Keylocker

[Nightingale]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2017
Ran by Roman (administrator) on ROMAN-HP (01-01-2017 22:00:28)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(IDT, Inc.) C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_9fc8b38ddee9fbba\stacsv.exe
(Hewlett-Packard) C:\WINDOWS\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
() C:\Program Files\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
(ArcSoft, Inc.) C:\WINDOWS\System32\uArcCapture.exe
(Andrea Electronics Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_9fc8b38ddee9fbba\AEstSrv.exe
(Portrait Displays, Inc.) C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Zemana Ltd.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
() C:\Program Files\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Zemana Ltd.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
(Microsoft Corporation) C:\WINDOWS\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.0_none_39c65e1db9443c5f\TiWorker.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495711 2009-12-03] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [254520 2010-01-05] (Hewlett-Packard Company)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-25] (Intel Corporation)
HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [563736 2009-10-23] (PDF Complete Inc)
HKLM\...\Run: [File Sanitizer] => C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11265536 2009-12-12] (Hewlett-Packard)
HKLM\...\Run: [DTRun] => c:\Program Files\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [518656 2009-11-19] (ArcSoft Inc.)
HKLM\...\Run: [NortonOnlineBackupReminder] => C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [UpdatePDRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2944056 2011-08-17] (Hewlett-Packard Company)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)
HKLM\...\Run: [Tmobile_Czech Estoril ModemListener] => C:\Program Files\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [159016 2014-12-11] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-19] (AVAST Software)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [14073072 2016-12-30] (Zemana Ltd.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP: C:\WINDOWS\system32\DeviceNP.dll [2009-11-17] (Hewlett-Packard Limited)
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\Run: [HPADVISOR] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-30] (Hewlett-Packard)
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\Run: [T-Mobile Communication Centre] => C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [1355792 2011-03-08] (Gemfor s.r.o.)
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27226072 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\MountPoints2: {56b47ca6-a756-11e6-8755-002713c7098f} - "D:\autorun.exe"
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-12-19] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456 2008-08-29] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0c0bfa36-d81d-4e7c-84ed-185e71b7a79e}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{6aab137e-c4c5-4d2e-b76a-732edc92d5af}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d8655306-05ce-4c43-b6e3-aa45a006f810}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
SearchScopes: HKLM -> DefaultScope {6537C524-DDDB-4964-B1C7-A9C977A0B269} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {6537C524-DDDB-4964-B1C7-A9C977A0B269} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002 -> DefaultScope {6537C524-DDDB-4964-B1C7-A9C977A0B269} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002 -> {6537C524-DDDB-4964-B1C7-A9C977A0B269} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002 -> {F5695065-E409-4595-A611-6DF0B7AE4F98} URL = hxxp://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-12-12] (Hewlett-Packard)
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2011-05-02] (DigitalPersona, Inc.)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-30] (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-08-23] (HP Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\1qmegt56.default [2017-01-01]
FF NewTab: Mozilla\Firefox\Profiles\1qmegt56.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\1qmegt56.default -> about:home
FF Extension: (Skype) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files\Fiddler2\FiddlerHook
FF Extension: (FiddlerHook) - C:\Program Files\Fiddler2\FiddlerHook [2015-12-01] [not signed]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-04] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-05-04] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-08-12] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-08-12] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-08-12] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-08-12] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-08-12] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-08-12] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-08-12] (Apple Computer, Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [84520 2011-03-14] (Software602 a.s.)
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft Inc.)
R2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_9fc8b38ddee9fbba\aestsrv.exe [81920 2009-03-03] (Andrea Electronics Corporation)
S2 ameisvc; C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [122608 2011-03-08] (Gemfor s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-19] (AVAST Software)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-15] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-15] (Dropbox, Inc.)
S2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [35432 2016-12-21] (Dropbox, Inc.)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300880 2010-07-16] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [362040 2009-11-17] (Hewlett-Packard Ltd)
R2 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [133176 2011-08-17] (Hewlett-Packard Company)
R2 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [32768 2010-10-19] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [81920 2010-01-08] (Hewlett-Packard Company) [File not signed]
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-02-01] (McAfee, Inc.)
R2 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2009-12-12] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-01-05] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3381200 2016-12-14] (Malwarebytes)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-10-23] (PDF Complete Inc)
R2 PdiService; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [113264 2011-03-16] (Portrait Displays, Inc.)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2008-12-31] ()
R2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_9fc8b38ddee9fbba\STacSV.exe [229461 2009-12-03] (IDT, Inc.)
R2 Tmobile_Czech Estoril Modem Device Helper; C:\Program Files\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe [76584 2014-12-11] ()
R2 uArcCapture; C:\WINDOWS\system32\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc.)
S2 vcsFPService; C:\windows\system32\vcsFPService.exe [1639728 2009-12-14] (Validity Sensors, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [14073072 2016-12-30] (Zemana Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 ARCVCAM; C:\WINDOWS\system32\DRIVERS\ArcSoftVCapture.sys [29824 2009-12-04] (ArcSoft, Inc.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34008 2016-12-19] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2016-12-19] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [92256 2016-12-19] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [91232 2016-12-19] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [60424 2016-12-19] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [735488 2016-12-19] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [433768 2016-12-19] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [118664 2016-12-19] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [224752 2016-12-19] (AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3205632 2015-10-30] (Qualcomm Atheros Communications, Inc.)
S3 AX88179; C:\WINDOWS\System32\drivers\ax88179_178a.sys [77920 2016-04-12] (ASIX Electronics Corp.)
S3 DAMDrv; C:\WINDOWS\System32\DRIVERS\DAMDrv.sys [32312 2009-10-21] (Hewlett-Packard Development Company L.P.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [108032 2016-04-24] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [59968 2016-12-14] ()
R2 Haspnt; C:\windows\system32\drivers\Haspnt.sys [47616 2010-10-11] (Aladdin Knowledge Systems) [File not signed]
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [153024 2016-12-29] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [87496 2016-12-31] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [39360 2016-12-31] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [219072 2016-12-31] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [73152 2016-12-31] (Malwarebytes)
S3 MfeAVFK; C:\WINDOWS\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)
S3 MfeBOPK; C:\WINDOWS\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\WINDOWS\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\WINDOWS\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
R1 RsvLock; C:\WINDOWS\system32\Drivers\RsvLock.sys [40088 2010-02-01] (McAfee, Inc.)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [73344 2009-12-22] (Realtek Semiconductor Corp.)
R0 SafeBoot; C:\WINDOWS\system32\Drivers\SafeBoot.sys [110520 2010-02-01] () [File not signed]
R0 SbAlg; C:\WINDOWS\system32\Drivers\SbAlg.sys [51800 2010-02-01] (McAfee, Inc.)
R0 SbFsLock; C:\WINDOWS\system32\Drivers\SbFsLock.sys [13256 2010-02-01] (McAfee, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [199936 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam32.sys [181496 2016-12-31] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard32.sys [181496 2016-12-31] (Zemana Ltd.)
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-01 22:00 - 2017-01-01 22:01 - 00025684 _____ C:\Users\Roman\Desktop\FRST.txt
2017-01-01 21:59 - 2017-01-01 22:00 - 00000000 ____D C:\FRST
2017-01-01 21:52 - 2017-01-01 21:59 - 01760256 _____ (Farbar) C:\Users\Roman\Desktop\FRST.exe
2016-12-31 16:56 - 2016-12-31 16:56 - 00000000 ____D C:\Users\Roman\AppData\Local\CrashDumps
2016-12-31 16:51 - 2016-12-31 16:51 - 00000000 ____D C:\Users\Roman\AppData\Local\ActiveSync
2016-12-31 16:50 - 2016-12-31 16:50 - 00000000 ____D C:\Users\Roman\AppData\Local\PDFC
2016-12-31 16:49 - 2016-12-31 16:49 - 00000000 __SHD C:\$RECYCLE.BIN
2016-12-31 16:44 - 2017-01-01 22:01 - 00000000 ____D C:\Users\Roman\AppData\Local\Temp
2016-12-31 16:44 - 2017-01-01 21:56 - 00000000 ____D C:\WINDOWS\Temp
2016-12-31 16:44 - 2016-12-31 16:05 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-12-31 16:10 - 2016-12-31 16:49 - 00011533 _____ C:\zoek-results.log
2016-12-31 16:05 - 2016-12-31 16:39 - 00000000 ____D C:\zoek_backup
2016-12-31 14:16 - 2017-01-01 22:00 - 00081909 _____ C:\WINDOWS\ZAM.krnl.trace
2016-12-31 14:16 - 2017-01-01 22:00 - 00052538 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2016-12-31 14:16 - 2016-12-31 14:16 - 00181496 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard32.sys
2016-12-31 14:16 - 2016-12-31 14:16 - 00181496 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam32.sys
2016-12-31 14:16 - 2016-12-31 14:16 - 00000000 ____D C:\Users\Roman\AppData\Local\Zemana
2016-12-31 14:16 - 2016-12-31 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-12-31 14:16 - 2016-12-31 14:16 - 00000000 ____D C:\Program Files\Zemana AntiMalware
2016-12-30 23:01 - 2016-12-31 12:45 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-12-30 23:00 - 2016-12-30 23:00 - 00000000 ____D C:\ProgramData\RogueKiller
2016-12-30 15:42 - 2016-12-30 15:42 - 00000000 ____D C:\ProgramData\Sophos
2016-12-30 15:38 - 2016-12-30 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2016-12-30 15:38 - 2016-12-30 15:38 - 00000000 ____D C:\Program Files\Sophos
2016-12-29 19:58 - 2016-12-29 19:58 - 00024867 _____ C:\Users\Roman\Desktop\TRAPEZNIKOV VASYL životopis.docx
2016-12-29 19:08 - 2016-12-29 19:08 - 00001008 _____ C:\Users\Roman\Desktop\428163894_0_DPHDP3-0064507122-20161227-134908.xml
2016-12-29 19:04 - 2016-12-29 19:05 - 00000000 ____D C:\Users\Roman\AppData\Local\Adobe
2016-12-29 19:03 - 2016-12-29 19:03 - 00001008 _____ C:\Users\Roman\Desktop\DPHDP3-0064507122-20161227-134908.xml
2016-12-29 18:56 - 2016-12-29 18:56 - 00000000 ____D C:\Users\Roman\AppData\Local\CEF
2016-12-29 11:02 - 2016-12-31 16:59 - 00087496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2016-12-29 11:02 - 2016-12-31 16:59 - 00073152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2016-12-29 11:02 - 2016-12-31 16:47 - 00219072 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-29 11:02 - 2016-12-31 16:47 - 00039360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-12-29 11:02 - 2016-12-29 11:02 - 00153024 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2016-12-29 11:01 - 2016-12-29 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-29 11:01 - 2016-12-29 11:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-29 11:01 - 2016-12-29 11:01 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-29 11:01 - 2016-12-14 12:55 - 00059968 _____ C:\WINDOWS\system32\Drivers\mbae.sys
2016-12-29 10:51 - 2016-12-30 13:44 - 00000000 ____D C:\AdwCleaner
2016-12-29 10:17 - 2017-01-01 21:58 - 00000000 ____D C:\Users\Roman\Desktop\hjt
2016-12-27 12:28 - 2016-12-27 12:28 - 00000000 ____D C:\Users\Roman\Desktop\davky VZP
2016-12-27 12:27 - 2016-12-27 12:27 - 00019596 _____ C:\Users\Roman\Desktop\davky VZP.rar
2016-12-23 20:37 - 2016-12-23 20:37 - 00034304 _____ C:\Users\Roman\Desktop\PŘÍLOHA PRACOVNÍ SMLOUVY1.doc
2016-12-23 20:35 - 2016-12-23 20:35 - 00008511 _____ C:\Users\Roman\Documents\PŘÍLOHA PRACOVNÍ SMLOUVY.odt
2016-12-23 20:31 - 2016-12-23 20:31 - 00020635 _____ C:\Users\Roman\Desktop\2.odt
2016-12-23 20:31 - 2016-12-23 20:31 - 00019401 _____ C:\Users\Roman\Desktop\PS.odt
2016-12-23 20:31 - 2016-12-23 20:31 - 00017903 _____ C:\Users\Roman\Desktop\1.odt
2016-12-22 05:28 - 2016-12-22 05:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-21 19:15 - 2016-12-21 19:15 - 00063592 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00063592 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00063592 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-12-21 19:15 - 2016-12-21 19:15 - 00035432 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

