - 2016-05-01 15:26 - 00000000 ____D C:\Program Files\Common Files\AV
2016-05-01 15:17 - 2016-05-01 15:38 - 00000000 ____D C:\ProgramData\AVAST Software
2016-05-01 09:38 - 2016-05-01 09:38 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Trimble Connect for SketchUp
2016-05-01 09:36 - 2016-05-01 09:36 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\SketchUp
2016-05-01 09:30 - 2016-05-01 09:30 - 00000000 ____D C:\ProgramData\Reprise
2016-05-01 09:29 - 2016-05-01 09:29 - 00000000 ____D C:\ProgramData\SketchUp
2016-04-30 19:25 - 2016-04-30 19:26 - 00000000 ____D C:\Windows\rescache
2016-04-30 15:11 - 2016-04-30 15:11 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Macromedia
2016-04-30 15:03 - 2016-04-30 15:03 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk
2016-04-30 15:01 - 2016-04-30 15:01 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-30 10:28 - 2016-04-30 10:28 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Scratch
2016-04-30 10:28 - 2016-04-30 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch
2016-04-30 10:28 - 2016-04-30 10:28 - 00000000 ____D C:\Program Files (x86)\Scratch
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-30 14:12 - 2009-07-14 06:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-30 14:12 - 2009-07-14 06:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-30 14:07 - 2014-04-29 13:39 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Skype
2016-05-30 14:05 - 2013-07-09 20:20 - 00000000 ___RD C:\Users\Raubiri\Disk Google
2016-05-30 14:03 - 2016-03-26 19:36 - 00000000 ____D C:\ProgramData\VMware
2016-05-30 14:03 - 2016-02-05 15:11 - 00000435 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-05-30 14:03 - 2013-12-25 11:41 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-30 14:03 - 2013-06-21 18:30 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-30 14:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-30 13:59 - 2015-11-06 19:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-30 12:36 - 2013-06-21 18:30 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-30 12:16 - 2013-06-21 19:44 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-30 11:20 - 2013-12-10 16:58 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2016-05-29 15:06 - 2015-10-02 17:25 - 00000000 ____D C:\Users\Raubiri\AppData\Local\CrashDumps
2016-05-29 13:49 - 2011-04-12 10:34 - 00671604 _____ C:\Windows\system32\perfh005.dat
2016-05-29 13:49 - 2011-04-12 10:34 - 00142790 _____ C:\Windows\system32\perfc005.dat
2016-05-29 13:49 - 2009-07-14 07:13 - 01592904 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-29 13:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-29 13:20 - 2016-02-24 15:09 - 00000000 ____D C:\Users\Raubiri\AppData\Local\GameMaker-Studio
2016-05-29 10:39 - 2016-03-20 17:59 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Mp3tag
2016-05-29 08:30 - 2013-06-21 17:58 - 00000000 ____D C:\Users\Raubiri
2016-05-29 08:21 - 2016-03-29 14:40 - 00000000 ____D C:\Program Files\7-Zip
2016-05-29 08:21 - 2009-07-14 06:45 - 00506616 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-28 20:41 - 2013-06-21 17:58 - 00129704 _____ C:\Users\Raubiri\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-28 20:19 - 2016-02-08 17:58 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\TeamViewer
2016-05-28 16:53 - 2014-04-04 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-05-28 16:24 - 2014-04-04 15:12 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Samsung
2016-05-28 16:15 - 2014-04-29 13:39 - 00000000 ____D C:\ProgramData\Skype
2016-05-28 16:14 - 2016-04-28 15:07 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Notepad++
2016-05-28 16:13 - 2014-04-04 15:10 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-05-28 16:07 - 2015-04-12 20:43 - 00000000 ____D C:\Program Files\iTunes
2016-05-28 16:06 - 2014-06-06 16:27 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-28 15:52 - 2016-04-25 17:30 - 00002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-28 15:52 - 2016-04-25 17:30 - 00002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-28 15:46 - 2014-12-03 17:07 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-28 14:39 - 2016-03-26 19:41 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\VMware
2016-05-28 14:39 - 2016-03-26 19:41 - 00000000 ____D C:\Users\Raubiri\AppData\Local\VMware
2016-05-28 13:25 - 2013-09-30 17:49 - 00000000 ____D C:\ProgramData\Nokia
2016-05-28 13:25 - 2013-09-30 17:45 - 00000000 ____D C:\Program Files (x86)\Nokia
2016-05-28 13:19 - 2013-06-30 13:41 - 00000000 ____D C:\Users\Raubiri\Documents\Stepan
2016-05-28 11:33 - 2014-04-04 15:10 - 00000000 ____D C:\ProgramData\Samsung
2016-05-28 11:27 - 2016-04-06 16:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-28 11:19 - 2013-03-05 11:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-05-27 21:09 - 2015-10-10 15:25 - 00000000 ____D C:\Users\Raubiri\Documents\Visual Studio 2015
2016-05-27 18:29 - 2016-04-29 19:24 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Spotify
2016-05-27 18:29 - 2016-04-29 19:23 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Spotify
2016-05-25 17:29 - 2013-09-03 17:45 - 00000000 ____D C:\Users\Raubiri\Documents\Hanička
2016-05-20 17:21 - 2015-11-11 14:59 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-17 17:26 - 2013-09-24 17:53 - 00000000 ____D C:\Users\Raubiri\Documents\NHL09
2016-05-13 20:27 - 2016-03-21 15:12 - 00000000 ___RD C:\Users\Raubiri\Desktop\Games
2016-05-13 20:25 - 2013-12-20 15:35 - 00000000 ____D C:\Games
2016-05-12 19:16 - 2013-06-21 19:44 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-12 19:16 - 2013-06-21 19:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-12 19:16 - 2013-06-21 19:44 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 15:33 - 2014-04-26 12:51 - 00000000 ____D C:\Users\Raubiri\.gimp-2.8
2016-05-11 21:07 - 2016-04-08 14:44 - 00000000 ____D C:\Users\Raubiri\Documents\Virtual Machines
2016-05-11 14:31 - 2013-06-21 18:30 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 14:31 - 2013-06-21 18:30 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 13:58 - 2014-12-25 11:16 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-09 14:12 - 2014-06-09 07:39 - 00601600 ___SH C:\Users\Raubiri\Documents\Thumbs.db
2016-05-08 16:48 - 2015-10-16 17:55 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\ViberPC
2016-05-08 16:43 - 2016-03-24 21:39 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Viber
2016-05-08 16:43 - 2015-10-27 20:58 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Package Cache
2016-05-08 12:16 - 2013-06-21 19:55 - 00000000 ___RD C:\Install
2016-05-08 11:09 - 2013-12-25 12:09 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-05-08 10:43 - 2013-09-24 17:51 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Downloaded Installations
2016-05-07 17:56 - 2015-06-20 18:44 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Audacity
2016-05-07 15:23 - 2015-02-04 16:44 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\MPC-HC
2016-05-07 14:53 - 2013-06-21 18:30 - 00000000 ____D C:\Program Files (x86)\Google
2016-05-07 13:51 - 2014-06-06 20:49 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Apple Computer
2016-05-07 13:16 - 2013-06-21 19:40 - 00000000 ____D C:\ProgramData\Adobe
2016-05-07 13:16 - 2013-06-21 19:40 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-07 13:16 - 2013-06-21 19:24 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Adobe
2016-05-07 13:15 - 2014-08-31 12:29 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Adobe
2016-05-07 11:09 - 2015-03-31 16:30 - 00000000 ____D C:\Program Files (x86)\Battle for Wesnoth 1.12.1
2016-05-06 19:28 - 2014-04-04 15:12 - 00000000 ____D C:\Users\Raubiri\Documents\samsung
2016-05-06 13:16 - 2015-09-13 16:55 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Battle.net
