Zasekávání PC Vyřešeno

[doktorcz]

RogueKiller V12.9.1.0 (x64) [Jan 2 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.10586) 64 bits version
Spuštěno : Normální režim
Uživatel : filip [Práva správce]
Started from : C:\Users\filip\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 01/10/2017 11:24:31 (Duration : 01:26:50)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[PUP.Firefox][Soubor] C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\g22ska30.default\Invalidprefs.js -> Smazáno

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][Firefox:Config] g22ska30.default : user_pref("browser.startup.homepage", "http://www.centrum.cz/"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD2500KS-00MJB0 ATA Device +++++
--- User ---
[MBR] 0f810d6d774afeae80f162791123e7dd
[BSP] 0b084b90082c0c4afb273d59b724fba9 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 237923 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 487473152 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

[Reklama]

[doktorcz]

Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by filip on 10.01.2017 at 15:50:29,83.
Microsoft Windows 10 Pro 10.0.10586 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\filip\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2017-01-10-121949.log 4299 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\IDM deleted successfully
C:\Users\filip\AppData\Local\ActiveSync deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\g22ska30.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.centrum.cz/");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\g22ska30.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\filip\AppData\Roaming\Thunderbird\Profiles\ug77651t.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\filip\AppData\Roaming\Thunderbird\Profiles\ug77651t.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\g22ska30.default

user.js not found
---- Lines searches removed from prefs.js ----
user_pref("browser.urlbar.suggest.searches", true);
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----

prefs__0816_.backup
prefs__1319_.backup
prefs__1538_.backup
prefs__1606_.backup

ProfilePath: C:\Users\filip\AppData\Roaming\Thunderbird\Profiles\ug77651t.default

---- FireFox user.js and prefs.js backups ----

user__0816_.backup
user__1319_.backup
user__1538_.backup
user__1606_.backup
prefs__0816_.backup
prefs__1319_.backup
prefs__1538_.backup
prefs__1606_.backup

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\g22ska30.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\filip\AppData\Roaming\Thunderbird\Profiles\ug77651t.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"mozilla_cc2@internetdownloadmanager.com"="C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi" [16.11.2016 16:36]

==== Firefox Extensions ======================

ProfilePath: C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\g22ska30.default
- VratnePenize.cz - %ProfilePath%\extensions\toolbar@vratnepenize.cz.xpi
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi

ProfilePath: C:\Users\filip\AppData\Roaming\Thunderbird\Profiles\ug77651t.default
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
- Mail Merge - %ProfilePath%\extensions\mailmerge@example.net.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\g22ska30.default
E8D38E8FB6EC88E7B0E0B4D9AC9B0725 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll - Shockwave Flash


==== Chromium Look ======================


Stylebot - filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiaejidbmkiecgbjeifoejpgmdaleoha
Chrome Media Router - filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\filip\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\filip\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\filip\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\filip\AppData\Local\Google\Chrome\User Data\Default\Web Data copy was reset successfully
C:\Users\filip\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\filip\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\filip\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\filip\AppData\Local\Mozilla\Firefox\Profiles\g22ska30.default\cache2 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Mozilla\Firefox\Profiles\55x78dea.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\filip\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\filip\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=18 folders=8 218858 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\filip\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 10.01.2017 at 16:52:28,70 ======================

[doktorcz]

Zemana AntiMalware 2.70.2.352 (nainstalovaný)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.1.10
Operating System : Windows 10 64-bit
Processor : 2X Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
BIOS Mode : Legacy
CUID : 122FA9D406CC97501720EC
Scan Type : Skenování systému
Duration : 91m 27s
Scanned Objects : 531072
Detected Objects : 1
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Vypnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Firefox Homepage
Status : Skenováno
Object : http://www.centrum.cz/
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Podezřelé nastavení prohlížeče
Cleaning Action : Opravit
Related Objects :
Nastavení prohlížeče - Firefox Homepage


Cleaning Result
-------------------------------------------------------
Cleaned : 1
Reported as safe : 0
Failed : 0

[doktorcz]

Zdá se mi to stejný.beze změny.Hlavně prohlížeče.Zatuhujou a i pohyb myši je občas ,,sekavej ,, Mám povypínano všechno a PC mi přijde ,že pořad něco ,,chroupe,,


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:38:15, on 10.01.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0713)

FIREFOX: 50.1.0 (x86 cs)
Boot mode: Normal

Running processes:
C:\Users\filip\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\filip\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [OneDrive] "C:\Users\filip\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Users\filip\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: TVR Scheduler.lnk = C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Zemana Ltd. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 10641 bytes

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O4 - HKCU\..\Run: [uTorrent] "C:\Users\filip\AppData\Roaming\uTorrent\utorrent.exe"