[Reklama]

[Nightingale]

2016-12-21 17:27 - 2016-12-21 17:27 - 00059972 _____ C:\Users\Roman\Desktop\Beryuk_CV.docx
2016-12-21 17:22 - 2016-12-21 17:22 - 00173568 _____ C:\Users\Roman\Desktop\cv vojkan-eng.doc
2016-12-21 17:16 - 2016-12-21 17:16 - 00316707 _____ C:\Users\Roman\Desktop\CV Alisher 2.docx
2016-12-20 10:34 - 2016-12-20 10:34 - 00002424 _____ C:\Users\Public\Desktop\Ekonomický systém POHODA 2016 Profi.lnk
2016-12-20 10:34 - 2016-12-20 10:34 - 00000000 ____D C:\Program Files\Common Files\MSSoap
2016-12-20 10:33 - 2016-12-20 10:34 - 00000000 ____D C:\Program Files\Common Files\STORMWARE Shared
2016-12-19 18:33 - 2016-12-31 16:45 - 00055856 ____H C:\Users\Roman\AppData\Local\IconCache.db
2016-12-19 17:09 - 2016-12-19 17:09 - 00006357 _____ C:\Users\Roman\Desktop\SLAVÍK ROMAN.p12
2016-12-19 17:09 - 2016-12-19 17:09 - 00005032 _____ C:\Users\Roman\Desktop\SLAVÍK ROMAN.zip
2016-12-19 11:32 - 2016-12-19 11:32 - 00001884 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-12-19 11:32 - 2016-12-19 11:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-12-19 11:29 - 2016-12-19 11:29 - 00000000 ____D C:\Users\Roman\AppData\LocalLow\Apple Computer
2016-12-19 11:16 - 2016-12-19 13:13 - 00001197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-12-19 11:16 - 2016-12-19 11:16 - 00001197 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-12-19 11:15 - 2016-12-19 11:15 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-12-19 11:14 - 2016-12-19 11:14 - 00002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-12-19 11:14 - 2016-12-19 11:14 - 00002152 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-12-19 11:14 - 2016-12-19 11:14 - 00000000 ____D C:\Users\Roman\AppData\Roaming\AVAST Software
2016-12-19 11:13 - 2016-12-19 11:13 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2016-12-19 11:13 - 2016-12-19 11:13 - 00735488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-12-19 11:13 - 2016-12-19 11:13 - 00433768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-12-19 11:13 - 2016-12-19 11:13 - 00224752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-12-19 11:13 - 2016-12-19 11:13 - 00118664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-12-19 11:13 - 2016-12-19 11:13 - 00092256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-12-19 11:13 - 2016-12-19 11:13 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-12-19 11:13 - 2016-12-19 11:13 - 00060424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-12-19 11:13 - 2016-12-19 11:13 - 00034008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-12-19 11:13 - 2016-12-19 11:12 - 00319760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-12-19 11:12 - 2016-12-19 11:12 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-12-19 11:11 - 2016-12-19 11:15 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-19 11:11 - 2016-12-19 11:15 - 00000000 ____D C:\Program Files\AVAST Software
2016-12-19 11:10 - 2016-12-19 11:11 - 06334848 _____ (AVAST Software) C:\Users\Roman\Downloads\avast_free_antivirus_setup_online.exe
2016-12-19 10:54 - 2016-12-19 10:59 - 00000000 ____D C:\ProgramData\F-Secure
2016-12-19 10:54 - 2016-12-19 10:54 - 00000000 ____D C:\Users\Roman\AppData\Local\F-Secure
2016-12-19 10:52 - 2016-12-19 10:54 - 00524248 _____ (F-Secure Corporation) C:\Users\Roman\Downloads\F-SecureOnlineScanner(1).exe
2016-12-19 08:43 - 2016-12-30 13:21 - 00000000 ____D C:\Users\Roman\AppData\Roaming\{20d37b65-48cd-4d61-8ffc-036edf19d3dd}
2016-12-19 08:43 - 2016-12-19 08:43 - 00000778 _____ C:\Users\Roman\YOUR_FILES_ARE_ENCRYPTED.TXT
2016-12-19 08:43 - 2016-12-19 08:43 - 00000778 _____ C:\Users\Roman\Downloads\YOUR_FILES_ARE_ENCRYPTED.TXT
2016-12-19 08:43 - 2016-12-19 08:43 - 00000778 _____ C:\Users\Roman\Documents\YOUR_FILES_ARE_ENCRYPTED.TXT
2016-12-19 08:43 - 2016-12-19 08:43 - 00000778 _____ C:\Users\Public\YOUR_FILES_ARE_ENCRYPTED.TXT
2016-12-16 23:14 - 2016-12-19 08:47 - 00044150 _____ C:\Users\Roman\Desktop\Petr Kromíchal -ORNIDES smluva budoucí kupní_opravy.doc.pxs6RxBh
2016-12-15 12:36 - 2016-12-19 08:47 - 01077366 _____ C:\Users\Roman\Desktop\Osvedceni Stomatochirurgie.pdf.pxs6RxBh
2016-12-15 08:37 - 2016-12-19 08:47 - 00174198 _____ C:\Users\Roman\Desktop\cv vojkan-eng.doc.pxs6RxBh
2016-12-14 12:06 - 2016-12-14 12:06 - 00002336 _____ C:\Users\Roman\Desktop\Admin.rdp
2016-12-09 09:54 - 2016-12-19 08:47 - 00026742 _____ C:\Users\Roman\Desktop\Krizanov.doc.pxs6RxBh
2016-12-08 12:18 - 2016-12-19 08:47 - 00022646 _____ C:\Users\Roman\Desktop\Plná moc.doc.pxs6RxBh
2016-12-08 09:47 - 2016-12-19 11:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-12-06 14:30 - 2016-12-19 08:47 - 00076918 _____ C:\Users\Roman\Desktop\Prihlaska-do-VR---01-10-2012_1.doc.pxs6RxBh
2016-12-06 12:28 - 2016-12-06 12:28 - 00373363 _____ C:\Users\Roman\Desktop\Резюме,Чехія.pdf
2016-12-06 12:25 - 2016-12-19 08:47 - 00013430 _____ C:\Users\Roman\Desktop\cv_1480867027.docx.pxs6RxBh
2016-12-05 15:35 - 2017-01-01 21:52 - 00000000 ____D C:\Users\Roman\AppData\LocalLow\Mozilla
2016-12-05 14:49 - 2016-12-19 12:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-12-05 11:01 - 2016-12-05 13:34 - 00000000 ____D C:\Users\Roman\Desktop\vzp
2016-12-05 09:51 - 2016-12-19 08:47 - 00140406 _____ C:\Users\Roman\Desktop\ŽÁDOST_§36_projekt Ukrajina.doc.pxs6RxBh
2016-12-04 19:36 - 2016-12-31 16:46 - 268435456 ___SH C:\swapfile.sys
2016-12-04 19:35 - 2017-01-01 21:53 - 212283392 ___SH C:\pagefile.sys
2016-12-04 19:35 - 2016-12-31 16:46 - 2302218240 ___SH C:\hiberfil.sys
2016-12-04 19:25 - 2016-12-04 19:25 - 00000000 ___HD C:\$SysReset
2016-12-04 17:21 - 2016-12-04 17:21 - 05388073 _____ C:\Users\Roman\Downloads\windows10.0-kb3199986-x86_bf0ba5d3aba65e64d16c3bbe309e2ef67831c26f (1).msu
2016-12-04 17:20 - 2016-12-04 17:20 - 11788076 _____ C:\Users\Roman\Downloads\windows10.0-kb3199986-x64_5d4678c30de2de2bd7475073b061d0b3b2e5c3be.msu
2016-12-04 15:06 - 2016-12-04 19:41 - 00000000 ___HD C:\$WINDOWS.~BT
2016-12-04 15:01 - 2016-12-04 16:50 - 00000000 ___HD C:\$GetCurrent
2016-12-04 15:01 - 2016-12-04 15:05 - 00000036 _____ C:\WINDOWS\progress.ini
2016-12-04 15:00 - 2016-12-04 16:56 - 00000000 ____D C:\Windows10Upgrade
2016-12-04 15:00 - 2016-12-04 15:00 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník při upgradu na Windows 10.lnk
2016-12-04 15:00 - 2016-12-04 15:00 - 00000719 _____ C:\Users\Roman\Desktop\Pomocník při upgradu na Windows 10.lnk
2016-12-04 14:58 - 2016-12-04 15:00 - 05741448 _____ (Microsoft Corporation) C:\Users\Roman\Downloads\Windows10Upgrade28084.exe
2016-12-04 14:51 - 2016-12-04 14:51 - 01045776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSJET35.DLL
2016-12-04 14:51 - 2016-12-04 14:51 - 00368912 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBAR332.DLL
2016-12-04 14:51 - 2016-12-04 14:51 - 00252176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSRD2X35.DLL
2016-12-04 14:51 - 2016-12-04 14:51 - 00123664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSJINT35.DLL
2016-12-04 14:51 - 2016-12-04 14:51 - 00024848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSJTER35.DLL
2016-12-04 10:47 - 2016-12-04 10:47 - 00524248 _____ (F-Secure Corporation) C:\Users\Roman\Downloads\F-SecureOnlineScanner.exe
2016-12-04 00:06 - 2016-12-04 00:06 - 05388073 _____ C:\Users\Roman\Downloads\windows10.0-kb3199986-x86_bf0ba5d3aba65e64d16c3bbe309e2ef67831c26f.msu
2016-12-03 23:58 - 2016-12-03 23:58 - 05741448 _____ (Microsoft Corporation) C:\Users\Roman\Downloads\Windows10Upgrade9252.exe
2016-12-03 23:58 - 2016-12-03 23:58 - 00376528 _____ (Microsoft Corporation) C:\Users\Roman\Downloads\RefreshWindowsTool.exe
2016-12-03 21:54 - 2016-12-03 21:54 - 00002250 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2016-12-03 21:47 - 2016-12-04 14:26 - 43462984 _____ (HP Inc. ) C:\Users\Roman\Downloads\sp77062.exe
2016-12-03 18:34 - 2016-12-08 09:47 - 00002094 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-12-03 18:34 - 2016-12-03 18:34 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-12-03 18:34 - 2016-12-03 18:34 - 00000000 ____D C:\Program Files\Adobe
2016-12-02 11:38 - 2016-12-19 08:57 - 00002166 _____ C:\Users\Roman\Desktop\text.txt.pxs6RxBh
2016-12-02 10:41 - 2016-12-19 08:54 - 00369782 _____ C:\Users\Roman\Desktop\CCF01122016_00000.jpg.pxs6RxBh
2016-12-02 10:33 - 2016-12-19 08:54 - 00429174 _____ C:\Users\Roman\Desktop\Scanitto_2016-11-25_005.jpg.pxs6RxBh
2016-12-02 10:33 - 2016-12-19 08:54 - 00396406 _____ C:\Users\Roman\Desktop\Scanitto_2016-11-25_003.jpg.pxs6RxBh
2016-12-02 10:33 - 2016-12-19 08:54 - 00215158 _____ C:\Users\Roman\Desktop\Scanitto_2016-11-25_007.jpg.pxs6RxBh
2016-12-02 10:28 - 2016-12-19 08:54 - 00706678 _____ C:\Users\Roman\Desktop\CCF02122016_00001.jpg.pxs6RxBh
2016-12-02 10:28 - 2016-12-19 08:54 - 00664694 _____ C:\Users\Roman\Desktop\CCF02122016_00000.jpg.pxs6RxBh
2016-12-02 09:39 - 2016-12-02 09:39 - 00054762 _____ C:\Users\Roman\Desktop\1091970217_20161202.pdf.y3xle3i.partial