2016-05-06 13:16 - 2015-09-13 16:54 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-05-06 13:01 - 2014-12-24 21:34 - 00000000 ____D C:\Program Files (x86)\Origin
2016-05-06 13:01 - 2014-12-08 18:49 - 00000000 ____D C:\ProgramData\Origin
2016-05-06 12:41 - 2013-12-25 11:37 - 00000000 ____D C:\Users\Raubiri\Documents\BotaniculaSaves
2016-05-06 11:17 - 2015-10-14 14:09 - 00000000 ____D C:\Program Files (x86)\Smajlici
2016-05-06 11:14 - 2015-04-04 22:27 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-06 11:14 - 2015-04-04 22:27 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-06 07:43 - 2016-01-09 14:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-05 16:18 - 2014-10-02 18:03 - 00000000 ____D C:\Program Files (x86)\Fizzy
2016-05-05 07:48 - 2014-12-11 15:13 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-04 20:46 - 2016-03-25 21:14 - 00000000 ___RD C:\Users\Raubiri\OneDrive
2016-05-04 14:40 - 2013-06-21 20:08 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\DAEMON Tools Lite
2016-05-02 17:49 - 2015-09-12 16:59 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\TS3Client
2016-05-02 17:49 - 2013-07-01 10:04 - 00000000 ____D C:\Users\Raubiri\Tracing
2016-05-02 17:49 - 2013-06-21 20:31 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Media Player Classic
2016-05-02 17:46 - 2015-03-18 19:02 - 00000000 ____D C:\Windows\Minidump
2016-05-01 15:49 - 2013-03-05 11:22 - 00001912 _____ C:\Windows\epplauncher.mif
2016-05-01 09:52 - 2016-03-20 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2016-05-01 09:52 - 2016-03-20 17:58 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2016-04-30 17:09 - 2015-10-14 15:49 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-04-30 15:26 - 2014-04-04 15:12 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Samsung
2016-04-30 15:26 - 2013-06-21 18:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-30 15:03 - 2015-02-06 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-04-30 15:03 - 2014-04-19 13:49 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Adobe_Systems_Incorporate
2016-04-30 15:03 - 2014-04-19 13:48 - 00000000 ____D C:\Users\Raubiri\Documents\My Digital Editions
2016-04-30 10:31 - 2016-02-28 21:14 - 00000000 ____D C:\Users\Raubiri\AppData\Local\TheJumpGame
==================== Files in the root of some directories =======
2016-03-24 19:21 - 2016-03-24 19:21 - 21572120 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-10-03 14:28 - 2015-11-24 18:27 - 0000624 _____ () C:\Users\Raubiri\AppData\Roaming\All CPU MeterV3_Settings.ini
2015-10-27 19:19 - 2016-03-02 15:54 - 0001075 _____ () C:\Users\Raubiri\AppData\Roaming\Network Meter_Settings.ini
2015-10-03 21:57 - 2016-03-19 12:47 - 0000027 _____ () C:\Users\Raubiri\AppData\Roaming\Network Meter_Usage.ini
2016-03-28 13:36 - 2016-03-28 17:58 - 0000600 _____ () C:\Users\Raubiri\AppData\Roaming\winscp.rnd
2013-08-19 11:15 - 2015-10-21 14:30 - 0015872 _____ () C:\Users\Raubiri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-30 15:13 - 2013-10-30 15:13 - 0003072 _____ () C:\Users\Raubiri\AppData\Local\file__0.localstorage
2013-10-30 15:13 - 2013-10-30 15:14 - 0003072 _____ () C:\Users\Raubiri\AppData\Local\https_drm.youdagames.com_0.localstorage
2014-03-26 19:04 - 2014-03-26 19:04 - 0004096 ____H () C:\Users\Raubiri\AppData\Local\keyfile3.drm
2016-04-29 14:52 - 2016-04-29 14:52 - 0000600 _____ () C:\Users\Raubiri\AppData\Local\PUTTY.RND
2016-05-14 21:12 - 2016-05-14 21:12 - 0002648 _____ () C:\Users\Raubiri\AppData\Local\recently-used.xbel
2015-01-20 19:37 - 2016-04-23 18:00 - 0007605 _____ () C:\Users\Raubiri\AppData\Local\Resmon.ResmonCfg
Files to move or delete:
====================
C:\Users\Raubiri\IP_Log_Data.js
C:\Users\Raubiri\Network_Meter_Data.js
Some files in TEMP:
====================
C:\Users\Raubiri\AppData\Local\Temp\AutoRun.exe
C:\Users\Raubiri\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Raubiri\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\Raubiri\AppData\Local\Temp\libeay32.dll
C:\Users\Raubiri\AppData\Local\Temp\msvcr120.dll
C:\Users\Raubiri\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Raubiri\AppData\Local\Temp\npp.6.9.2.Installer.exe
C:\Users\Raubiri\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Raubiri\AppData\Local\Temp\sqlite3.dll
C:\Users\Raubiri\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-28 14:09
==================== End of FRST.txt ============================
Ran by Raubiri (administrator) on PC-KLUCI (30-05-2016 14:12:22)
Running from C:\Users\Raubiri\Desktop
Loaded Profiles: Raubiri (Available Profiles: Raubiri)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\50.0.2661.22\remoting_host.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\50.0.2661.22\remoting_host.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Flux Software LLC) C:\Users\Raubiri\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\Raubiri\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\IntegratedOffice.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
() C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
() C:\Program Files (x86)\Genius\DeathTaker\trayicon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc.)
HKLM-x32\...\Run: [DeathTaker] => C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe [303616 2013-04-03] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-28] (Google Inc.)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23484296 2016-04-25] (Google)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [B4F1AAE8FDEC0DADC85673900272A607F207036A._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-05-25] (Google Inc.)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [f.lux] => C:\Users\Raubiri\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Spotify Web Helper] => C:\Users\Raubiri\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-29] (Spotify Ltd)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [680528 2016-03-24] (ZONER software)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\MountPoints2: {1e2303c5-b77a-11e5-a82f-0024818fb20d} - E:\AUTORUN.EXE
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\MountPoints2: {98f442d6-e4fc-11e5-b351-0024818fb20d} - F:\AUTORUN.EXE
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\MountPoints2: {98f442db-e4fc-11e5-b351-0024818fb20d} - F:\setup.EXE /AUTORUN
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\MountPoints2: {c87b3d34-7f47-11e3-bc71-0024818fb20d} - E:\SETUP.EXE
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\MountPoints2: {dba268e5-221a-11e5-845d-0024818fb20d} - E:\autorun.exe DVDBrowser.hta
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\MountPoints2: {dba268e8-221a-11e5-845d-0024818fb20d} - F:\SETUP.EXE
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2016-04-17]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (AO Kaspersky Lab)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2013-06-21]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-04-21]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{DD297012-4805-4143-B6F6-76A4633D8D55}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.alawarhry.cz/?pid=16609
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-15] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-05-15] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-15] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-05-15] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-2593731983-1712290180-166656690-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {444785F1-DE89-4295-863A-D46C3A781394} hxxp://webplayer.unity3d.com/download_webplayer-2.x/UnityWebPlayer.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Raubiri\AppData\Roaming\Mozilla\Firefox\Profiles\ul7ft6u8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2593731983-1712290180-166656690-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Raubiri\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
Chrome:
=======
CHR Session Restore: Profile 5 -> is enabled.