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[doktorcz]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017
Ran by filip (10-01-2017 19:13:50)
Running from C:\Users\filip\Desktop
Windows 10 Pro Version 1511 (X64) (2016-02-09 07:59:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1997079283-2425937949-446156209-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1997079283-2425937949-446156209-503 - Limited - Disabled)
filip (S-1-5-21-1997079283-2425937949-446156209-1001 - Administrator - Enabled) => C:\Users\filip
Guest (S-1-5-21-1997079283-2425937949-446156209-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.14 (HKLM-x32\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
AIMP2 (HKLM-x32\...\AIMP2) (Version: - AIMP DevTeam)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.15.161119 - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.00 - Canon Inc.)
Canon MG2900 series On-screen Manual (HKLM-x32\...\Canon MG2900 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CrystalDiskInfo 6.8.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.0 - Crystal Dew World)
DocBackupAC (HKLM-x32\...\DocBackupAC) (Version: - )
Document Express DjVu Plug-in (HKLM\...\{F4E8060A-33ED-4C50-8808-2AB1EDF29251}) (Version: 6.1.35472 - Cuminas Corporation)
Dropbox (HKLM-x32\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Freemake Video Converter verze 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Fushicai VIDEO DVR (HKLM-x32\...\{989BAFE8-E777-43D7-9749-9810E0E9FF48}) (Version: 2013.5.6 - Fushicai)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
GeoGet verze 2.9.6.767 (HKLM-x32\...\GeoGet_is1) (Version: 2.9.6.767 - )
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: - HDS)
honestechTVR2.5 (HKLM-x32\...\{ABADD11D-1B48-4F23-BEBA-6B22CE8F5E58}) (Version: 2.5 - honestech)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
K-Lite Codec Pack 12.7.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.7.5 - KLCP)
Malwarebytes verze 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1997079283-2425937949-446156209-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 50.1.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 cs)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Mozilla Thunderbird 45.6.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.6.0 (x86 cs)) (Version: 45.6.0 - Mozilla)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8333 - MyHeritage.com)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA Ovladač 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
ODF Add-in for Microsoft Office (HKLM-x32\...\{8CD705A2-C440-4DC3-8922-A7C5CFB4CA4D}) (Version: 3.0.5239.0 - OpenXML/ODF Translator Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Opera Stable 42.0.2393.94 (HKLM-x32\...\Opera 42.0.2393.94) (Version: 42.0.2393.94 - Opera Software)
Ovládací panel NVIDIA 342.01 (Version: 342.01 - NVIDIA Corporation) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
QuickTime (HKLM-x32\...\{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}) (Version: 7.60.92.0 - Apple Inc.)
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Registrace uživatele zařízení Canon MG2900 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG2900 series) (Version: - ‭Canon Inc.)
Revo Uninstaller Pro 3.1.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.7 - VS Revo Group, Ltd.)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SEDREAC (HKLM-x32\...\SEDREAC) (Version: - )
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 release candidate 3 - Ghisler Software GmbH)
UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.352 - Zemana Ltd.)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2C632C63-2BFC-414B-AC7C-BC168FE93914} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-07] (Google Inc.)
Task: {68B18AA5-E974-4C54-BAA7-5B8458BAC2ED} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack 2\Tools\CodecTweakTool.exe [2016-12-20] ()
Task: {6F880E02-FD5D-4C1E-A52E-0B03EE1DAE6C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-07] (Google Inc.)
Task: {7544CC83-A517-4192-850B-B839EAE3B456} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-04] (Microsoft Corporation)
Task: {802837F5-A5C6-4DBB-98F0-74FD04EF6FF0} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-09] (Dropbox, Inc.)
Task: {82ABE767-0FAF-4023-B145-1EEFFB811287} - System32\Tasks\Opera scheduled Autoupdate 1454864502 => C:\Program Files (x86)\Opera\launcher.exe [2016-12-19] (Opera Software)
Task: {A280E6D7-3B7A-4D60-9E21-570A5CBE012B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {CA5F3A39-75A4-4B89-9012-ED59B0AA3EE9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-09] (Dropbox, Inc.)
Task: {CE5F644C-B1B1-4414-BF09-3FC9AAC58D77} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-14] (Microsoft Corporation)
Task: {D49D54EA-D30F-4668-B4CC-770886815B3A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {D85ECA91-6C1F-4A54-8F16-175A0FB23690} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {DD616587-17D5-4BA8-BBD7-73E4DA6B1D8C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-26] (AVAST Software)
Task: {E61A6B72-3D0D-4820-8195-88F8B8F09698} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {E8EF2E65-E729-43FE-B270-BCD3F5EF87F9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {F5E5E2B1-EBD8-4EFA-9C33-119133288D85} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-24 13:20 - 2013-06-28 16:28 - 00084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-03-25 23:12 - 2016-03-25 23:12 - 00186760 _____ () C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
2016-11-09 11:12 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-09 11:12 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-14 09:11 - 2016-12-14 09:11 - 01678560 _____ () C:\Users\filip\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2017-01-10 17:00 - 2017-01-10 17:00 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2016-02-09 04:23 - 2016-02-09 04:23 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-15 07:06 - 2016-07-01 04:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-11-09 11:13 - 2016-10-25 05:49 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 11:13 - 2016-10-25 05:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 11:13 - 2016-10-25 05:45 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 11:13 - 2016-10-25 05:48 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-26 12:09 - 2016-09-26 12:09 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-10 15:43 - 2017-01-10 15:43 - 03138632 _____ () C:\Program Files\AVAST Software\Avast\defs\17011000\algo.dll
2016-09-26 12:09 - 2016-09-26 12:09 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-12-14 09:11 - 2016-12-14 09:11 - 01244376 _____ () C:\Users\filip\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-09-26 12:10 - 2016-09-26 12:10 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [134]
AlternateDataStreams: C:\ProgramData\TEMP:D78D6FF7 [133]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1997079283-2425937949-446156209-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-30 23:42 - 2017-01-10 15:54 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1997079283-2425937949-446156209-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\filip\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\tapeta programu windows prohlížeč fotografií.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: WbioSrvc => 2
MSCONFIG\Services: XblAuthManager => 3
MSCONFIG\Services: XblGameSave => 3
MSCONFIG\Services: XboxNetApiSvc => 3
HKLM\...\StartupApproved\StartupFolder: => "TVR Scheduler.lnk"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "Family Tree Builder Update"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1997079283-2425937949-446156209-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-1997079283-2425937949-446156209-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{64F1B801-B7D4-424F-9761-1B94DD3D8981}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B9425C3E-6452-4CA6-925E-1D1CD8EAC378}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{5696CEFF-13CB-4237-9030-1BC683F5966C}C:\users\filip\appdata\roaming\utorrent\utorrent.exe] => C:\users\filip\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{7AB83BCB-5FD9-4024-BF96-D48BB8A0AA2C}C:\users\filip\appdata\roaming\utorrent\utorrent.exe] => C:\users\filip\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{17A9EB94-D345-463F-AB08-F735198717AE}] => C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{2119C949-571A-4F8F-920B-AD1D33374C57}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{1F085A8E-C1F8-4C43-A301-47AEF15E89BA}C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [UDP Query User{3FE77702-B7CD-4226-9C43-E4F943336BB4}C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe] => C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [{7A622F56-71BC-4D18-811B-76EAB8B309EA}] => C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [{9545ED6D-E4E7-4962-947A-BE39EFFC515B}] => C:\program files (x86)\docbackupjre\j2re1.5.0_22\bin\javaw.exe
FirewallRules: [{373D5384-EFE9-4242-A1AD-9CCCFDF9643E}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E2418507-E406-4EAD-8D17-E4BE63BD5671}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{76218C62-0A7F-4A92-9206-4FB81A29C791}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B006895B-16C8-4036-B202-ACC97C92E68A}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0BE1C60E-29A8-4C13-A694-9A4565E4C1EA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8C204C2C-9038-47D5-B3F9-49B609C829AA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2CA9381C-97FA-47E5-9A1B-D2837DEEB4F6}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{18E93E2D-14C2-44C7-9E06-BC6695B415FB}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{44F32B94-63C0-4169-A320-B6E437D87CCF}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

04-01-2017 14:09:26 JRT Pre-Junkware Removal
09-01-2017 19:42:54 JRT Pre-Junkware Removal
10-01-2017 13:05:50 zoek.exe restore point

==================== Faulty Device Manager Devices =============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/10/2017 05:00:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\DjVuViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.672_none_ea83eaa5b9bc2149.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.672_none_a2d6b3cea53ff843.manifest.