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-01 22:01 - 2010-08-12 19:30 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Skype
2017-01-01 21:56 - 2015-10-30 06:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-01 21:53 - 2016-09-15 09:30 - 00000000 ___RD C:\Users\Roman\Dropbox
2017-01-01 21:50 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-01 21:49 - 2015-10-30 06:48 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-01 21:46 - 2016-09-15 09:23 - 00000912 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-12-31 17:03 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Desktop
2016-12-31 16:56 - 2016-05-20 06:46 - 00000000 ____D C:\Users\Roman\AppData\Local
2016-12-31 16:51 - 2010-04-14 11:07 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2016-12-31 16:49 - 2016-09-15 09:23 - 00000908 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-12-31 16:47 - 2010-04-14 11:16 - 00000018 _____ C:\WINDOWS\system32\log.txt
2016-12-31 16:46 - 2016-05-20 06:41 - 00040866 _____ C:\WINDOWS\PFRO.log
2016-12-31 16:46 - 2016-02-13 13:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-31 16:46 - 2015-10-30 06:13 - 74711040 _____ C:\WINDOWS\system32\config\SOFTWARE
2016-12-31 16:46 - 2015-10-30 06:13 - 15990784 _____ C:\WINDOWS\system32\config\SYSTEM
2016-12-31 16:46 - 2015-10-30 06:13 - 00524288 _____ C:\WINDOWS\system32\config\DEFAULT
2016-12-31 16:46 - 2015-10-30 06:13 - 00114688 _____ C:\WINDOWS\system32\config\SECURITY
2016-12-31 16:46 - 2010-02-02 05:40 - 00000000 ____D C:\ProgramData\HPQLOG
2016-12-31 16:45 - 2016-05-20 06:46 - 04980736 ___SH C:\Users\Roman\NTUSER.DAT
2016-12-31 16:45 - 2016-05-20 06:46 - 00000000 ____D C:\Users\Roman
2016-12-31 16:40 - 2015-10-30 06:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-31 16:40 - 2015-10-30 06:48 - 00000000 ___HD C:\ProgramData
2016-12-31 16:40 - 2015-10-30 06:13 - 00000000 ___RD C:\Program Files
2016-12-31 16:40 - 2015-10-30 06:13 - 00000000 ____D C:\WINDOWS\System32
2016-12-31 16:40 - 2009-07-14 03:37 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-12-31 16:39 - 2016-05-20 06:46 - 00000000 ____D C:\Users\Roman\AppData\Roaming
2016-12-31 16:18 - 2013-06-06 07:13 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-31 16:14 - 2016-05-23 11:33 - 00000000 ___HD C:\Users\DefaultAppPool\AppData
2016-12-31 16:14 - 2015-10-30 06:48 - 00000000 ___HD C:\Users\Default\AppData
2016-12-31 16:11 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\Drivers\etc
2016-12-31 16:11 - 2009-07-14 03:04 - 00000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts
2016-12-31 16:10 - 2010-02-02 05:46 - 00000000 __SHD C:\System Volume Information
2016-12-31 15:36 - 2016-07-22 07:14 - 00000338 _____ C:\WINDOWS\Tasks\HPCeeScheduleForRoman.job
2016-12-31 14:38 - 2015-10-30 06:13 - 00000000 ____D C:\WINDOWS\system32\config
2016-12-31 14:09 - 2016-05-20 06:45 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{9d3e46de-7ec8-11e5-80df-e41d2d7172c0}.TMContainer00000000000000000001.regtrans-ms
2016-12-31 14:09 - 2016-05-20 06:45 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{9d3e46de-7ec8-11e5-80df-e41d2d7172c0}.TM.blf
2016-12-31 14:09 - 2015-10-30 06:13 - 25165824 _____ C:\WINDOWS\system32\config\COMPONENTS
2016-12-31 13:59 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2016-12-31 00:16 - 2016-05-23 11:33 - 00262144 ___SH C:\Users\DefaultAppPool\NTUSER.DAT
2016-12-30 15:38 - 2015-10-30 06:48 - 00000000 __SHD C:\WINDOWS\Installer
2016-12-30 15:01 - 2015-10-30 06:13 - 05505024 _____ C:\WINDOWS\system32\config\DRIVERS
2016-12-29 11:17 - 2010-08-12 16:50 - 00000000 ___RD C:\Users\Roman\Downloads
2016-12-29 10:43 - 2016-09-15 09:23 - 00000000 ____D C:\Program Files\Dropbox
2016-12-29 10:43 - 2015-10-30 06:13 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-12-28 18:07 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\config\RegBack
2016-12-28 16:26 - 2016-05-20 06:45 - 00006584 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-28 16:26 - 2016-02-13 12:52 - 02431524 _____ C:\WINDOWS\system32\perfh005.dat
2016-12-28 16:26 - 2016-02-13 12:52 - 00668476 _____ C:\WINDOWS\system32\perfc005.dat
2016-12-28 16:26 - 2015-10-30 06:49 - 01303084 _____ C:\WINDOWS\system32\perfh009.dat
2016-12-28 16:26 - 2015-10-30 06:49 - 00635262 _____ C:\WINDOWS\system32\perfc009.dat
2016-12-27 12:28 - 2010-08-12 23:23 - 00000000 ____D C:\Users\Roman\AppData\Roaming\WinRAR
2016-12-23 20:35 - 2010-08-12 16:50 - 00000000 ___RD C:\Users\Roman\Documents
2016-12-20 15:43 - 2010-08-13 07:07 - 00001004 ___SH C:\ProgramData\KGyGaAvL.sys
2016-12-20 15:43 - 2010-08-13 07:07 - 00000000 ____D C:\Users\Roman\AppData\Roaming\CorelHomeOffice
2016-12-20 10:34 - 2015-10-30 06:13 - 00000000 ____D C:\Program Files\Common Files
2016-12-20 10:34 - 2015-01-12 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STORMWARE Office
2016-12-20 10:34 - 2013-01-22 09:56 - 00000000 ____D C:\Program Files\STORMWARE
2016-12-19 13:13 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\Tasks
2016-12-19 12:59 - 2014-08-06 09:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-12-19 12:44 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\restore
2016-12-19 11:47 - 2015-10-30 06:15 - 00000000 ____D C:\WINDOWS\Logs
2016-12-19 11:35 - 2014-08-06 09:46 - 00001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-19 11:32 - 2010-08-12 20:56 - 00000000 ____D C:\ProgramData\Apple Computer
2016-12-19 11:32 - 2010-08-12 20:56 - 00000000 ____D C:\Program Files\QuickTime
2016-12-19 11:31 - 2010-08-12 20:56 - 00054156 ____H C:\WINDOWS\QTFont.qfn
2016-12-19 11:29 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\config\systemprofile
2016-12-19 11:29 - 2010-08-12 16:50 - 00000000 ____D C:\Users\Roman\AppData\LocalLow
2016-12-19 11:24 - 2014-04-17 08:52 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Actions Production Tool
2016-12-19 11:24 - 2010-08-26 16:16 - 00000000 ____D C:\Users\Roman\AppData\Roaming\602XML
2016-12-19 11:24 - 2010-08-16 08:49 - 00000000 ____D C:\Users\Roman\AppData\Roaming\TeamViewer
2016-12-19 11:22 - 2015-06-02 06:59 - 00000000 ____D C:\Users\Roman\AppData\Local\GWX
2016-12-19 11:13 - 2015-10-30 06:13 - 00000000 ____D C:\WINDOWS\WinSxS
2016-12-19 09:45 - 2016-05-23 11:33 - 00000000 ____D C:\Users\DefaultAppPool
2016-12-19 09:45 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\catroot2
2016-12-19 09:31 - 2016-05-20 13:34 - 00027766 ____H C:\Users\Roman\AppData\Local\IconCache.db.pxs6RxBh
2016-12-19 09:29 - 2010-08-12 21:09 - 00000000 ____D C:\Users\Roman\Downloads\FMICD
2016-12-19 09:29 - 2010-08-12 16:50 - 00000000 ___RD C:\Users\Roman\Pictures
2016-12-19 09:00 - 2010-08-25 09:43 - 00000000 ____D C:\Users\Roman\AppData\Roaming\hpqLog
2016-12-19 09:00 - 2010-08-12 18:52 - 00118902 _____ C:\Users\Roman\AppData\Local\GDIPFONTCACHEV1.DAT.pxs6RxBh
2016-12-19 08:57 - 2016-07-13 09:53 - 00000000 ____D C:\Users\Roman\Desktop\ECCE
2016-12-19 08:57 - 2016-07-08 14:07 - 00002166 _____ C:\Users\Roman\Downloads\CertVZP.cer.pxs6RxBh
2016-12-19 08:57 - 2016-07-08 13:18 - 00002166 _____ C:\Users\Roman\Downloads\QCA2013803.crt.pxs6RxBh
2016-12-19 08:57 - 2015-12-01 10:32 - 00000000 ____D C:\Users\Roman\Documents\Fiddler2
2016-12-19 08:57 - 2015-07-10 15:42 - 00002166 _____ C:\Users\Roman\Downloads\QCA1823357.crt.pxs6RxBh
2016-12-19 08:57 - 2015-07-10 15:38 - 00003190 _____ C:\Users\Roman\Documents\Certifikát 2014.pfx.pxs6RxBh
2016-12-19 08:57 - 2015-03-23 15:50 - 00000000 ____D C:\Users\Roman\Documents\OZP
2016-12-19 08:57 - 2015-03-23 15:34 - 00000000 ____D C:\Users\Roman\Documents\VOZP
2016-12-19 08:57 - 2014-07-14 09:02 - 00002166 _____ C:\Users\Roman\Downloads\QCA1653817.crt.pxs6RxBh
2016-12-19 08:57 - 2013-07-10 09:22 - 00002166 _____ C:\Users\Roman\Downloads\QCA1479251.crt.pxs6RxBh
2016-12-19 08:57 - 2013-07-10 09:17 - 00003190 _____ C:\Users\Roman\Documents\zalohacert20130710.pfx.pxs6RxBh
2016-12-19 08:57 - 2011-08-01 09:57 - 00003190 _____ C:\Users\Roman\Documents\zalohacert20110801.pfx.pxs6RxBh
2016-12-19 08:57 - 2011-04-07 10:00 - 00001142 _____ C:\Users\Roman\.cnzp_signer_applet.config.pxs6RxBh
2016-12-19 08:57 - 2010-08-26 13:36 - 00002166 _____ C:\Users\Roman\Downloads\QCA1063416.crt.pxs6RxBh
2016-12-19 08:57 - 2010-08-25 11:08 - 00003190 _____ C:\Users\Roman\Documents\zalohacert20100825.pfx.pxs6RxBh
2016-12-19 08:57 - 2010-08-25 11:06 - 00000000 ____D C:\Users\Roman\Documents\postsignum
2016-12-19 08:57 - 2010-08-16 15:24 - 00000000 ____D C:\Users\Roman\Documents\KB