CHR Profile: C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Prezentace Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-24]
CHR Extension: (Dokumenty Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-24]
CHR Extension: (Disk Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-12-21]
CHR Extension: (Volání přes Skype) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-11-10]
CHR Extension: (YouTube) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Oznámení Google+) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi [2015-09-26]
CHR Extension: (Todoist for Gmail) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\clgenfnodoocmhnlnpknojdbjjnmecff [2016-03-19]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2015-11-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Play.cz) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dacomocbpihfdldecacpjedmmcbdgdop [2015-09-26]
CHR Extension: (Google+) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2015-12-11]
CHR Extension: (Kalendář Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-13]
CHR Extension: (Tabulky Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-24]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-02-19]
CHR Extension: (Filmy Google Play) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gdijeikdkaembjbdobgfkoidjkpbmlkd [2016-02-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Cut the Rope) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2015-09-26]
CHR Extension: (feedly) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2015-11-07]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-03-24]
CHR Extension: (Google Play Music) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-09-26]
CHR Extension: (SoundCloud) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2016-02-20]
CHR Extension: (2048) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jcjbnkncddbeomhaacaeokhfnefibpde [2015-11-07]
CHR Extension: (Ostrov Thassos - Ypsarion - Řecko) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jjieeeaamkaciponhajagonlnillhgnn [2015-09-26]
CHR Extension: (Převod měn) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2015-09-26]
CHR Extension: (Hangouts Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\knipolnnllmklapflnccelgolnpehhpl [2016-03-17]
CHR Extension: (Google Play) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-09-26]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-24]
CHR Extension: (Mapy Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-26]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-09-26]
CHR Extension: (Pocket) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2015-11-07]
CHR Extension: (Google Play Books) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2015-09-26]
CHR Extension: (feedly) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ndhinffkekpekljifjkkkkkhopnjodja [2015-10-06]
CHR Extension: (Save to Pocket) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-03-26]
CHR Extension: (Twitch Now) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2016-02-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-24]
CHR Extension: (TeamViewer) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2016-03-04]
CHR Extension: (Gmail) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-24]
CHR Profile: C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5
CHR Extension: (Disk Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-26]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-05-28]
CHR Extension: (Volání přes Skype) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2016-03-26]
CHR Extension: (YouTube) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-23]
CHR Extension: (Oznámení Google+) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi [2016-03-26]
CHR Extension: (Todoist for Gmail) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\clgenfnodoocmhnlnpknojdbjjnmecff [2016-03-26]
CHR Extension: (Play.cz) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\dacomocbpihfdldecacpjedmmcbdgdop [2016-03-26]
CHR Extension: (Google+) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-03-26]
CHR Extension: (Simple red theme) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ealcinkolodcnkokioepdoheohkffejc [2016-05-14]
CHR Extension: (Kalendář Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-03-26]
CHR Extension: (Tabulky Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-05-05]
CHR Extension: (Filmy Google Play) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gdijeikdkaembjbdobgfkoidjkpbmlkd [2016-03-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26]
CHR Extension: (AdBlock) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-28]
CHR Extension: (Cut the Rope) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2016-03-26]
CHR Extension: (feedly) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2016-03-26]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-05-28]
CHR Extension: (Google Play Music) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-03-26]
CHR Extension: (SoundCloud) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2016-03-26]
CHR Extension: (2048) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\jcjbnkncddbeomhaacaeokhfnefibpde [2016-03-26]
CHR Extension: (Převod měn) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\kjehaadplpgckpgeoddpnijogjaldela [2016-03-26]
CHR Extension: (Hangouts Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\knipolnnllmklapflnccelgolnpehhpl [2016-05-28]
CHR Extension: (Google Play) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-03-26]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-03-26]
CHR Extension: (Mapy Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-03-26]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-03-26]
CHR Extension: (Pocket) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-03-26]
CHR Extension: (Google Play Books) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2016-04-23]
CHR Extension: (feedly) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ndhinffkekpekljifjkkkkkhopnjodja [2016-03-26]
CHR Extension: (Save to Pocket) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-05-28]
CHR Extension: (Twitch Now) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2016-03-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (TeamViewer) - C:\Users\Raubiri\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2016-03-26]
CHR HKU\S-1-5-21-2593731983-1712290180-166656690-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Raubiri\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-10-13]
CHR HKU\S-1-5-21-2593731983-1712290180-166656690-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\50.0.2661.22\remoting_host.exe [69016 2016-03-08] (Google Inc.)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-09-19] (CyberLink Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911472 2016-05-15] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-09-19] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-09-19] (CyberLink)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-06] (Electronic Arts)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-11-24] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-08] (Disc Soft Ltd)
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k60x64.sys [220672 2009-06-10] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 KbFilter_Kb_FlexDef3x; C:\Windows\System32\DRIVERS\KbFilter_FlexDef3x.sys [22016 2012-10-16] (Siliten)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [33376 2016-01-08] (DEVGURU Co., LTD.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-09-19] (CyberLink Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-30 14:12 - 2016-05-30 14:13 - 00031916 _____ C:\Users\Raubiri\Desktop\FRST.txt
2016-05-30 14:11 - 2016-05-30 14:12 - 00000000 ____D C:\FRST
2016-05-30 14:10 - 2016-05-30 14:10 - 02383872 _____ (Farbar) C:\Users\Raubiri\Desktop\FRST64.exe
2016-05-29 14:34 - 2016-05-29 20:34 - 00003077 _____ C:\Users\Raubiri\Desktop\Nový textový dokument.txt
2016-05-29 08:27 - 2016-05-29 08:30 - 00000000 ____D C:\AdwCleaner
2016-05-29 08:27 - 2016-05-29 08:27 - 03678272 _____ C:\Users\Raubiri\Desktop\adwcleaner_5.118.exe
2016-05-28 20:24 - 2016-05-28 20:24 - 00001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-05-28 20:23 - 2016-05-28 20:24 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-05-28 20:14 - 2016-05-28 20:14 - 09666952 _____ (TeamViewer GmbH) C:\Users\Raubiri\Desktop\TeamViewer_Setup_cs.exe
2016-05-28 19:42 - 2016-05-28 19:42 - 00000000 ____D C:\rsit