Error: (01/10/2017 04:49:59 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Systém nemůže nalézt uvedený soubor.

Error: (01/10/2017 03:42:28 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Systém nemůže nalézt uvedený soubor.

Error: (01/10/2017 01:06:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/10/2017 12:58:17 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/10/2017 12:51:10 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (01/10/2017 12:51:10 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (01/10/2017 12:50:28 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (01/10/2017 12:50:28 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (01/10/2017 12:09:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SoftwareUpdate.exe, verze: 2.1.1.116, časové razítko: 0x488a4f1f
Název chybujícího modulu: ScriptingObjectModel.dll, verze: 2.1.1.116, časové razítko: 0x488a4efe
Kód výjimky: 0xc0000005
Posun chyby: 0x00002f91
ID chybujícího procesu: 0xb90
Čas spuštění chybující aplikace: 0x01d26b3077dca761
Cesta k chybující aplikaci: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Apple Software Update\ScriptingObjectModel.dll
ID zprávy: 9e7cd5a8-2ec7-4fd3-86a7-888abb45b3ae
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (01/10/2017 07:14:05 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/10/2017 07:14:03 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/10/2017 07:14:01 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/10/2017 07:13:05 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/10/2017 07:13:03 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/10/2017 07:13:01 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/10/2017 07:12:05 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/10/2017 07:12:03 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/10/2017 07:12:01 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/10/2017 07:11:05 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.


CodeIntegrity:
===================================
Date: 2016-12-28 10:30:22.361
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-23 15:55:30.611
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-15 08:04:58.613
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-27 08:09:49.183
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-18 09:22:54.968
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-12 18:07:29.244
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-11 03:55:17.306
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-10 10:55:10.570
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-10 07:35:19.104
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-31 03:17:42.446
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 29%
Total physical RAM: 6143.11 MB
Available physical RAM: 4328.07 MB
Total Virtual: 8191.11 MB
Available Virtual: 6463.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.35 GB) (Free:31.02 GB) NTFS
Drive d: (OEM Capture_win8) (CDROM) (Total:0.11 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 232.9 GB) (Disk ID: 0D840D83)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