2016-12-19 08:57 - 2010-08-13 11:16 - 00005238 _____ C:\Users\Roman\Documents\bookmark.htm.pxs6RxBh
2016-12-19 08:57 - 2010-08-12 19:45 - 00000000 __RSD C:\Users\Roman\Documents\My Stationery
2016-12-19 08:54 - 2016-07-13 09:54 - 00000000 ____D C:\Users\Roman\Desktop\Ornides
2016-12-19 08:54 - 2016-06-15 14:51 - 00000000 ____D C:\Users\Roman\Documents\Byt Jilemnice
2016-12-19 08:54 - 2014-09-26 07:12 - 00000000 ____D C:\Users\Roman\Documents\Nová složka (2)
2016-12-19 08:48 - 2016-04-07 07:35 - 00000000 ___RD C:\Users\Roman\Documents\Scanned Documents
2016-12-19 08:47 - 2016-12-01 11:56 - 00106614 _____ C:\Users\Roman\Desktop\ÚP ukončení Gonchar.pdf.pxs6RxBh
2016-12-19 08:47 - 2016-12-01 11:56 - 00094326 _____ C:\Users\Roman\Desktop\ÚP nástup Shadorkin.pdf.pxs6RxBh
2016-12-19 08:47 - 2016-11-29 09:19 - 02878582 _____ C:\Users\Roman\Desktop\415435535_0_KZ_697846_1181_-_Ornides.pdf.pxs6RxBh
2016-12-19 08:47 - 2016-11-25 13:27 - 00022646 _____ C:\Users\Roman\Desktop\Roman Baliuk.doc.pxs6RxBh
2016-12-19 08:47 - 2016-11-25 12:31 - 00034934 _____ C:\Users\Roman\Desktop\VzorPR nový.doc.pxs6RxBh
2016-12-19 08:47 - 2016-11-24 14:18 - 00587894 _____ C:\Users\Roman\Desktop\Planmeca senzor.docx.pxs6RxBh
2016-12-19 08:47 - 2016-11-16 09:16 - 00015478 _____ C:\Users\Roman\Desktop\Příkazy k úhr. Ecce Dent (1).odt.pxs6RxBh
2016-12-19 08:47 - 2016-11-14 08:46 - 00140406 _____ C:\Users\Roman\Desktop\Zadost_o_povoleni_vykonu_zdravotnickeho_povolani_na_dobu_urcitou_-__36.doc.pxs6RxBh
2016-12-19 08:47 - 2016-11-11 16:15 - 00001142 ____H C:\Users\Roman\Desktop\~$ezyume.doc.pxs6RxBh
2016-12-19 08:47 - 2016-11-07 14:15 - 02006134 _____ C:\Users\Roman\Desktop\1.docx.pxs6RxBh
2016-12-19 08:47 - 2016-10-25 09:28 - 00005238 _____ C:\Users\Roman\Desktop\sluzby xdent.docx.pxs6RxBh
2016-12-19 08:47 - 2016-10-19 13:44 - 00087158 _____ C:\Users\Roman\Desktop\cenik_vykonu.xls.pxs6RxBh
2016-12-19 08:47 - 2016-10-19 13:43 - 00033910 _____ C:\Users\Roman\Desktop\cenik_slavik (1).xlsx.pxs6RxBh
2016-12-19 08:47 - 2016-10-11 09:02 - 00018550 _____ C:\Users\Roman\Desktop\Utkání 2016-17 (1).xlsx.pxs6RxBh
2016-12-19 08:47 - 2016-09-21 17:17 - 00040054 _____ C:\Users\Roman\Desktop\kotel.xlsx.pxs6RxBh
2016-12-19 08:47 - 2016-07-28 15:57 - 00000000 ____D C:\Users\Roman\Desktop\Životopisy
2016-12-19 08:47 - 2013-05-22 10:31 - 00000000 ____D C:\Users\Roman\Documents\BV
2016-12-19 08:44 - 2015-03-19 18:07 - 00000000 ____D C:\Users\Roman\Documents\VZP-odmínuté
2016-12-19 08:44 - 2015-03-19 17:03 - 00000000 ____D C:\Users\Roman\Documents\VZP-reg2
2016-12-19 08:43 - 2016-07-08 13:20 - 00115830 _____ C:\Users\Roman\Downloads\protokol_o_vydani.pdf.pxs6RxBh
2016-12-19 08:43 - 2016-06-15 09:33 - 00022646 _____ C:\Users\Roman\Documents\LB zadost.doc.pxs6RxBh
2016-12-19 08:43 - 2016-05-20 12:09 - 00178294 _____ C:\Users\Roman\Downloads\7007453387.PDF.pdf.pxs6RxBh
2016-12-19 08:43 - 2016-05-20 12:09 - 00152694 _____ C:\Users\Roman\Downloads\7007535847.PDF.pdf.pxs6RxBh
2016-12-19 08:43 - 2016-05-20 12:09 - 00143478 _____ C:\Users\Roman\Downloads\7007617737.PDF.pdf.pxs6RxBh
2016-12-19 08:43 - 2016-05-20 12:09 - 00143478 _____ C:\Users\Roman\Downloads\7007585937.PDF.pdf.pxs6RxBh
2016-12-19 08:43 - 2016-05-20 12:09 - 00142454 _____ C:\Users\Roman\Downloads\7007562797.PDF.pdf.pxs6RxBh
2016-12-19 08:43 - 2016-05-20 12:09 - 00139382 _____ C:\Users\Roman\Downloads\7007647817.PDF.pdf.pxs6RxBh
2016-12-19 08:43 - 2015-10-30 06:48 - 00000000 ___RD C:\Users\Public
2016-12-19 08:43 - 2015-08-20 07:46 - 00083062 _____ C:\Users\Roman\Documents\Ordines1-přehled pracovišť.xls.pxs6RxBh
2016-12-19 08:43 - 2015-07-13 11:02 - 00728182 _____ C:\Users\Roman\Downloads\Prehled_k_13-7-2015.xls.pxs6RxBh
2016-12-19 08:43 - 2015-05-28 10:12 - 00188534 _____ C:\Users\Roman\Downloads\2015_947387_007C.pdf.pxs6RxBh
2016-12-19 08:43 - 2015-04-21 07:21 - 00751734 _____ C:\Users\Roman\Downloads\Prehled_k_20-4-2015.xls.pxs6RxBh
2016-12-19 08:43 - 2015-03-23 15:51 - 00000000 ____D C:\Users\Roman\Documents\ČPZP
2016-12-19 08:43 - 2015-03-23 15:49 - 00196726 _____ C:\Users\Roman\Downloads\ZU130464823V1.pdf.pxs6RxBh
2016-12-19 08:43 - 2015-03-19 16:44 - 00000000 ____D C:\Users\Roman\Documents\VZP-registrace
2016-12-19 08:43 - 2015-03-04 11:27 - 00015478 _____ C:\Users\Roman\Documents\Chromá OPG 2-15.doc.pxs6RxBh
2016-12-19 08:43 - 2014-09-22 07:17 - 00010358 _____ C:\Users\Roman\Documents\ORNIDES_zaměstnanci (2).xls.pxs6RxBh
2016-12-19 08:43 - 2014-07-14 15:06 - 00091254 _____ C:\Users\Roman\Downloads\1091970217_6_1132_20140620.pdf.pxs6RxBh
2016-12-19 08:43 - 2014-04-24 09:12 - 00015478 _____ C:\Users\Roman\Documents\odvolání.doc.pxs6RxBh
2016-12-19 08:43 - 2014-04-01 09:23 - 00011382 _____ C:\Users\Roman\Documents\Ceník-201403.xlsx.pxs6RxBh
2016-12-19 08:43 - 2014-02-14 08:14 - 00013430 _____ C:\Users\Roman\Documents\Ceník-oprava.xlsx.pxs6RxBh
2016-12-19 08:43 - 2013-06-25 08:08 - 00007286 _____ C:\Users\Roman\Downloads\Lekarsky_posudek-vzor.doc.pxs6RxBh
2016-12-19 08:43 - 2013-04-23 08:40 - 00052342 _____ C:\Users\Roman\Downloads\Vyhlášení VŘ.doc.pxs6RxBh
2016-12-19 08:43 - 2013-01-15 09:33 - 01404022 _____ C:\Users\Roman\Downloads\Lm-029_posudek o bolestnem_07-2012.pdf.pxs6RxBh
2016-12-19 08:43 - 2012-05-03 09:55 - 00017526 _____ C:\Users\Roman\Documents\web cizina.doc.pxs6RxBh
2016-12-19 08:43 - 2011-10-11 09:36 - 00014454 _____ C:\Users\Roman\Documents\Zakazky2011_Katka.xls.pxs6RxBh
2016-12-19 08:43 - 2011-07-01 07:07 - 00088182 _____ C:\Users\Roman\Downloads\278618520207_6_1131_20110621.pdf.pxs6RxBh
2016-12-19 08:43 - 2011-04-05 10:30 - 00015478 _____ C:\Users\Roman\Documents\pokárání.doc.pxs6RxBh
2016-12-19 08:43 - 2010-08-31 09:14 - 00026742 _____ C:\Users\Roman\Documents\Dohoda o odpovědnosti.pdf.pxs6RxBh
2016-12-17 11:21 - 2016-05-20 07:35 - 00002429 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-17 11:21 - 2016-05-20 07:35 - 00000000 ___RD C:\Users\Roman\OneDrive
2016-12-17 11:21 - 2016-05-20 06:46 - 00000000 ___RD C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-14 12:12 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-12-13 22:18 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-13 09:08 - 2016-05-20 06:46 - 00000000 ____D C:\Users\Roman\AppData\Local\Microsoft
2016-12-08 09:54 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\WDI
2016-12-04 19:35 - 2016-05-20 07:40 - 00000000 __SHD C:\Recovery
2016-12-04 19:30 - 2016-11-10 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2016-12-04 19:30 - 2016-10-13 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JSignPdf
2016-12-04 19:30 - 2016-05-23 11:33 - 00000000 ___RD C:\Users\DefaultAppPool\Desktop
2016-12-04 19:30 - 2016-02-13 13:00 - 00000000 ____D C:\WINDOWS\ShellNew
2016-12-04 19:30 - 2016-02-13 12:52 - 00000000 ____D C:\WINDOWS\system32\Drivers\cs-CZ
2016-12-04 19:30 - 2016-02-13 12:52 - 00000000 ____D C:\WINDOWS\system32\cs
2016-12-04 19:30 - 2016-01-05 07:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-12-04 19:30 - 2015-11-20 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 __RSD C:\WINDOWS\Media
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 __RSD C:\WINDOWS\Fonts
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ___SD C:\ProgramData\Microsoft
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ___RD C:\WINDOWS\assembly
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\twain_32
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\zh-TW
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\zh-CN
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\sv-SE
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\spool
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\ru-RU
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\pt-PT
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\pt-BR
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\pl-PL
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\nl-NL
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\ko-KR
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\ja-JP
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\it-IT
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\IME
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\hu-HU
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\fr-FR
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\fi-FI
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\es-ES
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\el-GR
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\de-DE
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\da-DK