2016-05-28 19:42 - 2016-05-28 19:42 - 00000000 ____D C:\Program Files\trend micro
2016-05-28 19:40 - 2016-05-28 19:40 - 01222144 _____ C:\Users\Raubiri\Desktop\RSITx64.exe
2016-05-28 17:31 - 2016-05-28 20:25 - 00000913 _____ C:\Users\Raubiri\Desktop\Apps.txt
2016-05-28 16:43 - 2016-05-28 16:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ss_conn_usb_driver_01007.Wdf
2016-05-28 16:24 - 2016-05-28 16:24 - 00000000 ____D C:\Users\Raubiri\Documents\SideSync
2016-05-28 16:15 - 2016-05-28 16:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-28 16:15 - 2016-05-28 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-05-28 16:11 - 2016-05-28 16:12 - 48364048 _____ (Samsung) C:\Users\Raubiri\Desktop\SideSync_4.3.0.92.exe
2016-05-28 16:07 - 2016-05-28 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-05-28 16:06 - 2016-05-28 16:06 - 00000000 ____D C:\Program Files\iPod
2016-05-28 16:06 - 2016-05-28 16:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-05-28 15:56 - 2016-05-28 15:56 - 00003112 _____ C:\Windows\System32\Tasks\{A5608C89-6583-43AF-9ED3-8CFC04632E3D}
2016-05-28 15:49 - 2016-05-28 15:49 - 00003112 _____ C:\Windows\System32\Tasks\{CB7A0586-9891-4355-8CF4-3EE0BBA906D5}
2016-05-28 12:31 - 2016-05-28 12:30 - 00054756 _____ C:\Users\Raubiri\Desktop\mx_player_1.7.40.xml
2016-05-28 12:29 - 2016-05-28 12:26 - 02278711 _____ C:\Users\Raubiri\Desktop\ITnetwork_1.1.apk
2016-05-28 12:27 - 2016-03-30 09:42 - 31006631 _____ C:\Users\Raubiri\Desktop\Instant Buttons_1.0.8.apk
2016-05-27 18:25 - 2016-05-27 18:25 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-05-27 18:25 - 2016-05-27 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-05-27 18:25 - 2016-05-27 18:25 - 00000000 ____D C:\Program Files (x86)\WinDirStat
2016-05-14 21:12 - 2016-05-14 21:12 - 00002648 _____ C:\Users\Raubiri\AppData\Local\recently-used.xbel
2016-05-09 15:53 - 2016-05-12 14:01 - 00003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1462801998
2016-05-09 15:53 - 2016-05-09 15:53 - 00001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-05-09 15:53 - 2016-05-09 15:53 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Opera Software
2016-05-09 15:53 - 2016-05-09 15:53 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Opera Software
2016-05-09 15:52 - 2016-05-12 14:01 - 00000000 ____D C:\Program Files (x86)\Opera
2016-05-09 15:42 - 2016-05-09 15:42 - 00000110 ____H C:\Users\Raubiri\Desktop\IMG_0620.JPG.uid-zps
2016-05-09 15:42 - 2016-05-09 15:42 - 00000110 ____H C:\Users\Raubiri\Desktop\IMG_0616.JPG.uid-zps
2016-05-09 15:05 - 2016-05-09 15:25 - 00000000 ____D C:\Program Files (x86)\RocketDock
2016-05-08 16:43 - 2016-05-08 16:43 - 00000966 _____ C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2016-05-08 16:43 - 2016-05-08 16:43 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber
2016-05-07 18:07 - 2016-05-08 16:34 - 00000000 ____D C:\Users\Raubiri\Documents\Polda II
2016-05-07 13:25 - 2016-05-15 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-05-07 13:25 - 2016-05-15 20:27 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-05-07 13:16 - 2016-05-07 13:16 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-05-07 13:16 - 2016-05-07 13:16 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-05-07 11:21 - 2016-05-07 11:22 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle for Wesnoth 1.12.5
2016-05-07 11:13 - 2016-05-07 11:21 - 00000000 ____D C:\Program Files (x86)\Battle for Wesnoth 1.12.5
2016-05-05 21:44 - 2016-05-06 07:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-04 10:37 - 2016-05-04 10:38 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2016-05-04 10:37 - 2016-05-04 10:37 - 00000000 ____D C:\Program Files (x86)\Project64 1.6
2016-05-03 13:30 - 2016-05-03 13:30 - 00000000 ____D C:\Users\Public\Documents\sun
2016-05-01 15:49 - 2016-05-01 15:49 - 00002124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-05-01 15:48 - 2016-05-01 15:49 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-05-01 15:48 - 2016-05-01 15:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-05-01 15:41 - 2016-05-01 15:41 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2016-05-01 15:26 - 2016-05-01 15:26 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-05-01 15:26 - 2016-05-01 15:26 - 00000000 ____D C:\Program Files\Common Files\AV
2016-05-01 15:17 - 2016-05-01 15:38 - 00000000 ____D C:\ProgramData\AVAST Software
2016-05-01 09:38 - 2016-05-01 09:38 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Trimble Connect for SketchUp
2016-05-01 09:36 - 2016-05-01 09:36 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\SketchUp
2016-05-01 09:30 - 2016-05-01 09:30 - 00000000 ____D C:\ProgramData\Reprise
2016-05-01 09:29 - 2016-05-01 09:29 - 00000000 ____D C:\ProgramData\SketchUp
2016-04-30 19:25 - 2016-04-30 19:26 - 00000000 ____D C:\Windows\rescache
2016-04-30 15:11 - 2016-04-30 15:11 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Macromedia
2016-04-30 15:03 - 2016-04-30 15:03 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.5.lnk
2016-04-30 15:01 - 2016-04-30 15:01 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-30 10:28 - 2016-04-30 10:28 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Scratch
2016-04-30 10:28 - 2016-04-30 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch
2016-04-30 10:28 - 2016-04-30 10:28 - 00000000 ____D C:\Program Files (x86)\Scratch
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-30 14:12 - 2009-07-14 06:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-30 14:12 - 2009-07-14 06:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-30 14:07 - 2014-04-29 13:39 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Skype
2016-05-30 14:05 - 2013-07-09 20:20 - 00000000 ___RD C:\Users\Raubiri\Disk Google
2016-05-30 14:03 - 2016-03-26 19:36 - 00000000 ____D C:\ProgramData\VMware
2016-05-30 14:03 - 2016-02-05 15:11 - 00000435 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-05-30 14:03 - 2013-12-25 11:41 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-30 14:03 - 2013-06-21 18:30 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-30 14:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-30 13:59 - 2015-11-06 19:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-30 12:36 - 2013-06-21 18:30 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-30 12:16 - 2013-06-21 19:44 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-30 11:20 - 2013-12-10 16:58 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2016-05-29 15:06 - 2015-10-02 17:25 - 00000000 ____D C:\Users\Raubiri\AppData\Local\CrashDumps
2016-05-29 13:49 - 2011-04-12 10:34 - 00671604 _____ C:\Windows\system32\perfh005.dat
2016-05-29 13:49 - 2011-04-12 10:34 - 00142790 _____ C:\Windows\system32\perfc005.dat
2016-05-29 13:49 - 2009-07-14 07:13 - 01592904 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-29 13:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-29 13:20 - 2016-02-24 15:09 - 00000000 ____D C:\Users\Raubiri\AppData\Local\GameMaker-Studio
2016-05-29 10:39 - 2016-03-20 17:59 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Mp3tag
2016-05-29 08:30 - 2013-06-21 17:58 - 00000000 ____D C:\Users\Raubiri
2016-05-29 08:21 - 2016-03-29 14:40 - 00000000 ____D C:\Program Files\7-Zip
2016-05-29 08:21 - 2009-07-14 06:45 - 00506616 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-28 20:41 - 2013-06-21 17:58 - 00129704 _____ C:\Users\Raubiri\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-28 20:19 - 2016-02-08 17:58 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\TeamViewer
2016-05-28 16:53 - 2014-04-04 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-05-28 16:24 - 2014-04-04 15:12 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Samsung
2016-05-28 16:15 - 2014-04-29 13:39 - 00000000 ____D C:\ProgramData\Skype
2016-05-28 16:14 - 2016-04-28 15:07 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Notepad++
2016-05-28 16:13 - 2014-04-04 15:10 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-05-28 16:07 - 2015-04-12 20:43 - 00000000 ____D C:\Program Files\iTunes
2016-05-28 16:06 - 2014-06-06 16:27 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-28 15:52 - 2016-04-25 17:30 - 00002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-28 15:52 - 2016-04-25 17:30 - 00002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-28 15:46 - 2014-12-03 17:07 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-28 14:39 - 2016-03-26 19:41 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\VMware