[doktorcz]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2017
Ran by filip (administrator) on DESKTOP-L03U3VM (10-01-2017 19:12:20)
Running from C:\Users\filip\Desktop
Loaded Profiles: filip (Available Profiles: filip)
Platform: Windows 10 Pro Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\Photodex\ProShowProducer\scsiaccess.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803976 2016-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14080240 2017-01-07] (Zemana Ltd.)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [14829232 2016-09-05] (MyHeritage)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (CANON INC.)
HKU\S-1-5-21-1997079283-2425937949-446156209-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-1997079283-2425937949-446156209-1001\...\MountPoints2: {85a52309-cdaa-11e5-8d6b-806e6f6e6963} - "D:\autorun.exe"
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-26] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TVR Scheduler.lnk [2016-12-12]
ShortcutTarget: TVR Scheduler.lnk -> C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2f96b457-8cc6-4ae4-98dd-2f96d7437880}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1997079283-2425937949-446156209-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1997079283-2425937949-446156209-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-13] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-13] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: g22ska30.default
FF ProfilePath: C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\g22ska30.default [2017-01-10]
FF NewTab: Mozilla\Firefox\Profiles\g22ska30.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\g22ska30.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\g22ska30.default -> is enabled.
FF Extension: (VratnePenize.cz) - C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\g22ska30.default\Extensions\toolbar@vratnepenize.cz.xpi [2016-06-08]
FF Extension: (Google Translator for Firefox) - C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\g22ska30.default\Extensions\translator@zoli.bod.xpi [2016-04-29]
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-16]
FF HKU\S-1-5-21-1997079283-2425937949-446156209-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-1997079283-2425937949-446156209-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-1997079283-2425937949-446156209-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\filip\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\filip\AppData\Roaming\IDM\idmmzcc5 [2017-01-10] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-04] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2016-03-25] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-01-07]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-26] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3698888 2016-12-04] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-09] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-09-13] (NVIDIA Corporation)
S4 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-09-13] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-09-13] (NVIDIA Corporation)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe [186760 2016-03-25] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14080240 2017-01-07] (Zemana Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-26] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-26] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-26] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-26] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-26] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-14] (AVAST Software)
R3 AtcL001; C:\WINDOWS\System32\drivers\l160x64.sys [61440 2009-10-13] (Atheros Communications, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2016-02-07] ()
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56376 2016-09-13] (NVIDIA Corporation)
R3 RTL8023x64; C:\WINDOWS\system32\DRIVERS\Rtnic64.sys [61656 2015-01-18] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 X86BDA; C:\WINDOWS\system32\DRIVERS\OEMDrv.sys [268416 2011-06-08] ( )
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-01-10] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-10-22] (Zemana Ltd.)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-10 19:12 - 2017-01-10 19:12 - 00018810 _____ C:\Users\filip\Desktop\FRST.txt
2017-01-10 19:11 - 2017-01-10 19:12 - 00000000 ____D C:\FRST
2017-01-10 19:09 - 2017-01-10 19:10 - 00000000 ____D C:\Users\filip\Desktop\backups
2017-01-10 19:06 - 2017-01-10 19:06 - 02419200 _____ (Farbar) C:\Users\filip\Desktop\FRST64.exe
2017-01-10 17:00 - 2017-01-10 17:00 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-01-10 17:00 - 2017-01-10 17:00 - 00001217 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-01-10 17:00 - 2017-01-10 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-01-10 17:00 - 2017-01-10 17:00 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-01-10 16:54 - 2017-01-10 16:54 - 00000000 ____D C:\Users\filip\AppData\Local\ActiveSync
2017-01-10 16:53 - 2017-01-10 16:53 - 00000000 ___HD C:\OneDriveTemp
2017-01-10 16:52 - 2017-01-10 16:52 - 00000000 ____D C:\ProgramData\IDM
2017-01-10 16:10 - 2017-01-10 15:50 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2017-01-10 13:07 - 2017-01-10 13:07 - 05473184 _____ ( ) C:\Users\filip\Desktop\Zemana.AntiMalware.Setup.exe
2017-01-10 13:04 - 2017-01-10 16:06 - 00000000 ____D C:\zoek_backup
2017-01-10 13:03 - 2017-01-10 13:03 - 01309184 _____ C:\Users\filip\Desktop\zoek.exe
2017-01-10 08:20 - 2017-01-10 13:02 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-09 21:04 - 2017-01-09 21:04 - 00001480 _____ C:\Users\filip\Desktop\mbam.txt
2017-01-09 11:29 - 2017-01-09 11:29 - 25846856 _____ C:\Users\filip\Desktop\RogueKillerX64.exe
2017-01-09 11:28 - 2017-01-09 11:28 - 01663040 _____ (Malwarebytes) C:\Users\filip\Desktop\JRT.exe
2017-01-08 10:04 - 2017-01-08 09:48 - 03988944 _____ C:\Users\filip\Desktop\adwcleaner_6.042.exe
2017-01-07 17:37 - 2017-01-07 17:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\filip\Desktop\HijackThis.exe
2017-01-07 12:02 - 2017-01-07 12:02 - 00558416 _____ C:\Users\filip\Downloads\profile.htm
2017-01-07 12:00 - 2017-01-09 17:04 - 00000000 ____D C:\Users\filip\AppData\Roaming\IDM
2017-01-07 12:00 - 2017-01-07 12:00 - 00000000 ____D C:\Users\filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-01-07 12:00 - 2017-01-07 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-01-07 12:00 - 2017-01-07 12:00 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-01-07 12:00 - 2016-10-17 16:35 - 00223464 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2017-01-07 11:20 - 2017-01-07 11:20 - 00635729 _____ C:\Users\filip\Desktop\Cszuu9RXEAAAytT.jpg large.jpe