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\cs-CZ
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\schemas
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-12-04 19:30 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-04 19:30 - 2015-10-30 06:47 - 00000000 ____D C:\WINDOWS\INF
2016-12-04 19:30 - 2015-10-30 06:13 - 00000000 ____D C:\WINDOWS\system32\migration
2016-12-04 19:30 - 2013-07-18 17:02 - 00000000 ____D C:\WINDOWS\system32\nn-NO
2016-12-04 19:30 - 2012-04-04 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EurotelSMS
2016-12-04 19:30 - 2011-08-01 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CompuGroup Medical
2016-12-04 19:30 - 2011-04-28 09:08 - 00000000 ____D C:\WINDOWS\system32\SPReview
2016-12-04 19:30 - 2011-04-28 09:07 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-12-04 19:30 - 2011-04-20 11:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-12-04 19:30 - 2011-01-24 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-04 19:30 - 2010-08-13 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft PaperPort 11
2016-12-04 19:30 - 2010-08-13 07:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Home Office
2016-12-04 19:30 - 2010-08-13 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-12-04 19:30 - 2010-08-12 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour
2016-12-04 19:30 - 2010-08-12 20:59 - 00000000 ____D C:\WINDOWS\system32\QuickTime
2016-12-04 19:30 - 2010-08-12 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuarkXPress 8
2016-12-04 19:30 - 2010-08-12 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
2016-12-04 19:30 - 2010-08-12 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-12-04 19:30 - 2010-08-12 16:50 - 00000000 ___RD C:\Users\Roman\Links
2016-12-04 19:30 - 2010-08-12 16:50 - 00000000 ___RD C:\Users\Roman\Favorites
2016-12-04 19:30 - 2010-04-14 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft TotalMedia Suite
2016-12-04 19:30 - 2010-04-14 11:07 - 00000000 ____D C:\WINDOWS\SoftwareDistribution
2016-12-04 19:30 - 2010-02-02 06:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
2016-12-04 19:30 - 2010-02-02 06:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-12-04 19:30 - 2010-02-02 05:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Complete
2016-12-04 19:30 - 2010-02-02 05:40 - 00000000 ____D C:\WINDOWS\system32\zh-Hant
2016-12-04 19:30 - 2010-02-02 05:40 - 00000000 ____D C:\WINDOWS\system32\zh-Hans
2016-12-04 19:30 - 2010-02-02 05:40 - 00000000 ____D C:\WINDOWS\system32\pt
2016-12-04 19:30 - 2010-02-02 05:40 - 00000000 ____D C:\WINDOWS\system32\ko
2016-12-04 19:30 - 2010-02-02 05:40 - 00000000 ____D C:\WINDOWS\system32\ja
2016-12-04 19:30 - 2010-02-02 05:40 - 00000000 ____D C:\WINDOWS\system32\it
2016-12-04 19:30 - 2010-02-02 05:40 - 00000000 ____D C:\WINDOWS\system32\fr
2016-12-04 19:30 - 2010-02-02 05:40 - 00000000 ____D C:\WINDOWS\system32\es
2016-12-04 19:30 - 2010-02-02 05:40 - 00000000 ____D C:\WINDOWS\system32\de
2016-12-04 19:30 - 2010-02-02 05:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-12-04 19:30 - 2010-02-02 05:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
2016-12-04 19:30 - 2009-07-27 12:08 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-12-04 19:30 - 2009-07-27 09:30 - 00000000 ____D C:\WINDOWS\system32\OEM
2016-12-04 19:30 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public\Videos
2016-12-04 19:30 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public\Pictures
2016-12-04 19:30 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public\Music
2016-12-04 19:30 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public\Documents
2016-12-04 19:30 - 2009-07-14 03:37 - 00000000 ____D C:\Users\Default.migrated\Documents
2016-12-04 19:29 - 2016-05-23 11:33 - 00000000 ___SD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft
2016-12-04 19:29 - 2016-05-23 11:33 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2016-12-04 19:29 - 2016-05-23 11:33 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft
2016-12-04 19:29 - 2016-05-23 11:33 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local
2016-12-04 19:29 - 2016-05-20 06:46 - 00000000 ___SD C:\Users\Roman\AppData\Roaming\Microsoft
2016-12-04 19:29 - 2016-05-20 06:46 - 00000000 ___HD C:\Users\Roman\AppData
2016-12-04 19:29 - 2015-10-30 06:48 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-12-04 19:29 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\Recovery
2016-12-04 19:29 - 2015-10-30 06:48 - 00000000 ____D C:\Program Files\Microsoft.NET
2016-12-04 19:29 - 2015-10-30 06:48 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-04 19:29 - 2015-10-30 06:48 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-04 19:29 - 2015-10-30 06:48 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-04 19:29 - 2011-11-18 09:19 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2016-12-04 19:29 - 2011-06-17 16:31 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-12-04 19:29 - 2011-01-24 14:22 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-04 19:29 - 2010-08-12 18:58 - 00000000 ___RD C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-04 19:29 - 2010-08-12 18:58 - 00000000 ___RD C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-04 19:29 - 2010-08-12 18:53 - 00000000 ____D C:\Program Files\Microsoft
2016-12-04 19:29 - 2009-07-14 03:37 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-04 19:28 - 2016-05-20 07:29 - 00000000 ____D C:\Users\Roman\AppData\Local\TileDataLayer
2016-12-04 16:57 - 2010-08-12 18:58 - 00000402 ___SH C:\Users\Roman\Documents\desktop.ini
2016-12-04 16:57 - 2010-08-12 18:58 - 00000282 ___SH C:\Users\Roman\Downloads\desktop.ini
2016-12-04 16:57 - 2010-08-12 18:58 - 00000282 ___SH C:\Users\Roman\Desktop\desktop.ini
2016-12-04 16:57 - 2010-08-12 18:58 - 00000174 ___SH C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-04 16:57 - 2010-08-12 18:58 - 00000000 ___RD C:\Users\Roman\Searches
2016-12-04 16:57 - 2010-08-12 18:58 - 00000000 ___RD C:\Users\Roman\Contacts
2016-12-04 16:57 - 2010-08-12 16:50 - 00000000 ___RD C:\Users\Roman\Videos
2016-12-04 16:57 - 2010-08-12 16:50 - 00000000 ___RD C:\Users\Roman\Saved Games
2016-12-04 16:57 - 2010-08-12 16:50 - 00000000 ___RD C:\Users\Roman\Music
2016-12-04 16:47 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\Registration
2016-12-04 16:46 - 2016-05-20 07:17 - 00021592 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-12-04 15:46 - 2016-05-20 07:40 - 00000000 ___DC C:\WINDOWS\Panther
2016-12-04 15:46 - 2016-05-20 06:06 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2016-12-04 15:46 - 2016-05-20 06:06 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-12-04 15:46 - 2016-02-13 13:06 - 00002876 _____ C:\WINDOWS\setupact.log
2016-12-04 15:44 - 2016-05-20 06:45 - 00026757 _____ C:\WINDOWS\iis.log
2016-12-04 15:44 - 2015-10-30 06:49 - 00006585 _____ C:\WINDOWS\DtcInstall.log
2016-12-04 15:41 - 2016-05-20 06:10 - 00009687 _____ C:\WINDOWS\comsetup.log
2016-12-04 15:05 - 2016-02-13 13:06 - 00000000 _____ C:\WINDOWS\setuperr.log
2016-12-04 14:52 - 2016-05-20 06:46 - 00524288 ___SH C:\Users\Roman\NTUSER.DAT{a03ca6fd-d1fe-11e5-86e0-d55e4a623109}.TMContainer00000000000000000002.regtrans-ms
2016-12-04 14:52 - 2016-05-20 06:46 - 00065536 ___SH C:\Users\Roman\NTUSER.DAT{a03ca6fd-d1fe-11e5-86e0-d55e4a623109}.TM.blf
2016-12-04 14:38 - 2016-05-20 07:30 - 00000000 ____D C:\Users\Roman\AppData\Local\Packages
2016-12-04 14:37 - 2010-02-02 05:24 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-12-04 14:26 - 2010-02-02 05:14 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-12-04 14:12 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-12-04 10:54 - 2010-08-12 21:08 - 00000000 ____D C:\Users\Roman\Downloads\FileMaker.Pro.Advanced.v10.0v1.Incl.Keymaker-AGAiN
2016-12-04 09:01 - 2014-10-03 06:51 - 00000000 ___RD C:\Program Files\Skype
2016-12-04 09:01 - 2010-04-14 11:29 - 00000000 ____D C:\ProgramData\Skype
2016-12-03 21:54 - 2010-02-02 05:19 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-12-03 21:51 - 2009-07-27 17:13 - 00000000 ____D C:\swsetup
2016-12-03 19:31 - 2009-12-14 22:58 - 00000000 ___HD C:\SYSTEM.SAV
2016-12-03 18:45 - 2010-08-12 19:11 - 138444440 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-03 18:45 - 2010-02-02 05:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-03 18:40 - 2010-08-31 09:02 - 00000000 ____D C:\ProgramData\Adobe
2016-12-03 18:40 - 2010-08-12 19:22 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Adobe