2016-05-28 14:39 - 2016-03-26 19:41 - 00000000 ____D C:\Users\Raubiri\AppData\Local\VMware
2016-05-28 13:25 - 2013-09-30 17:49 - 00000000 ____D C:\ProgramData\Nokia
2016-05-28 13:25 - 2013-09-30 17:45 - 00000000 ____D C:\Program Files (x86)\Nokia
2016-05-28 13:19 - 2013-06-30 13:41 - 00000000 ____D C:\Users\Raubiri\Documents\Stepan
2016-05-28 11:33 - 2014-04-04 15:10 - 00000000 ____D C:\ProgramData\Samsung
2016-05-28 11:27 - 2016-04-06 16:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-28 11:19 - 2013-03-05 11:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-05-27 21:09 - 2015-10-10 15:25 - 00000000 ____D C:\Users\Raubiri\Documents\Visual Studio 2015
2016-05-27 18:29 - 2016-04-29 19:24 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Spotify
2016-05-27 18:29 - 2016-04-29 19:23 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Spotify
2016-05-25 17:29 - 2013-09-03 17:45 - 00000000 ____D C:\Users\Raubiri\Documents\Hanička
2016-05-20 17:21 - 2015-11-11 14:59 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-17 17:26 - 2013-09-24 17:53 - 00000000 ____D C:\Users\Raubiri\Documents\NHL09
2016-05-13 20:27 - 2016-03-21 15:12 - 00000000 ___RD C:\Users\Raubiri\Desktop\Games
2016-05-13 20:25 - 2013-12-20 15:35 - 00000000 ____D C:\Games
2016-05-12 19:16 - 2013-06-21 19:44 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-12 19:16 - 2013-06-21 19:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-12 19:16 - 2013-06-21 19:44 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 15:33 - 2014-04-26 12:51 - 00000000 ____D C:\Users\Raubiri\.gimp-2.8
2016-05-11 21:07 - 2016-04-08 14:44 - 00000000 ____D C:\Users\Raubiri\Documents\Virtual Machines
2016-05-11 14:31 - 2013-06-21 18:30 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 14:31 - 2013-06-21 18:30 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 13:58 - 2014-12-25 11:16 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-09 14:12 - 2014-06-09 07:39 - 00601600 ___SH C:\Users\Raubiri\Documents\Thumbs.db
2016-05-08 16:48 - 2015-10-16 17:55 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\ViberPC
2016-05-08 16:43 - 2016-03-24 21:39 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Viber
2016-05-08 16:43 - 2015-10-27 20:58 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Package Cache
2016-05-08 12:16 - 2013-06-21 19:55 - 00000000 ___RD C:\Install
2016-05-08 11:09 - 2013-12-25 12:09 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-05-08 10:43 - 2013-09-24 17:51 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Downloaded Installations
2016-05-07 17:56 - 2015-06-20 18:44 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Audacity
2016-05-07 15:23 - 2015-02-04 16:44 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\MPC-HC
2016-05-07 14:53 - 2013-06-21 18:30 - 00000000 ____D C:\Program Files (x86)\Google
2016-05-07 13:51 - 2014-06-06 20:49 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Apple Computer
2016-05-07 13:16 - 2013-06-21 19:40 - 00000000 ____D C:\ProgramData\Adobe
2016-05-07 13:16 - 2013-06-21 19:40 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-07 13:16 - 2013-06-21 19:24 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Adobe
2016-05-07 13:15 - 2014-08-31 12:29 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Adobe
2016-05-07 11:09 - 2015-03-31 16:30 - 00000000 ____D C:\Program Files (x86)\Battle for Wesnoth 1.12.1
2016-05-06 19:28 - 2014-04-04 15:12 - 00000000 ____D C:\Users\Raubiri\Documents\samsung
2016-05-06 13:16 - 2015-09-13 16:55 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Battle.net
2016-05-06 13:16 - 2015-09-13 16:54 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-05-06 13:01 - 2014-12-24 21:34 - 00000000 ____D C:\Program Files (x86)\Origin
2016-05-06 13:01 - 2014-12-08 18:49 - 00000000 ____D C:\ProgramData\Origin
2016-05-06 12:41 - 2013-12-25 11:37 - 00000000 ____D C:\Users\Raubiri\Documents\BotaniculaSaves
2016-05-06 11:17 - 2015-10-14 14:09 - 00000000 ____D C:\Program Files (x86)\Smajlici
2016-05-06 11:14 - 2015-04-04 22:27 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-06 11:14 - 2015-04-04 22:27 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-06 07:43 - 2016-01-09 14:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-05 16:18 - 2014-10-02 18:03 - 00000000 ____D C:\Program Files (x86)\Fizzy
2016-05-05 07:48 - 2014-12-11 15:13 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-04 20:46 - 2016-03-25 21:14 - 00000000 ___RD C:\Users\Raubiri\OneDrive
2016-05-04 14:40 - 2013-06-21 20:08 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\DAEMON Tools Lite
2016-05-02 17:49 - 2015-09-12 16:59 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\TS3Client
2016-05-02 17:49 - 2013-07-01 10:04 - 00000000 ____D C:\Users\Raubiri\Tracing
2016-05-02 17:49 - 2013-06-21 20:31 - 00000000 ____D C:\Users\Raubiri\AppData\Roaming\Media Player Classic
2016-05-02 17:46 - 2015-03-18 19:02 - 00000000 ____D C:\Windows\Minidump
2016-05-01 15:49 - 2013-03-05 11:22 - 00001912 _____ C:\Windows\epplauncher.mif
2016-05-01 09:52 - 2016-03-20 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2016-05-01 09:52 - 2016-03-20 17:58 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2016-04-30 17:09 - 2015-10-14 15:49 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-04-30 15:26 - 2014-04-04 15:12 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Samsung
2016-04-30 15:26 - 2013-06-21 18:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-30 15:03 - 2015-02-06 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-04-30 15:03 - 2014-04-19 13:49 - 00000000 ____D C:\Users\Raubiri\AppData\Local\Adobe_Systems_Incorporate
2016-04-30 15:03 - 2014-04-19 13:48 - 00000000 ____D C:\Users\Raubiri\Documents\My Digital Editions
2016-04-30 10:31 - 2016-02-28 21:14 - 00000000 ____D C:\Users\Raubiri\AppData\Local\TheJumpGame
==================== Files in the root of some directories =======
2016-03-24 19:21 - 2016-03-24 19:21 - 21572120 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-10-03 14:28 - 2015-11-24 18:27 - 0000624 _____ () C:\Users\Raubiri\AppData\Roaming\All CPU MeterV3_Settings.ini
2015-10-27 19:19 - 2016-03-02 15:54 - 0001075 _____ () C:\Users\Raubiri\AppData\Roaming\Network Meter_Settings.ini
2015-10-03 21:57 - 2016-03-19 12:47 - 0000027 _____ () C:\Users\Raubiri\AppData\Roaming\Network Meter_Usage.ini
2016-03-28 13:36 - 2016-03-28 17:58 - 0000600 _____ () C:\Users\Raubiri\AppData\Roaming\winscp.rnd
2013-08-19 11:15 - 2015-10-21 14:30 - 0015872 _____ () C:\Users\Raubiri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-30 15:13 - 2013-10-30 15:13 - 0003072 _____ () C:\Users\Raubiri\AppData\Local\file__0.localstorage
2013-10-30 15:13 - 2013-10-30 15:14 - 0003072 _____ () C:\Users\Raubiri\AppData\Local\https_drm.youdagames.com_0.localstorage
2014-03-26 19:04 - 2014-03-26 19:04 - 0004096 ____H () C:\Users\Raubiri\AppData\Local\keyfile3.drm
2016-04-29 14:52 - 2016-04-29 14:52 - 0000600 _____ () C:\Users\Raubiri\AppData\Local\PUTTY.RND
2016-05-14 21:12 - 2016-05-14 21:12 - 0002648 _____ () C:\Users\Raubiri\AppData\Local\recently-used.xbel
2015-01-20 19:37 - 2016-04-23 18:00 - 0007605 _____ () C:\Users\Raubiri\AppData\Local\Resmon.ResmonCfg
Files to move or delete:
====================
C:\Users\Raubiri\IP_Log_Data.js
C:\Users\Raubiri\Network_Meter_Data.js
Some files in TEMP:
====================
C:\Users\Raubiri\AppData\Local\Temp\AutoRun.exe
C:\Users\Raubiri\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Raubiri\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\Raubiri\AppData\Local\Temp\libeay32.dll
C:\Users\Raubiri\AppData\Local\Temp\msvcr120.dll
C:\Users\Raubiri\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Raubiri\AppData\Local\Temp\npp.6.9.2.Installer.exe
C:\Users\Raubiri\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Raubiri\AppData\Local\Temp\sqlite3.dll
C:\Users\Raubiri\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-28 14:09
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.zip
- (17.31 KiB) Staženo 66 x
Re: Preventivka
Napiste mi velikost adresare plochy (C:\Users\Raubiri\Plocha) Jaky pouzivate antivir? Bezi tam MSE, ale je tam i neco od Kaspersky. Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-28] (Google Inc.)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [B4F1AAE8FDEC0DADC85673900272A607F207036A._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-05-25] (Google Inc.)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [680528 2016-03-24] (ZONER software)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-2593731983-1712290180-166656690-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData:gs5sys [3584]