2017-01-05 19:22 - 2017-01-05 19:22 - 00031503 _____ C:\Users\filip\Desktop\21f3c500-9d4e-a38c-0912-7f90f50866df_Transvesti u WC-u.jpeg
2017-01-04 17:16 - 2017-01-04 17:19 - 00004290 _____ C:\Users\filip\Desktop\ZHPCleaner.txt
2017-01-04 17:08 - 2017-01-09 12:33 - 00000000 ____D C:\AdwCleaner
2017-01-04 17:06 - 2017-01-04 17:19 - 00000000 ____D C:\Users\filip\AppData\Roaming\ZHP
2017-01-04 17:06 - 2017-01-04 17:06 - 00000875 _____ C:\Users\filip\Desktop\ZHPCleaner.lnk
2017-01-04 14:12 - 2017-01-09 19:45 - 00000709 _____ C:\Users\filip\Desktop\JRT.txt
2017-01-03 19:29 - 2017-01-03 19:29 - 00000000 ____D C:\Users\filip\AppData\Roaming\MPC-HC
2017-01-03 15:55 - 2017-01-10 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-01-03 15:54 - 2017-01-04 14:11 - 00000000 ____D C:\Users\filip\AppData\Roaming\Lavasoft
2017-01-03 15:48 - 2017-01-03 15:48 - 00003236 _____ C:\WINDOWS\System32\Tasks\klcp_update
2017-01-03 15:48 - 2017-01-03 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2017-01-03 15:48 - 2017-01-03 15:48 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2
2017-01-03 09:46 - 2017-01-03 09:47 - 30000763 _____ (KLCP ) C:\Users\filip\Downloads\K-Lite_Codec_Pack_1275_Standard.exe
2017-01-02 18:53 - 2017-01-02 18:54 - 05996632 _____ ( ) C:\Users\filip\Downloads\klcp_update_1276_20161227.exe
2017-01-02 08:27 - 2017-01-02 08:39 - 00000000 ____D C:\Users\filip\Downloads\mailpv
2017-01-02 08:27 - 2017-01-02 08:27 - 00073097 _____ C:\Users\filip\Downloads\mailpv.zip
2017-01-01 17:48 - 2017-01-01 17:48 - 00036494 _____ C:\Users\filip\Downloads\Zdroj SBA.PDF
2017-01-01 15:19 - 2017-01-09 21:02 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-01 15:19 - 2017-01-01 15:19 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-01 15:19 - 2017-01-01 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-01 15:18 - 2017-01-01 15:18 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-01 15:18 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-01 15:15 - 2017-01-01 15:17 - 54199488 _____ (Malwarebytes ) C:\Users\filip\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2016-12-30 19:40 - 2016-12-30 19:45 - 84503798 _____ C:\Users\filip\Downloads\Vyšehrad-4.avi
2016-12-27 17:10 - 2016-12-27 17:11 - 03455839 _____ C:\Users\filip\Documents\Humor Viral - O melhor vídeo de 2016 _D quem gostou curti... _ Facebook.mp4
2016-12-23 21:34 - 2016-12-23 21:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cuminas
2016-12-23 21:34 - 2016-12-23 21:34 - 00000000 ____D C:\Program Files\Cuminas
2016-12-23 21:34 - 2016-12-23 21:34 - 00000000 ____D C:\Program Files (x86)\Cuminas
2016-12-23 21:29 - 2016-12-23 21:30 - 08577024 _____ C:\Users\filip\Downloads\djvuctrl-x64-6.1.4-de-r35472.msi
2016-12-23 20:25 - 2016-12-23 20:25 - 00000110 ____H C:\Users\filip\Desktop\534418_article_photo_wioq6hf_900x.jpeg.uid-zps
2016-12-23 15:41 - 2016-12-23 15:41 - 00003970 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1454864502
2016-12-22 21:19 - 2016-12-22 21:19 - 00104074 _____ C:\Users\filip\Desktop\Cigoši_mobil.JPG
2016-12-22 15:41 - 2016-12-22 15:42 - 00017021 _____ C:\Users\filip\Downloads\15542378_242176732854482_2198835677013733210_n.jpg
2016-12-22 04:24 - 2016-12-22 04:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-12-21 16:00 - 2016-12-21 16:00 - 98537392 _____ C:\Users\filip\Documents\Šachťák - videoklip (Pomáda parodie).mp4
2016-12-21 15:10 - 2016-12-21 15:10 - 00030010 _____ C:\Users\filip\Desktop\Feri_kamion_svařák.JPG
2016-12-21 15:08 - 2016-12-21 15:08 - 00079462 _____ C:\Users\filip\Desktop\Feri_kamion.JPG
2016-12-20 19:15 - 2016-12-20 19:20 - 99873248 _____ C:\Users\filip\Downloads\000-00518.zip
2016-12-20 18:39 - 2016-12-20 18:51 - 181079462 _____ C:\Users\filip\Downloads\000-04361.zip
2016-12-20 17:32 - 2016-12-20 20:43 - 00000000 ____D C:\Users\filip\Desktop\Nová složka (3)
2016-12-20 17:24 - 2016-12-20 17:29 - 169083600 _____ C:\Users\filip\Downloads\000-00427.zip
2016-12-20 17:21 - 2016-12-23 21:07 - 05642971 _____ C:\Users\filip\Downloads\8700_Sbírka-matrik-Východočeského-kraje-1587-1949_NAD_190-stav-2016-12-20.pdf
2016-12-18 13:51 - 2016-12-27 11:04 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-18 13:49 - 2016-12-18 13:49 - 37794928 _____ (PandoraTV) C:\Users\filip\Downloads\KMPlayer_4.1.4.7.exe
2016-12-18 13:31 - 2016-12-18 13:31 - 43153273 _____ C:\Users\filip\Documents\Africanism All Stars feat Ben Onono - Summer Moon (F___ Me I'm Famous Mix).mp4
2016-12-17 17:01 - 2016-12-17 17:01 - 00000000 ____D C:\Users\filip\AppData\Roaming\sp6_log
2016-12-17 16:49 - 2016-12-17 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-17 16:00 - 2016-12-17 16:05 - 00003364 _____ C:\Users\filip\Desktop\smetak.cmd
2016-12-17 12:31 - 2016-11-14 10:45 - 00615992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-12-15 11:31 - 2016-12-15 11:31 - 00329187 _____ C:\Users\filip\Downloads\12473798_1149124391764440_4500904143098833835_o.jpg
2016-12-15 09:10 - 2016-12-15 09:18 - 82207749 _____ C:\Users\filip\Downloads\OneDrive-2016-12-15(1).zip
2016-12-15 09:02 - 2016-12-15 09:05 - 28909500 _____ C:\Users\filip\Downloads\OneDrive-2016-12-15.zip
2016-12-15 08:23 - 2016-12-15 08:23 - 00000000 ____D C:\Users\filip\Desktop\Fotky_udelat
2016-12-14 19:32 - 2016-12-14 19:32 - 00034223 _____ C:\Users\filip\Downloads\15400430_906289029506746_9120336197565679685_n.jpg
2016-12-14 10:38 - 2016-11-22 12:42 - 00384864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-14 10:38 - 2016-11-22 11:43 - 03692040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-12-14 10:38 - 2016-11-22 11:38 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-14 10:38 - 2016-11-22 11:38 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-14 10:38 - 2016-11-22 11:36 - 00159640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-14 10:38 - 2016-11-22 11:35 - 00609056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-14 10:38 - 2016-11-22 11:35 - 00075448 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2016-12-14 10:38 - 2016-11-22 11:04 - 02549456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-14 10:38 - 2016-11-22 11:03 - 01777280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-14 10:38 - 2016-11-22 11:02 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-12-14 10:38 - 2016-11-22 11:02 - 01399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-14 10:38 - 2016-11-22 10:32 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-12-14 10:38 - 2016-11-22 10:24 - 02938408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-12-14 