==================== Files in the root of some directories =======

2010-08-13 10:04 - 2010-08-13 10:04 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-08-13 07:07 - 2016-12-20 15:43 - 0001004 ___SH () C:\ProgramData\KGyGaAvL.sys

Files to move or delete:
====================
C:\Users\Public\Pohoda_11000.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-28 18:07

==================== End of FRST.txt ============================

[Nightingale]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-01-2017
Ran by Roman (01-01-2017 22:02:03)
Running from C:\Users\Roman\Desktop
Microsoft Windows 10 Home Version 1511 (X86) (2016-05-20 06:28:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2965035555-1507124462-2575329643-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2965035555-1507124462-2575329643-503 - Limited - Disabled)
Guest (S-1-5-21-2965035555-1507124462-2575329643-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2965035555-1507124462-2575329643-1006 - Limited - Enabled)
Roman (S-1-5-21-2965035555-1507124462-2575329643-1002 - Administrator - Enabled) => C:\Users\Roman

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Apple Software Update (HKLM\...\{02DFF6B1-1654-411C-8D7B-FD6052EF016F}) (Version: 2.1.0.110 - Apple Inc.)
ArcSoft TotalMedia (HKLM\...\ArcSoft TotalMedia) (Version: 1.0.23.17 - ArcSoft)
ArcSoft TotalMedia (Version: 1.0.33.17 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 1.0.0.26 - ArcSoft)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
AX88179_AX88178A Windows 7 Drivers (HKLM\...\InstallShield_{14414298-5199-4C52-81E2-FF1501EAAD72}) (Version: 2.0.4.0 - ASIX Electronics Corporation)
AX88179_AX88178A Windows 7 Drivers (Version: 2.0.4.0 - ASIX Electronics Corporation) Hidden
AĹľuriranje za Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-041A-0000-0000000FF1CE}_PROHYBRIDR_{BAEF930D-2299-4291-A776-76180A3A62E2}) (Version: - Microsoft)
AĹľuriranje za Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-041A-0000-0000000FF1CE}_PROHYBRIDR_{AF2BE5BC-7CDA-4D93-BC81-B318E4729D7A}) (Version: - Microsoft)
AĹľuriranje za Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-041A-0000-0000000FF1CE}_PROHYBRIDR_{CB1B45DE-6AAE-46FB-9FFE-B5F4F7029605}) (Version: - Microsoft)
Bonjour (HKLM\...\{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}) (Version: 1.0.105 - Apple Inc.)
Brother MFL-Pro Suite MFC-7440N (HKLM\...\{46E1B1F2-A279-4356-9B17-029F9CC72EAE}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
capicom (Version: 1.0.0.0 - Unknown) Hidden
CMDialog ActiveX Control DLL (Version: 6.0.84.18 - Unknown) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CompuGroup Medical - (PC DOKTOR / PC DENT) (HKLM\...\{81F07A4F-A47E-4E0F-A75D-D24BD09BB2D8}) (Version: 3.11.1.7980 - CompuGroup Medical Česká republika s.r.o.)
Corel Home Office - CS Templates (Version: 5.7.5 - 公司名称) Hidden
Corel Home Office - CT Templates (Version: 5.7.5 - 您的公司名稱) Hidden
Corel Home Office - IPM (Version: 5.7.5 - Corel Corporation) Hidden
Corel Home Office - JP Templates (Version: 5.7.5 - 会社名) Hidden
Corel Home Office - KR Templates (Version: 5.7.5 - 회사명) Hidden
Corel Home Office - Launcher (Version: 5.7.5 - Corel Corporation) Hidden
Corel Home Office - Templates RU (Version: 5.7 - Название организации) Hidden
Corel Home Office - Templates1 (Version: 5.7.5 - Your Company Name) Hidden
Corel Home Office (HKLM\...\_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}) (Version: 5.0.89.661 - Corel Corporation)
Corel Home Office (Version: 5.7.5 - Corel Corporation) Hidden
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.4020 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 5.0.1.5 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (HKLM\...\Drive Encryption) (Version: 5.0.6.0 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (Version: 5.0.6.0 - Hewlett-Packard) Hidden
Dropbox (HKLM\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DUNA 2011.1.55 (HKLM\...\DUNA 2011.1) (Version: 2011.1.55 - TILL CONSULT a.s.)
DUNA 2011.3.69 (HKLM\...\DUNA 2011.3) (Version: 2011.3.69 - TILL CONSULT a.s.)
dynazip5 (Version: 1.1.0.0 - TILL CONSULT) Hidden
dynazip5 (Version: 1.2.0.0 - TILL CONSULT) Hidden
EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation)
EurotelSMS 2.42.4 (HKLM\...\EurotelSMS_is1) (Version: - ZDAR)
Face Recognition for HP ProtectTools (HKLM\...\InstallShield_{CB65A1C3-533D-4EA6-82B5-FBA926F19079}) (Version: 2.01.651 - Hewlett-Packard)
Face Recognition for HP ProtectTools (Version: 2.01.651 - Hewlett-Packard) Hidden
Fiddler (HKLM\...\Fiddler2) (Version: 4.6.1.5 - Telerik)
File Sanitizer For HP ProtectTools (HKLM\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 5.0.1.2 - Hewlett-Packard)
FileMaker Pro 11 (HKLM\...\{EACCC991-8E8C-4397-8854-349506741FC9}_FileMaker) (Version: 11.0.1.0 - FileMaker, Inc.)
FileMaker Pro 11 (Version: 11.0.1.0 - FileMaker, Inc.) Hidden
HASP Device Drivers (HKLM\...\HASP Device Drivers) (Version: - )
Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{67C090D6-109A-47D7-8DED-4160C4D96F32}) (Version: 4.0.4.1 - Hewlett-Packard)
HP Advisor (HKLM\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM\...\{871732B3-1EE5-4C54-8462-8BFF516880B7}) (Version: 1.0.5.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{0497B553-0E3F-4CCD-BE13-E28F1A54B318}) (Version: 3.5.13.1 - Hewlett-Packard Company)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
HP Power Assistant (HKLM\...\{6E26ED44-213F-4455-A417-4FF4E161016D}) (Version: 2.0.5.1 - Hewlett-Packard Company)
HP Power Data (HKLM\...\{E366F338-BF6E-4165-BDDB-3DCCB3388F9F}) (Version: 1.0.7.77 - Hewlett-Packard)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.12.754 - Hewlett-Packard Company)
HP QuickLook (HKLM\...\{8B49BD5E-C896-4F65-95DC-3F84424226E8}) (Version: 3.2.0.14 - Hewlett-Packard)
HP QuickWeb (HKLM\...\{7861911B-4270-498A-8F7A-FCF0570F485D}) (Version: 1.0.1.53 - DeviceVM, Inc.)
HP Setup (HKLM\...\{1E6219D4-027E-47EE-AB83-DD2F26E31A32}) (Version: 1.2.3557.3169 - Hewlett-Packard)
HP SoftPaq Download Manager (HKLM\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{2712DAD6-C1F7-4295-B06E-17D6DC62EC20}) (Version: 3.5.13.1 - Hewlett-Packard Company)
HP Software Setup (HKLM\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.5 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.3.34.7 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM\...\{79CA8D8A-8371-4146-8920-C1405318E65E}) (Version: 12.5.32.37 - Hewlett-Packard Company)
HP User Guides 0189 (HKLM\...\{3BDB9B89-56B5-4953-B052-AEB75FCBFC93}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wallpaper (HKLM\...\{F173C2B3-296F-458C-98FF-1676A42EBA02}) (Version: 1.0.1.3 - Hewlett-Packard Company)
HP Webcam Driver (HKLM\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0024 - Realtek Semiconductor Corp.)
HP Wireless Assistant (HKLM\...\{0279C882-B150-44B6-A769-A7C8A2F31CE3}) (Version: 4.0.3.2 - Hewlett-Packard)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Internet Manager (HKLM\...\Tmobile_Czech Estoril Internet Manager_is1) (Version: - T-mobile)
Java(TM) 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.260 - Oracle)
JSignPdf 1.6.1 (HKLM\...\JSignPdf_is1) (Version: 1.6.1 - Josef Cacek)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LightScribe System Software (HKLM\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
Malwarebytes verze 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
MFCDLL Shared Library - Retail Version (Version: 6.0.8665.0 - Unknown) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.7 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 cs) (HKLM\...\Mozilla Firefox 50.1.0 (x86 cs)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSComm (Version: 6.0.81.69 - Unknown) Hidden
MSMAPI Controls (Version: 6.0.81.69 - Unknown) Hidden
MSXML 4.0 (Version: 4.20.9818.0 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Norton Online Backup (HKLM\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.20.0 - Symantec)
O2 (HKLM\...\O2CZ) (Version: - O2)
OKI Network Extension (HKLM\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.112 - PDF Complete, Inc)
Pomocník při upgradu na Windows 10 (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Posodobitev za Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0424-0000-0000000FF1CE}_PROHYBRIDR_{FD705E62-13B4-4BF5-A4B2-A7599309751B}) (Version: - Microsoft)
Posodobitev za Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0424-0000-0000000FF1CE}_PROHYBRIDR_{045DC059-1CCC-47B9-BA35-713E269D33B8}) (Version: - Microsoft)
Posodobitev za Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0424-0000-0000000FF1CE}_PROHYBRIDR_{AD1C31E7-4856-4887-9307-1ABDE0F2DF7C}) (Version: - Microsoft)
Pre-Boot Security for HP ProtectTools (Version: 5.0.7.1 - Hewlett-Packard) Hidden
Privacy Manager for HP ProtectTools (HKLM\...\{142D2DFA-1FB7-41B9-8509-DAB5F3978CE4}) (Version: 5.01.734 - Hewlett-Packard)
ProhlĂ­ĹľeÄŤ Seznam.cz (HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\Seznam Browser) (Version: - Seznam.cz a.s.)
QuarkXPress (HKLM\...\{706EA4A8-97B5-4C29-A0F3-0B38C666F0C4}) (Version: 8.00.0000 - Quark Inc.)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30109 - Realtek Semiconductor Corp.)
SafeZone Stable 1.51.2220.62 (Version: 1.51.2220.62 - Avast Software) Hidden
ScanSoft PaperPort 11 (HKLM\...\{5C4ED859-875F-4299-AA2C-E0E393BDCD21}) (Version: 11.2.0000 - Nuance Communications, Inc.)
SDK (Version: 2.26.012 - Portrait Displays, Inc.) Hidden
Signer 4.5 (HKLM\...\{ADB7D0AC-9611-4AA9-8863-4066E2ADF197}) (Version: 4.5 - Asseco Czech Republic, a. s.)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.29 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Software602 Form Filler (HKLM\...\{892994D3-5963-4877-A8DB-629607E8E928}) (Version: 4.12 - Software602 a.s.)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA CZ Profi (HKLM\...\{AF2D7969-6B3D-4998-A977-11AF5EC61812}) (Version: 11400.175 - STORMWARE)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
SysInfo (Version: 6.0.81.69 - Unknown) Hidden
tcofonty (Version: 2.2.0.0 - Unknown) Hidden
Theft Recovery (HKLM\...\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.18 - Hewlett-Packard)
Theft Recovery (Version: 5.1.0.18 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Validity Fingerprint Driver (HKLM\...\{5DCBD841-3768-4D3A-8517-65BFB87E05D3}) (Version: 4.0.10.0 - Validity Sensors, Inc.)
Video Grabber (HKLM\...\{65C3253A-E984-4769-BC33-CBC8F059C408}) (Version: 1.00.0000 - dexatek)
Web'n'walk Manager (HKLM\...\T-Mobile Communication Centre) (Version: 2011-03-08 - Gemfor s.r.o.)
Windows 7 Default Setting (HKLM\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.4 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\B7541EC5F72AA713F557569278EB6273725F5607) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
WinZip 12.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. )
XStandard - http activex (Version: 1.0.0.0 - XStandard ) Hidden
Zemana AntiMalware (HKLM\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.262 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{20C62CA0-15DA-101B-B9A8-444553540000}\InprocServer32 -> C:\windows\system32\msmapi32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{20C62CAB-15DA-101B-B9A8-444553540000}\InprocServer32 -> C:\windows\system32\msmapi32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}\InprocServer32 -> C:\windows\system32\richtx32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{648A5600-2C6E-101B-82B6-000000000014}\InprocServer32 -> C:\windows\system32\mscomm32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{648A5604-2C6E-101B-82B6-000000000014}\InprocServer32 -> C:\windows\system32\mscomm32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\Roman\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe => (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{6FBA474B-43AC-11CE-9A0E-00AA0062BB4C}\InprocServer32 -> C:\windows\system32\sysinfo.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{78E5A540-1850-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\windows\system32\richtx32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{AFC634B0-4B8B-11CF-8989-00AA00688B10}\InprocServer32 -> C:\windows\system32\richtx32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{BB1AE0D0-634E-11CF-8996-00AA00688B10}\InprocServer32 -> C:\windows\system32\msmapi32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{BB1AE0D1-634E-11CF-8996-00AA00688B10}\InprocServer32 -> C:\windows\system32\msmapi32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{D0FC8A81-2CB2-101B-82B6-000000000014}\InprocServer32 -> C:\windows\system32\mscomm32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{E0DC8C80-3486-101B-82B6-000000000014}\InprocServer32 -> C:\windows\system32\mscomm32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\windows\system32\mscomct2.ocx (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06E4C1E0-2526-4978-ACDC-F57698D04D57} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0B41926C-3901-4DC3-98DE-80454D5EA48A} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {0CFDAB18-ADBC-464F-8BDB-0AB557DEDDB0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {0E489683-76D7-46DD-863F-EBE9C0121950} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {11B77C93-E14F-4225-947C-EDE4A1024C47} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {1437016F-8818-4E05-A983-B3465288B5B1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {168FAB74-803B-4059-BAD0-2C42312B4354} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {284FB831-21BF-4B1D-A5F5-550801BFD5A3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {2BFD2ACA-DEE9-4780-92F1-CCA9E189C9E9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-09-15] (Dropbox, Inc.)