AlternateDataStreams: C:\Users\All Users:gs5sys [3584]
AlternateDataStreams: C:\Users\Raubiri:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [3584]
AlternateDataStreams: C:\ProgramData\Data aplikací:gs5sys [3584]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [3072]
AlternateDataStreams: C:\Users\Raubiri\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\Raubiri\Local Settings:gs5sys [2560]
AlternateDataStreams: C:\Users\Raubiri\Soubory cookie:gs5sys [3072]
AlternateDataStreams: C:\Users\Raubiri\Šablony:gs5sys [2560]
AlternateDataStreams: C:\Users\Raubiri\Desktop\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Users\Raubiri\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\Raubiri\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\Raubiri\AppData\Local\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\Raubiri\AppData\Local\History:gs5sys [2560]
AlternateDataStreams: C:\Users\Raubiri\Documents\desktop.ini:gs5sys [2560]
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12Agent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12DMREngine
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-06-28 194032]
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Velikost plochy je 79.1MB Jako antivirus používám MSE, ta věc od Kaspersky je utilitka na updatování softwaru v PC.fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
Ran by Raubiri (2016-06-01 19:40:20) Run:1
Running from C:\Users\Raubiri\Desktop
Loaded Profiles: Raubiri (Available Profiles: Raubiri)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Power2GoExpress8] => NA
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-28] (Google Inc.)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [B4F1AAE8FDEC0DADC85673900272A607F207036A._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-05-25] (Google Inc.)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [680528 2016-03-24] (ZONER software)
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-2593731983-1712290180-166656690-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData:gs5sys [3584]
AlternateDataStreams: C:\Users\All Users:gs5sys [3584]
AlternateDataStreams: C:\Users\Raubiri:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [3584]
AlternateDataStreams: C:\ProgramData\Data aplikací:gs5sys [3584]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [3072]
AlternateDataStreams: C:\Users\Raubiri\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\Raubiri\Local Settings:gs5sys [2560]
AlternateDataStreams: C:\Users\Raubiri\Soubory cookie:gs5sys [3072]
AlternateDataStreams: C:\Users\Raubiri\Šablony:gs5sys [2560]
AlternateDataStreams: C:\Users\Raubiri\Desktop\desktop.ini:gs5sys [2048]
AlternateDataStreams: C:\Users\Raubiri\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\Raubiri\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\Raubiri\AppData\Local\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\Raubiri\AppData\Local\History:gs5sys [2560]
AlternateDataStreams: C:\Users\Raubiri\Documents\desktop.ini:gs5sys [2560]
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12Agent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12DMREngine
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-06-28 194032]
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Power2GoExpress8 => value removed successfully
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value removed successfully
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value removed successfully
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\Software\Microsoft\Windows\CurrentVersion\Run\\B4F1AAE8FDEC0DADC85673900272A607F207036A._service_run => value removed successfully
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKU\S-1-5-21-2593731983-1712290180-166656690-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData => ":gs5sys" ADS removed successfully.
"C:\Users\All Users" => ":gs5sys" ADS not found.
C:\Users\Raubiri => ":gs5sys" ADS removed successfully.
"C:\ProgramData\Application Data" => ":gs5sys" ADS not found.
"C:\ProgramData\Data aplikací" => ":gs5sys" ADS not found.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS removed successfully.
C:\Users\Public\Documents\desktop.ini => ":gs5sys" ADS removed successfully.
"C:\Users\Raubiri\Data aplikací" => ":gs5sys" ADS not found.
"C:\Users\Raubiri\Local Settings" => ":gs5sys" ADS not found.
"C:\Users\Raubiri\Soubory cookie" => ":gs5sys" ADS not found.
"C:\Users\Raubiri\Šablony" => ":gs5sys" ADS not found.
C:\Users\Raubiri\Desktop\desktop.ini => ":gs5sys" ADS removed successfully.
C:\Users\Raubiri\AppData\Local => ":gs5sys" ADS removed successfully.
C:\Users\Raubiri\AppData\Roaming => ":gs5sys" ADS removed successfully.
"C:\Users\Raubiri\AppData\Local\Data aplikací" => ":gs5sys" ADS not found.
"C:\Users\Raubiri\AppData\Local\History" => ":gs5sys" ADS not found.
C:\Users\Raubiri\Documents\desktop.ini => ":gs5sys" ADS removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12Agent => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD12DMREngine => key removed successfully
gupdate => service removed successfully
SkypeUpdate => service removed successfully
gupdatem => service removed successfully
gusvc => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 3.9 GB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 19:45:48 ====
Re: Preventivka
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak to s pc vypada.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Počítač vyčištěn CCleaner a těď přichází defragmentace ale bojím se jestli se nemůže něco stát s diskem protože mám podezření že disk je poškozený, dole přikládám log z CrystalDiskInfo.
DelFix:
# DelFix v1.013 - Logfile created 02/06/2016 at 14:00:31
# Updated 17/04/2016 by Xplode
# Username : Raubiri - PC-KLUCI
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\TDSSKiller.3.1.0.9_27.04.2016_14.51.22_log.txt
Deleted : C:\TDSSKiller.3.1.0.9_27.04.2016_15.11.59_log.txt
Deleted : C:\Users\Raubiri\Desktop\Addition.txt
Deleted : C:\Users\Raubiri\Desktop\adwcleaner_5.118.exe
Deleted : C:\Users\Raubiri\Desktop\Fixlog.txt
Deleted : C:\Users\Raubiri\Desktop\FRST.txt
Deleted : C:\Users\Raubiri\Desktop\FRST64.exe
Deleted : C:\Users\Raubiri\Desktop\RSITx64.exe
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
########## - EOF - ##########
CrystalDiskInfo:
----------------------------------------------------------------------------
CrystalDiskInfo 6.8.1 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2016/06/04 10:29:55
-- Controller Map ----------------------------------------------------------
- ATA Channel 1 (1) [ATA]
+ ATA Channel 0 (0) [ATA]
- TOSHIBA MK3276GSX ATA Device
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
+ ATA Channel 1 (1)
- Slimtype DVD A DS8A2L ATA Device
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]
-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MK3276GSX : 320,0 GB [0/2/0, pd1]
----------------------------------------------------------------------------
(1) TOSHIBA MK3276GSX
----------------------------------------------------------------------------
Model : TOSHIBA MK3276GSX
Firmware : GS001A
Serial Number : 51C6C024T
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/300
Power On Hours : 9548 hod.
Power On Count : 1561 krát
Temperature : 40 C (104 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __1 0000000004E3 Čas na roztočení ploten
04 100 100 __0 000000000657 Počet spuštění/zastavení
05 100 100 _50 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _77 _77 __0 00000000254C Hodin v činnosti
0A 132 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000619 Počet cyklů zapnutí zařízení
BF 100 100 __0 0000000000D5 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000003C Počet vypnutí disku
C1 _95 _95 __0 00000000C735 Počet cyklů načítání/vymazání
C2 100 100 __0 0038000B0028 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000004 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DC 100 100 __0 00000000002B Posunutí disku vůči ose
DE _84 _84 __0 000000001A4B Počet hodin zalažení budoucího mechanismu magnetických hlav
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E0 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené napětím mechanických částí
E2 100 100 __0 0000000000F8 Celkový čas zatížení budiče magnetických hlav
F0 100 100 __1 000000000000 Čas nastavování hlaviček - v hodinách
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000 .@?..7.......?......