10:38 - 2016-11-22 10:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2016-12-14 10:38 - 2016-11-22 10:17 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-14 10:38 - 2016-11-22 10:16 - 00064072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2016-12-14 10:38 - 2016-11-22 10:13 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2016-12-14 10:38 - 2016-11-22 10:00 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2016-12-14 10:38 - 2016-11-22 09:59 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-12-14 10:38 - 2016-11-22 09:55 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-14 10:38 - 2016-11-22 09:54 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-12-14 10:38 - 2016-11-22 09:50 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-12-14 10:38 - 2016-11-22 09:49 - 02195640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-14 10:38 - 2016-11-22 09:48 - 01522672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-14 10:38 - 2016-11-22 09:47 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-12-14 10:38 - 2016-11-22 09:47 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-14 10:38 - 2016-11-22 09:35 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-12-14 10:38 - 2016-11-22 09:32 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-14 10:38 - 2016-11-22 09:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-12-14 10:38 - 2016-11-22 09:20 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-14 10:38 - 2016-11-22 09:12 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-12-14 10:38 - 2016-11-22 09:04 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-14 10:38 - 2016-11-22 08:57 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-14 10:38 - 2016-11-22 08:54 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-14 10:38 - 2016-11-22 08:53 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-14 10:38 - 2016-11-22 08:41 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-14 10:38 - 2016-11-22 08:38 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-12-14 10:38 - 2016-11-22 08:36 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-14 10:38 - 2016-11-22 08:26 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-14 10:38 - 2016-11-22 08:26 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-12-14 10:38 - 2016-11-22 08:21 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-12-14 10:38 - 2016-11-22 08:15 - 22373376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-14 10:38 - 2016-11-22 08:14 - 04895744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-14 10:38 - 2016-11-22 08:02 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-14 10:38 - 2016-11-22 08:01 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-14 10:38 - 2016-11-22 07:59 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-14 10:38 - 2016-11-22 07:55 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-14 10:38 - 2016-11-22 07:49 - 07839232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-14 10:38 - 2016-11-22 07:35 - 19350016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-14 10:38 - 2016-11-22 07:34 - 18670080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-14 10:38 - 2016-11-22 07:34 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-14 10:38 - 2016-11-22 07:32 - 03663872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-14 10:38 - 2016-11-22 07:17 - 05658624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-14 10:06 - 2016-12-14 10:06 - 00211839 _____ C:\Users\filip\Documents\IMG_20161214_0001.jpg
2016-12-14 09:51 - 2016-12-14 09:51 - 00001367 _____ C:\Users\filip\Desktop\SKENOVÁNÍ – zástupce.lnk
2016-12-14 09:12 - 2017-01-04 17:32 - 00003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-13 20:05 - 2016-12-13 20:05 - 00065348 _____ C:\Users\filip\Desktop\Výstřižek_3.JPG
2016-12-13 19:43 - 2016-12-13 19:53 - 162375393 _____ C:\Users\filip\Downloads\Řeznická-kuchařka_Josef-Dušátko.pdf
2016-12-13 17:27 - 2016-12-13 17:27 - 00099313 _____ C:\Users\filip\Desktop\Výstřižek.JPG
2016-12-13 15:51 - 2016-12-14 17:47 - 00663348 _____ C:\Users\filip\Documents\FOTKY BEčka_pardubice.docx
2016-12-13 14:20 - 2016-12-13 14:20 - 01644772 _____ C:\Users\filip\Desktop\500346_06277088abe773k25e1285.jpg
2016-12-13 12:29 - 2016-12-13 12:29 - 28611946 _____ C:\Users\filip\Downloads\DiffImg-2.2.0-setup.exe
2016-12-12 20:25 - 2016-12-12 20:25 - 00027472 _____ C:\Users\filip\Downloads\15391114_1357764690934996_7380240520730148952_n.jpg
2016-12-12 20:21 - 2016-12-12 20:21 - 00226656 _____ C:\Users\filip\Desktop\48924-Be-Happy-And-Smile.jpg
2016-12-12 16:52 - 2016-12-12 16:52 - 03081699 _____ C:\Users\filip\Downloads\6897fbd3f92b1df723e5248ed502aeae.pdf
2016-12-12 13:37 - 2016-12-24 08:59 - 00000000 ____D C:\Users\filip\AppData\Roaming\avidemux
2016-12-12 13:36 - 2016-12-12 13:36 - 00000955 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 64 bits.lnk
2016-12-12 13:36 - 2016-12-12 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64 bits)
2016-12-12 13:36 - 2016-12-12 13:36 - 00000000 ____D C:\Program Files\Avidemux 2.6 - 64 bits
2016-12-12 13:35 - 2016-12-12 13:36 - 20487148 _____ C:\Users\filip\Downloads\avidemux_2.6.15_win64.exe
2016-12-12 11:12 - 2016-12-12 11:12 - 00002376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk
2016-12-12 11:12 - 2016-12-12 11:12 - 00002220 _____ C:\Users\Public\Desktop\honestech TVR 2.5.lnk
2016-12-12 11:12 - 2016-12-12 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech TVR 2.5
2016-12-12 11:12 - 2016-12-12 11:12 - 00000000 ____D C:\Program Files (x86)\honestech
2016-12-12 11:12 - 2006-05-17 01:58 - 00073728 _____ (Macrovision Corporation) C:\WINDOWS\SysWOW64\ISUSPM.cpl
2016-12-11 17:27 - 2016-12-11 17:27 - 00000000 ____D C:\Users\filip\Desktop\Nová složka (2)
2016-12-11 17:26 - 2016-12-11 17:26 - 00304895 _____ C:\Users\filip\Documents\IMG_20161211_0001.jpg
2016-12-11 17:26 - 2016-12-11 17:26 - 00088008 _____ C:\Users\filip\Documents\IMG_20161211_0002.jpg
2016-12-11 17:12 - 2016-12-11 17:13 - 07946422 _____ C:\Users\filip\Documents\Poche Muzik - it's my life _ Facebook.mp4
2016-12-11 10:49 - 2016-12-11 10:54 - 304838656 _____ C:\Users\filip\Downloads\kav_rescue_10.iso
2016-12-11 09:53 - 2016-12-11 09:53 - 00000000 ____D C:\Users\filip\AppData\Roaming\Kastner software
2016-12-11 09:52 - 2016-12-11 09:52 - 00001453 _____ C:\Users\Public\Desktop\FORM studio.lnk
2016-12-11 09:52 - 2016-12-11 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FORM studio
2016-12-11 09:51 - 2016-12-11 09:51 - 00000000 ____D C:\ProgramData\KASTNER software
2016-12-11 09:51 - 2016-12-11 09:51 - 00000000 ____D C:\Program Files (x86)\KASTNER software