Task: {33883DDD-5C99-4820-8B79-2112621F500A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-12-19] (AVAST Software)
Task: {3734AE8E-225D-4A4B-BB70-0979E5D2A863} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3B4448F9-76F8-4B8A-BC23-ECC29EDD3A22} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {3D92AD93-CA8C-49D4-9D5F-EE2F1BCEBF0A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3EC12C3F-FF11-4A9D-8978-5F6D1BCE4BF1} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4312E4AA-94A3-4B65-A64C-963212D7C575} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-09-15] (Dropbox, Inc.)
Task: {43FD3634-2028-48FB-A1E4-C66E4D5527EE} - System32\Tasks\{74FD87E2-A713-4A0A-A2C6-17778251E8C6} => pcalua.exe -a D:\Drivers\devsetup32.exe -d D:\Drivers
Task: {45902663-1F51-4595-9BC7-EFAEDC32EC2A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {46DB9C2B-CF8F-49A7-AE4C-206B456858F7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4DA2D5CB-6CE6-440B-B52C-DAF7BBC84323} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {563C580E-DF9F-4554-B647-F2A17231E434} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {627E0BC5-6D3E-4134-9D13-95F4BC73CA50} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {62937D8C-A6B2-4116-98A3-A9A5263BC8C1} - System32\Tasks\{F3E75E67-FD49-4311-88DE-66254BDB64BE} => pcalua.exe -a C:\Users\Roman\Desktop\E-POMOC.exe -d C:\Users\Roman\Desktop
Task: {62E84DC3-33E9-4E91-B749-01503D7AA8A6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6BB26D59-6F58-4BD8-9372-3CBA1085CB86} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6C2A0739-30A5-4D4C-B8E8-2DD17C552557} - System32\Tasks\SafeZone scheduled Autoupdate 1482142572 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {6DCF6BC5-176F-454E-9871-9F27C1D30F2D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6E48111A-B593-43BD-B1B4-664688AE47B5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {715A267C-3E1D-446E-91AA-B8B3EC0C92C6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7745A658-7BA2-48DE-86D2-F3672770CF29} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {851FF758-6DF0-4E1B-9136-227B471088B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {871ADFC0-DBCF-4493-9789-80BBC912B771} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {90BE2BE1-094F-4916-B594-63CB5E13E3C5} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A035818B-EA28-4DE1-9E60-6BFB1D08CC91} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {A0F2E41D-2C0F-439B-923D-7FC55D3DA069} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {A327F50D-918A-4661-B155-0B6E8B03083A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A415A31F-0CB0-46A3-9ABB-6CF2C364E649} - System32\Tasks\HPCeeScheduleForRoman => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: {A4FD9448-B0F0-431C-8ADF-585C908DCE0C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11] (Apple Inc.)
Task: {A63C1001-074E-4763-B808-16FB78C494BB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6F49F81-CD43-489C-A70B-25C654E20762} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A9B74FA0-9F9C-4842-99FD-B704B492D610} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BD142090-A170-4DB0-BF23-C34924A1251D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C15C0EB9-4CD9-4D6F-BAE7-D3B06FB51082} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C973F2CE-3CBA-468C-9C66-CDC6DBADB46F} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {CB8A94D3-AC37-45AF-95A9-D389E1790ABE} - System32\Tasks\{ED9EC1EA-A9EE-45B6-BAE1-E21D1E6002C6} => pcalua.exe -a D:\Drivers\DataCard_Setup32.exe -d D:\Drivers
Task: {CBA9AC80-90F3-4C3F-B32A-1826EA0DF79D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {CD51F468-603B-4D50-8B2A-EC03022D5A71} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D0401C9A-9E2B-4B48-B281-3541FB6AEF03} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {D4B9F2EB-41DE-4C19-921C-BD9ECF26FF07} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {D73D10F9-677F-430E-A093-C897DD74C918} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D918DA94-C033-4445-9A98-999773620149} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DCBA1269-38AF-4D0E-8839-55D267FFB0BB} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {E1E49A2A-8CC5-4207-9638-A7F7FE7C618F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E40937B2-5EB2-450F-9C14-7072E4B5EC45} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {EB3AE000-E1AC-41FF-9C72-BCC60E84D51E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2AD6351-6772-49C3-924F-7792EB483C89} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F943A08E-F470-487B-BBAA-3C33F3AB56FD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {FF386E96-8AE0-4320-9184-8C6151DE667E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForRoman.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-12-19 11:12 - 2016-12-19 11:12 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-12-19 11:12 - 2016-12-19 11:12 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-01-01 21:46 - 2017-01-01 21:46 - 03131344 _____ () C:\Program Files\AVAST Software\Avast\defs\17010100\algo.dll
2009-12-11 20:20 - 2009-12-11 20:20 - 00648464 _____ () C:\WINDOWS\SYSTEM32\SUPSDK.dll
2010-04-20 07:10 - 2010-04-20 07:10 - 00079360 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2011-11-18 09:20 - 2008-12-31 05:31 - 00247152 ____R () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2016-11-10 18:45 - 2014-12-11 11:24 - 00076584 _____ () C:\Program Files\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
2016-12-29 11:01 - 2016-12-14 12:55 - 01729312 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-29 11:01 - 2016-12-14 12:55 - 01713104 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-29 11:01 - 2016-12-14 12:55 - 02084304 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2013-10-31 17:27 - 2011-08-01 11:02 - 00886272 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2016-05-20 07:33 - 2016-05-20 07:33 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2009-11-17 23:39 - 2009-11-17 23:39 - 00329272 _____ () C:\WINDOWS\SYSTEM32\flcdlmsg.dll
2012-11-26 22:54 - 2012-11-26 22:54 - 00094208 _____ () C:\WINDOWS\System32\IccLibDll.dll
2010-08-13 13:07 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2016-11-10 18:45 - 2014-12-11 11:19 - 00159016 _____ () C:\Program Files\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe
2016-12-19 11:13 - 2016-12-19 11:13 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-09-30 00:25 - 2009-09-30 00:25 - 00061440 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-09-30 00:25 - 2009-09-30 00:25 - 00131072 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-09-30 00:25 - 2009-09-30 00:25 - 00040960 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-09-30 00:25 - 2009-09-30 00:25 - 00005632 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-09-30 00:25 - 2009-09-30 00:25 - 00018944 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-09-30 00:25 - 2009-09-30 00:25 - 00036864 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-09-30 00:25 - 2009-09-30 00:25 - 00007680 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
2009-06-17 20:40 - 2009-06-17 20:40 - 02121728 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2009-06-17 20:40 - 2009-06-17 20:40 - 07745536 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2009-06-17 20:40 - 2009-06-17 20:40 - 00135168 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2016-12-17 11:20 - 2016-12-17 11:20 - 01244376 _____ () C:\Users\Roman\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-05-20 08:12 - 2016-05-20 08:12 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-05-20 08:12 - 2016-05-20 08:12 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-20 08:12 - 2016-05-20 08:12 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-10-30 06:44 - 2015-10-30 06:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-05-20 07:33 - 2016-05-20 07:33 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2010-08-12 23:15 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2016-12-31 14:16 - 2016-12-31 14:16 - 00129392 _____ () C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll
2016-02-13 12:54 - 2016-02-13 12:54 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-20 07:33 - 2016-05-20 07:33 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\cpzp.cz -> hxxps://portal.cpzp.cz
IE trusted site: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\mojebanka.cz -> hxxps://www.mojebanka.cz
IE trusted site: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\mojedatovaschranka.cz -> hxxps://www.mojedatovaschranka.cz
IE trusted site: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\ozp.cz -> hxxps://portal.ozp.cz
IE trusted site: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\portalzp.cz -> hxxps://www.portalzp.cz
IE trusted site: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\postsignum.cz -> hxxps://www.postsignum.cz
IE trusted site: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\rbp-zp.cz -> hxxps://portal.rbp-zp.cz
IE trusted site: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\vozp.cz -> hxxps://portal.vozp.cz
IE trusted site: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\zpma.cz -> hxxps://portal.zpma.cz
IE trusted site: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\zpskoda.cz -> hxxps://portal.zpskoda.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2016-12-31 16:11 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\AppData\Local\Microsoft\Windows\Themes\img10.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "NortonOnlineBackupReminder"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => LPort=808
FirewallRules: [{8D8FD61C-5F5E-4554-8716-9F867B4EF9DE}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A5428D11-B936-4C26-8E22-B2BF6BD309A0}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C59A9D88-79D6-4169-B835-AD390D7687AA}] => C:\Program Files\Fiddler2\Fiddler.exe
FirewallRules: [{79B3F2C5-984C-481A-A235-AC7DC0B95AB6}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F97DA39D-2B1F-4BBA-90F9-73471DF53498}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F71F3D25-F356-478B-B686-D926019595D5}] => C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{189B1887-CBAE-422A-9398-2190C9A811A5}] => C:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{E30D3C49-4AA5-49C1-B6A0-D40DC0856486}] => C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{2D5D0B2B-28B4-496D-AE92-6F65F3B9744E}] => LPort=1900
FirewallRules: [{3D986F1B-DD16-4F98-B8B0-FA37A5392A0A}] => LPort=2869
FirewallRules: [{64477FFA-0AFE-4893-9405-14C64FA3BAB1}] => C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5A639EEE-8F72-4463-B4BC-EE6A7F3061BB}] => C:\Program Files\Common Files\soft602\langserv.exe
FirewallRules: [{ADA65FDA-6E84-45EE-A039-777F7B4DA926}] => C:\Program Files\Common Files\soft602\langserv.exe
FirewallRules: [{14FEFED5-F7A5-4C57-AB4A-297E18D48B11}] => LPort=54925
FirewallRules: [{9C828B8E-DB2C-4D7B-BDD9-C75885259ED7}] => C:\Program Files\Brother\Brmfl07b\FAXRX.exe
FirewallRules: [{F7FF15FE-3117-4EDF-A206-0AEAC222F7A0}] => C:\Program Files\Brother\Brmfl07b\FAXRX.exe
FirewallRules: [{4AD9D07C-B9E8-4E4C-ABD2-5750A8A224AC}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B68E249B-9CEF-4C08-8D59-1064D6662B1F}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{83C46BD7-23F3-4F01-A214-DC0E0A84701E}] => C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{6A967B37-206F-457F-9A05-3D1A25CE4A84}] => C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
FirewallRules: [{DCB6261E-FBF3-44E9-8EA2-E52CF7D49A4F}] => C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
FirewallRules: [{92FEEE07-2138-4BE0-8A98-2264E7D580C2}] => C:\Program Files\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