010: 2020 2020 2020 2020 2020 2035 3143 3643 3032 3454 51C6C024T
020: 0000 4000 0000 4753 3030 3141 2020 544F 5348 4942 ..@...GS001A TOSHIB
030: 4120 4D4B 3332 3736 4753 5820 2020 2020 2020 2020 A MK3276GSX
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00 ..../.
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110 @.......?....?......
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000 ...........x.x.x.x..
070: 0000 0000 0000 0000 0000 001F 0F06 0004 004C 0040 .................L.@
080: 01F8 0000 746B 7D09 6163 7469 BC09 6163 203F 0031 ....tk}.acti..ac ?.1
090: 0031 0080 FFFE 0000 0000 0000 0000 0000 0000 0000 .1..................
100: EAB0 2542 0000 0000 0000 0000 4000 0000 5000 0393 ..%B........@...P...
110: 4358 452D 0000 0000 0000 0000 0000 0000 0000 4018 CXE-..............@.
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000 @................)..
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 ....................
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 ....................
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 ....................
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000 ....................
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 ....................
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 ....................
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 ....................
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000 .............=......
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000 ....................
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000 ....................
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000 ....................
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 ....................
250: 0000 0000 0000 0000 0000 73A5 ..........s.
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05 .....dd.........
010: 00 64 64 00 00 00 00 00 00 00 03 27 00 64 64 E3 .dd........'.dd.
020: 04 00 00 00 00 00 04 32 00 64 64 57 06 00 00 00 .......2.ddW....
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B ...3.dd.........
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00 .dd..........dd.
050: 00 00 00 00 00 00 09 32 00 4D 4D 4C 25 00 00 00 .......2.MML%...
060: 00 00 0A 33 00 84 64 00 00 00 00 00 00 00 0C 32 ...3..d........2
070: 00 64 64 19 06 00 00 00 00 00 BF 32 00 64 64 D5 .dd........2.dd.
080: 00 00 00 00 00 00 C0 32 00 64 64 3C 00 00 00 00 .......2.dd<....
090: 00 00 C1 32 00 5F 5F 35 C7 00 00 00 00 00 C2 22 ...2.__5......."
0A0: 00 64 64 28 00 0B 00 38 00 00 C4 32 00 64 64 00 .dd(...8...2.dd.
0B0: 00 00 00 00 00 00 C5 32 00 64 64 04 00 00 00 00 .......2.dd.....
0C0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 32 ...0.dd........2
0D0: 00 C8 C8 00 00 00 00 00 00 00 DC 02 00 64 64 2B .............dd+
0E0: 00 00 00 00 00 00 DE 32 00 54 54 4B 1A 00 00 00 .......2.TTK....
0F0: 00 00 DF 32 00 64 64 00 00 00 00 00 00 00 E0 22 ...2.dd........"
100: 00 64 64 00 00 00 00 00 00 00 E2 26 00 64 64 F8 .dd........&.dd.
110: 00 00 00 00 00 00 F0 01 00 64 64 00 00 00 00 00 .........dd.....
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 5B ............x..[
170: 03 00 01 00 02 66 00 00 00 00 00 00 00 00 00 00 .....f..........
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 79 ...............y
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32 ...2...........2
010: 00 00 00 00 00 00 00 00 00 00 03 01 00 00 00 00 ................
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 ................
030: 00 00 05 32 00 00 00 00 00 00 00 00 00 00 07 32 ...2...........2
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00 ...........2....
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00 ................
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00 ................
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00 ................
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00 ................
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00 ................
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00 ................
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00 ................
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00 ................
0D0: 00 00 00 00 00 00 00 00 00 00 DC 00 00 00 00 00 ................
0E0: 00 00 00 00 00 00 DE 00 00 00 00 00 00 00 00 00 ................
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E0 00 ................
100: 00 00 00 00 00 00 00 00 00 00 E2 00 00 00 00 00 ................
110: 00 00 00 00 00 00 F0 01 00 00 00 00 00 00 00 00 ................
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36 ...............6
DelFix:
# DelFix v1.013 - Logfile created 02/06/2016 at 14:00:31
# Updated 17/04/2016 by Xplode
# Username : Raubiri - PC-KLUCI
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\TDSSKiller.3.1.0.9_27.04.2016_14.51.22_log.txt
Deleted : C:\TDSSKiller.3.1.0.9_27.04.2016_15.11.59_log.txt
Deleted : C:\Users\Raubiri\Desktop\Addition.txt
Deleted : C:\Users\Raubiri\Desktop\adwcleaner_5.118.exe
Deleted : C:\Users\Raubiri\Desktop\Fixlog.txt
Deleted : C:\Users\Raubiri\Desktop\FRST.txt
Deleted : C:\Users\Raubiri\Desktop\FRST64.exe
Deleted : C:\Users\Raubiri\Desktop\RSITx64.exe
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
########## - EOF - ##########
CrystalDiskInfo:
----------------------------------------------------------------------------
CrystalDiskInfo 6.8.1 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2016/06/04 10:29:55
-- Controller Map ----------------------------------------------------------
- ATA Channel 1 (1) [ATA]
+ ATA Channel 0 (0) [ATA]
- TOSHIBA MK3276GSX ATA Device
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
+ ATA Channel 1 (1)
- Slimtype DVD A DS8A2L ATA Device
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]
-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MK3276GSX : 320,0 GB [0/2/0, pd1]
----------------------------------------------------------------------------
(1) TOSHIBA MK3276GSX
----------------------------------------------------------------------------
Model : TOSHIBA MK3276GSX
Firmware : GS001A
Serial Number : 51C6C024T
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/300
Power On Hours : 9548 hod.
Power On Count : 1561 krát
Temperature : 40 C (104 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __1 0000000004E3 Čas na roztočení ploten
04 100 100 __0 000000000657 Počet spuštění/zastavení
05 100 100 _50 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _77 _77 __0 00000000254C Hodin v činnosti
0A 132 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000619 Počet cyklů zapnutí zařízení
BF 100 100 __0 0000000000D5 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000003C Počet vypnutí disku
C1 _95 _95 __0 00000000C735 Počet cyklů načítání/vymazání
C2 100 100 __0 0038000B0028 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000004 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DC 100 100 __0 00000000002B Posunutí disku vůči ose
DE _84 _84 __0 000000001A4B Počet hodin zalažení budoucího mechanismu magnetických hlav
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E0 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené napětím mechanických částí
E2 100 100 __0 0000000000F8 Celkový čas zatížení budiče magnetických hlav
F0 100 100 __1 000000000000 Čas nastavování hlaviček - v hodinách
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000 .@?..7.......?......
010: 2020 2020 2020 2020 2020 2035 3143 3643 3032 3454 51C6C024T
020: 0000 4000 0000 4753 3030 3141 2020 544F 5348 4942 ..@...GS001A TOSHIB
030: 4120 4D4B 3332 3736 4753 5820 2020 2020 2020 2020 A MK3276GSX
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00 ..../.
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110 @.......?....?......
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000 ...........x.x.x.x..
070: 0000 0000 0000 0000 0000 001F 0F06 0004 004C 0040 .................L.@
080: 01F8 0000 746B 7D09 6163 7469 BC09 6163 203F 0031 ....tk}.acti..ac ?.1
090: 0031 0080 FFFE 0000 0000 0000 0000 0000 0000 0000 .1..................
100: EAB0 2542 0000 0000 0000 0000 4000 0000 5000 0393 ..%B........@...P...
110: 4358 452D 0000 0000 0000 0000 0000 0000 0000 4018 CXE-..............@.
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000 @................)..
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 ....................
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 ....................
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 ....................