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-10 19:12 - 2016-10-22 15:03 - 00072290 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-01-10 19:12 - 2016-10-22 15:03 - 00054849 _____ C:\WINDOWS\ZAM.krnl.trace
2017-01-10 19:10 - 2016-11-16 12:27 - 00000000 ____D C:\Users\filip\AppData\LocalLow\Mozilla
2017-01-10 19:08 - 2016-02-09 15:48 - 00000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2017-01-10 19:07 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2017-01-10 18:58 - 2016-02-07 18:01 - 00000000 ____D C:\Users\filip\AppData\Roaming\uTorrent
2017-01-10 18:52 - 2016-02-07 18:57 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-10 17:18 - 2016-02-07 18:05 - 00000000 ____D C:\Users\filip\Downloads\mTORRENT
2017-01-10 17:03 - 2016-02-07 18:59 - 00000000 ____D C:\Users\filip\AppData\Roaming\DMCache
2017-01-10 17:02 - 2016-02-09 05:54 - 00000000 ____D C:\Users\filip
2017-01-10 16:59 - 2016-10-22 15:03 - 00000000 ____D C:\Users\filip\AppData\Local\Zemana
2017-01-10 16:53 - 2016-02-07 17:23 - 00000000 ___RD C:\Users\filip\OneDrive
2017-01-10 16:52 - 2016-02-09 15:48 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2017-01-10 16:49 - 2016-02-09 06:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-10 16:48 - 2015-10-30 07:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2017-01-10 13:19 - 2015-07-30 23:42 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-01-10 12:32 - 2016-02-21 09:47 - 00000000 ____D C:\Users\filip\AppData\Local\CrashDumps
2017-01-10 08:22 - 2016-02-14 18:38 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-01-10 04:28 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-10 04:28 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-08 19:22 - 2016-03-25 17:07 - 00000000 ____D C:\Users\filip\Desktop\RODOKMEN
2017-01-08 19:16 - 2016-02-07 19:00 - 00000000 ____D C:\Users\filip\Downloads\Compressed
2017-01-07 09:54 - 2016-02-07 17:06 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-07 09:54 - 2015-10-30 19:31 - 00750030 _____ C:\WINDOWS\system32\perfh005.dat
2017-01-07 09:54 - 2015-10-30 19:31 - 00150654 _____ C:\WINDOWS\system32\perfc005.dat
2017-01-06 12:45 - 2016-02-07 17:20 - 00000000 ____D C:\Users\filip\AppData\Local\Packages
2017-01-04 17:24 - 2015-09-10 06:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-04 17:21 - 2016-11-22 09:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-01-04 17:21 - 2016-11-16 09:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-04 17:21 - 2016-02-07 18:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-03 16:33 - 2016-02-08 14:07 - 00001194 _____ C:\Users\filip\Desktop\MyHeritage Family Tree Builder.lnk
2017-01-03 16:31 - 2016-02-08 14:06 - 00000000 ____D C:\Program Files (x86)\MyHeritage
2017-01-03 09:49 - 2016-02-07 18:04 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2017-01-01 15:18 - 2016-10-20 17:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-01 15:16 - 2016-02-09 05:48 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-01 15:00 - 2016-10-23 12:01 - 00000000 ____D C:\Users\filip\AppData\Roaming\IObit
2017-01-01 15:00 - 2016-10-23 12:01 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-30 19:45 - 2016-06-14 17:48 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-12-30 17:57 - 2016-02-07 17:18 - 00000000 ___RD C:\Users\filip\Pictures
2016-12-28 10:21 - 2016-02-07 15:57 - 00000000 ____D C:\WINDOWS\SoftwareDistribution
2016-12-27 17:24 - 2016-02-08 14:25 - 00000000 ____D C:\Users\filip\AppData\Roaming\vlc
2016-12-24 08:52 - 2016-09-11 09:54 - 00000000 ____D C:\Users\filip\Documents\honestech TVR
2016-12-23 15:57 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-23 15:53 - 2016-02-09 13:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-23 15:41 - 2016-02-07 18:01 - 00000000 ____D C:\Program Files (x86)\Opera
2016-12-23 15:33 - 2016-02-07 18:01 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-12-22 04:25 - 2016-02-10 08:45 - 00000000 ___RD C:\Users\filip\Dropbox
2016-12-22 04:25 - 2016-02-09 15:48 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-21 22:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\catroot2
2016-12-18 13:51 - 2015-10-30 07:28 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-17 19:27 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-12-17 17:03 - 2015-10-30 07:28 - 00000000 ____D C:\Program Files\Common Files
2016-12-17 17:02 - 2016-03-30 16:27 - 00000000 ____D C:\ProgramData\Logishrd
2016-12-17 17:02 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\DriverStore
2016-12-17 16:49 - 2015-10-30 08:24 - 00000416 ___SH C:\Users\Public\Desktop\desktop.ini
2016-12-17 16:46 - 2016-04-02 18:27 - 00000000 ____D C:\Users\filip\AppData\Local\NVIDIA
2016-12-17 16:05 - 2016-02-09 13:18 - 00000000 ____D C:\Users\filip\AppData\Roaming\Notepad++
2016-12-17 12:50 - 2016-02-07 18:33 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 12:50 - 2016-02-07 18:33 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 12:50 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-15 08:05 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\WinSxS
2016-12-15 08:01 - 2016-02-09 05:40 - 00344320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-15 03:34 - 2016-02-09 05:38 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{485596e0-7ed5-11e5-80df-e41d2d718e10}.TMContainer00000000000000000001.regtrans-ms
2016-12-15 03:34 - 2016-02-09 05:38 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{485596e0-7ed5-11e5-80df-e41d2d718e10}.TM.blf
2016-12-15 03:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-15 03:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\cs-CZ
2016-12-15 03:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-15 03:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-15 03:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\cs-CZ
2016-12-15 03:32 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-15 03:32 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-15 02:51 - 2016-02-07 18:34 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 02:51 - 2016-02-07 18:34 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-14 11:26 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 11:17 - 2016-02-08 18:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 11:12 - 2016-02-08 18:07 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-14 09:12 - 2016-02-07 17:23 - 00002387 _____ C:\Users\filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-14 09:02 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\CatRoot
2016-12-13 18:52 - 2016-02-07 18:57 - 00003888 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-12-13 18:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-13 18:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-12 15:34 - 2016-02-10 12:07 - 00000000 ____D C:\Users\filip\AppData\Roaming\Ancestry
2016-12-12 14:56 - 2016-02-07 19:00 - 00000000 ____D C:\Users\filip\Downloads\Video
2016-12-12 11:12 - 2016-11-03 09:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-12 11:12 - 2016-09-11 09:31 - 00000000 ____D C:\ProgramData\InstallShield
2016-12-12 00:03 - 2015-10-30 08:26 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:03 - 2015-10-30 08:26 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-11-14 13:10 - 2016-11-14 13:10 - 0002762 _____ () C:\Users\filip\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-05 10:16

==================== End of FRST.txt ============================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
Task: {2C632C63-2BFC-414B-AC7C-BC168FE93914} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-07] (Google Inc.)
Task: {68B18AA5-E974-4C54-BAA7-5B8458BAC2ED} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack 2\Tools\CodecTweakTool.exe [2016-12-20] ()
Task: {6F880E02-FD5D-4C1E-A52E-0B03EE1DAE6C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-07] (Google Inc.)
Task: {F5E5E2B1-EBD8-4EFA-9C33-119133288D85} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [134]
AlternateDataStreams: C:\ProgramData\TEMP:D78D6FF7 [133]
HKU\S-1-5-21-1997079283-2425937949-446156209-1001\...\MountPoints2: {85a52309-cdaa-11e5-8d6b-806e6f6e6963} - "D:\autorun.exe"
SearchScopes: HKU\S-1-5-21-1997079283-2425937949-446156209-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1997079283-2425937949-446156209-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
C:\Users\filip\AppData\Roaming\Lavasoft
C:\Program Files (x86)\McAfee
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Drive c: () (Fixed) (Total:232.35 GB) (Free:31.02 GB) NTFS
uvolni si místo na disku , abys měl nejméně 20% volného místa.

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.

Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..


Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

[doktorcz]

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017
Ran by filip (11-01-2017 09:12:53) Run:1
Running from C:\Users\filip\Desktop
Loaded Profiles: filip (Available Profiles: filip)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
Task: {2C632C63-2BFC-414B-AC7C-BC168FE93914} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-07] (Google Inc.)
Task: {68B18AA5-E974-4C54-BAA7-5B8458BAC2ED} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack 2\Tools\CodecTweakTool.exe [2016-12-20] ()
Task: {6F880E02-FD5D-4C1E-A52E-0B03EE1DAE6C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-07] (Google Inc.)
Task: {F5E5E2B1-EBD8-4EFA-9C33-119133288D85} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [134]
AlternateDataStreams: C:\ProgramData\TEMP:D78D6FF7 [133]
HKU\S-1-5-21-1997079283-2425937949-446156209-1001\...\MountPoints2: {85a52309-cdaa-11e5-8d6b-806e6f6e6963} - "D:\autorun.exe"
SearchScopes: HKU\S-1-5-21-1997079283-2425937949-446156209-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1997079283-2425937949-446156209-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
C:\Users\filip\AppData\Roaming\Lavasoft
C:\Program Files (x86)\McAfee
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2C632C63-2BFC-414B-AC7C-BC168FE93914} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C632C63-2BFC-414B-AC7C-BC168FE93914} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68B18AA5-E974-4C54-BAA7-5B8458BAC2ED} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68B18AA5-E974-4C54-BAA7-5B8458BAC2ED} => key removed successfully
C:\WINDOWS\System32\Tasks\klcp_update => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\klcp_update => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F880E02-FD5D-4C1E-A52E-0B03EE1DAE6C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F880E02-FD5D-4C1E-A52E-0B03EE1DAE6C} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5E5E2B1-EBD8-4EFA-9C33-119133288D85} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5E5E2B1-EBD8-4EFA-9C33-119133288D85} => key removed successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => key removed successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => moved successfully
C:\ProgramData\TEMP => ":B755D674" ADS removed successfully.
C:\ProgramData\TEMP => ":D78D6FF7" ADS removed successfully.
HKU\S-1-5-21-1997079283-2425937949-446156209-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{85a52309-cdaa-11e5-8d6b-806e6f6e6963} => key removed successfully
HKCR\CLSID\{85a52309-cdaa-11e5-8d6b-806e6f6e6963} => key not found.
HKU\S-1-5-21-1997079283-2425937949-446156209-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-1997079283-2425937949-446156209-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft => moved successfully
C:\Users\filip\AppData\Roaming\Lavasoft => moved successfully
C:\Program Files (x86)\McAfee => moved successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 387824772 B
Java, Flash, Steam htmlcache => 1598 B
Windows/system/drivers => 204699 B
Edge => 2731019 B
Chrome => 12742457 B
Firefox => 170860683 B
Opera => 10836416 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 13806 B
NetworkService => 0 B
filip => 2781342 B

RecycleBin => 0 B
EmptyTemp: => 560.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:13:20 ====

[jaro3]

Ještě Memtest a CDI.

[doktorcz]

----------------------------------------------------------------------------
CrystalDiskInfo 6.8.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 10586] (x64)
Date : 2017/01/11 9:54:09

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- WDC WD2500KS-00MJB0 ATA Device
+ ATA Channel 1 (1) [ATA]
- TSSTcorp CDDVDW SH-S223Q ATA Device
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ Intel(R) ICH9 Family 2 port Serial ATA Storage Controller 1 - 2921 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Intel(R) ICH9 Family 2 port Serial ATA Storage Controller 2 - 2926 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- Řadič prostorů úložišť [SCSI]
- JMicron JMB36X Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD2500KS-00MJB0 : 250,0 GB [0/1/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD2500KS-00MJB0
----------------------------------------------------------------------------
Model : WDC WD2500KS-00MJB0
Firmware : 02.01C03
Serial Number : WD-WCANKC488440
Disk Size : 250,0 GB (8,4/137,4/250,0/250,0)
Buffer Size : 16384 KB
Queue Depth : 1
# of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : ---- | SATA/150
Power On Hours : 40687 hod.
Power On Count : 5905 krát
Temperature : 37 C (98 F)
Health Status : Pozor
Features : S.M.A.R.T., AAM, 48bit LBA
APM Level : ----
AAM Level : 80FEh [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 198 198 _51 000000011D1D Počet chyb čtení
03 182 181 _21 0000000016E2 Čas na roztočení ploten
04 _94 _94 __0 000000001A49 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _45 _45 __0 000000009EEF Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _95 _95 __0 000000001711 Počet cyklů zapnutí zařízení
BE _63 _36 _45 000000000025 Teplota toku vzduchu
C2 113 _86 __0 000000000025 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000002 Počet podezřelých sektorů
C6 200 200 __0 000000000001 Počet neopravitelných sektorů
C7 200 186 __0 000000004084 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 414E 4B43 3438 3834 3430
020: 0000 8000 0032 3032 2E30 3143 3033 5744 4320 5744
030: 3235 3030 4B53 2D30 304D 4A42 3020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0602 0000 0040 0040
080: 00FE 0000 746B 7F61 4023 7469 3E41 4023 207F 0000
090: 0000 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 1663 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 41A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 C6 C6 1D 1D 01 00 00 00 00 03 03
010: 00 B6 B5 E2 16 00 00 00 00 00 04 32 00 5E 5E 49
020: 1A 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 0F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 2D 2D EF 9E 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0B 12 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 5F 5F 11 17 00 00 00 00 00 BE 22
070: 00 3F 24 25 00 00 00 00 00 00 C2 22 00 71 56 25
080: 00 00 00 00 00 00 C4 32 00 C8 C8 00 00 00 00 00
090: 00 00 C5 12 00 C8 C8 02 00 00 00 00 00 00 C6 10
0A0: 00 C8 C8 01 00 00 00 00 00 00 C7 3E 00 C8 BA 84
0B0: 40 00 00 00 00 00 C8 09 00 C8 C8 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 00 1E 01 7B
170: 03 00 01 00 02 5A 06 00 00 00 00 00 00 00 00 00
180: 00 00 01 06 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C6 C8 C8 C8 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 C8 C8 C8 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 33 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BE 2D
070: 00 00 00 00 00 00 00 00 00 00 C2 00 00 00 00 00
080: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
090: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0A0: 01 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0B0: 00 00 00 00 00 00 C8 33 C8 C8 C8 C8 C8 C8 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78

[doktorcz]

Mem test jsem musel změnit na 2G ,protoźe se mi nerozeběhne