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000 ....................
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 ....................
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 ....................
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 ....................
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000 .............=......
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000 ....................
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000 ....................
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000 ....................
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 ....................
250: 0000 0000 0000 0000 0000 73A5 ..........s.
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05 .....dd.........
010: 00 64 64 00 00 00 00 00 00 00 03 27 00 64 64 E3 .dd........'.dd.
020: 04 00 00 00 00 00 04 32 00 64 64 57 06 00 00 00 .......2.ddW....
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B ...3.dd.........
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00 .dd..........dd.
050: 00 00 00 00 00 00 09 32 00 4D 4D 4C 25 00 00 00 .......2.MML%...
060: 00 00 0A 33 00 84 64 00 00 00 00 00 00 00 0C 32 ...3..d........2
070: 00 64 64 19 06 00 00 00 00 00 BF 32 00 64 64 D5 .dd........2.dd.
080: 00 00 00 00 00 00 C0 32 00 64 64 3C 00 00 00 00 .......2.dd<....
090: 00 00 C1 32 00 5F 5F 35 C7 00 00 00 00 00 C2 22 ...2.__5......."
0A0: 00 64 64 28 00 0B 00 38 00 00 C4 32 00 64 64 00 .dd(...8...2.dd.
0B0: 00 00 00 00 00 00 C5 32 00 64 64 04 00 00 00 00 .......2.dd.....
0C0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 32 ...0.dd........2
0D0: 00 C8 C8 00 00 00 00 00 00 00 DC 02 00 64 64 2B .............dd+
0E0: 00 00 00 00 00 00 DE 32 00 54 54 4B 1A 00 00 00 .......2.TTK....
0F0: 00 00 DF 32 00 64 64 00 00 00 00 00 00 00 E0 22 ...2.dd........"
100: 00 64 64 00 00 00 00 00 00 00 E2 26 00 64 64 F8 .dd........&.dd.
110: 00 00 00 00 00 00 F0 01 00 64 64 00 00 00 00 00 .........dd.....
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 5B ............x..[
170: 03 00 01 00 02 66 00 00 00 00 00 00 00 00 00 00 .....f..........
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 79 ...............y
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32 ...2...........2
010: 00 00 00 00 00 00 00 00 00 00 03 01 00 00 00 00 ................
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 ................
030: 00 00 05 32 00 00 00 00 00 00 00 00 00 00 07 32 ...2...........2
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00 ...........2....
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00 ................
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00 ................
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00 ................
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00 ................
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00 ................
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00 ................
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00 ................
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00 ................
0D0: 00 00 00 00 00 00 00 00 00 00 DC 00 00 00 00 00 ................
0E0: 00 00 00 00 00 00 DE 00 00 00 00 00 00 00 00 00 ................
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E0 00 ................
100: 00 00 00 00 00 00 00 00 00 00 E2 00 00 00 00 00 ................
110: 00 00 00 00 00 00 F0 01 00 00 00 00 00 00 00 00 ................
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36 ...............6
Re: Preventivka
No ten disk nevypada nejlip 
Udelejte kontrolu programem HD Tune
Stahnete http://www.slunecnice.cz/sw/hd-tune/ , nainstalujte a spustte jako spravce (pokud vam pri instalaci nabidne nejaky doplnek, odmitnete ho!)
V tom okne kliknete na posledni zalozku - Error Scan (pokud bude zatrzeny quick scan, tak zatrzitko zruste) a kliknete na Start.
Kontrola bude nejakou dobu trvat. Dejte vedet, jestli tam bylo nejake cervene policko.
Taky se podivejte na zalozku Health a opiste mi (vyfotte), co se tam pise. Melo by tam byt OK http://www.google.cz/imgres?um=1&hl=cs& ... s:20,i:143
Jinak defragmentace by nemela uskodit, premistuje data na disku tak, aby byly rychlejsi reakce. Pripadnym poskozenym mistum by se mela vyhnout.
Udelejte kontrolu programem HD TuneStahnete http://www.slunecnice.cz/sw/hd-tune/ , nainstalujte a spustte jako spravce (pokud vam pri instalaci nabidne nejaky doplnek, odmitnete ho!)
V tom okne kliknete na posledni zalozku - Error Scan (pokud bude zatrzeny quick scan, tak zatrzitko zruste) a kliknete na Start.
Kontrola bude nejakou dobu trvat. Dejte vedet, jestli tam bylo nejake cervene policko.
Taky se podivejte na zalozku Health a opiste mi (vyfotte), co se tam pise. Melo by tam byt OK http://www.google.cz/imgres?um=1&hl=cs& ... s:20,i:143
Jinak defragmentace by nemela uskodit, premistuje data na disku tak, aby byly rychlejsi reakce. Pripadnym poskozenym mistum by se mela vyhnout.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Error Scan:
1 červené políčko
Health:
1 červené políčko
Health:
- HDTune_Health_TOSHIBA_MK3276GSX.png (43.69 KiB) Zobrazeno 2615 x
Re: Preventivka
Tak je potvrzeno, ze disk neni ve forme. Rozhodne pravidelne zalohujte.
Jak to jinak s pc vypada?
Jak to jinak s pc vypada?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Aktuálně defragmentuji disk potom se ozvu jak to vypadá.
Re: Preventivka
OK
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Defragmentace skončila BSOD dole přikládám další informace. Jinak problém s automatickým minimalizování oken stále přetrvává.
==================================================
Výpisy : 060516-32261-01.dmp
Čas havarie : 5.6.2016 22:37:49
Textový popis chyby: KERNEL_DATA_INPAGE_ERROR
Kód chyby : 0x0000007a
Parameter 1 : fffff6fc`40008a08
Parameter 2 : ffffffff`c0000185
Parameter 3 : 00000000`674f3860
Parameter 4 : fffff880`011414ac
Způsobil ovladač : ataport.SYS
Způsobené adresou : ataport.SYS+1c4ac
Popis souboru : ATAPI Driver Extension
Název produktu : Microsoft® Windows® Operating System
Společnost : Microsoft Corporation
Verze souboru : 6.1.7600.16385 (win7_rtm.090713-1255)
Procesor : 64-bitový
Adresa havárie : ntoskrnl.exe+70380
Adresa zásobníku 1:
Adresa zásobníku 2:
Adresa zásobníku 3:
Jméno počítače :
Úplná cesta : C:\Windows\Minidump\060516-32261-01.dmp
Počet procesů : 2
Hlavní verze : 15
Podřízená verze : 7601
Výpis velikost : 285 328
Čas výpisu : 5.6.2016 22:40:24
==================================================
==================================================
Výpisy : 060516-32261-01.dmp
Čas havarie : 5.6.2016 22:37:49
Textový popis chyby: KERNEL_DATA_INPAGE_ERROR
Kód chyby : 0x0000007a
Parameter 1 : fffff6fc`40008a08
Parameter 2 : ffffffff`c0000185
Parameter 3 : 00000000`674f3860
Parameter 4 : fffff880`011414ac
Způsobil ovladač : ataport.SYS
Způsobené adresou : ataport.SYS+1c4ac
Popis souboru : ATAPI Driver Extension
Název produktu : Microsoft® Windows® Operating System
Společnost : Microsoft Corporation
Verze souboru : 6.1.7600.16385 (win7_rtm.090713-1255)
Procesor : 64-bitový
Adresa havárie : ntoskrnl.exe+70380
Adresa zásobníku 1:
Adresa zásobníku 2:
Adresa zásobníku 3:
Jméno počítače :
Úplná cesta : C:\Windows\Minidump\060516-32261-01.dmp
Počet procesů : 2
Hlavní verze : 15
Podřízená verze : 7601
Výpis velikost : 285 328
Čas výpisu : 5.6.2016 22:40:24
==================================================
Přispějete na provoz fóra?