19-12-2016 12:44:07 Windows Update
19-12-2016 12:44:42 Windows Update
23-12-2016 20:21:56 Windows Update
23-12-2016 20:22:34 Windows Update
27-12-2016 12:50:47 Windows Update
27-12-2016 12:51:24 Windows Update
30-12-2016 13:59:41 JRT Pre-Junkware Removal
30-12-2016 15:02:54 JRT Pre-Junkware Removal
31-12-2016 16:10:20 zoek.exe restore point

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

SpouçtŘnˇ slu§by Protokol ud lostˇ syst‚mu Windows.
Slu§bu Protokol ud lostˇ syst‚mu Windows nelze spustit.

Doçlo k chybŘ syst‚mu.

Doçlo k syst‚mov‚ chybŘ 3.

Syst‚m nem…§e nal‚zt uvedenou cestu.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 53%
Total physical RAM: 2927.43 MB
Available physical RAM: 1361.33 MB
Total Virtual: 3129.88 MB
Available Virtual: 1031.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:280.8 GB) (Free:197.75 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:0.74 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 58054A99)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=280.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================

[Nightingale]

Ted jsem si vsiml jeste jednoho problemu a to je to, ze mi nejede windows live mail. Pise to, ze je bud nedostatek pameti (coz neni) nebo, ze je spatne nainstalovan. Jde to nejak opravit nebo to mam rovnou preinstalovat?

edit: uz se mi to povedlo opravit

[jaro3]

Odinstaluj:
Vše od McAfee


V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\WINDOWS\system32\Drivers\mbae.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Aktualizuj javu:
http://www.oracle.com/technetwork/java/ ... 33155.html
Java SE Runtime Environment 8

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-8-windows-i586-p.exe nebo
jre-8-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.


Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\MountPoints2: {56b47ca6-a756-11e6-8755-002713c7098f} - "D:\autorun.exe"
Lsa: [Notification Packages] DPPassFilter scecli
SearchScopes: HKLM -> DefaultScope {6537C524-DDDB-4964-B1C7-A9C977A0B269} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {6537C524-DDDB-4964-B1C7-A9C977A0B269} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002 -> DefaultScope {6537C524-DDDB-4964-B1C7-A9C977A0B269} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002 -> {6537C524-DDDB-4964-B1C7-A9C977A0B269} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002 -> {F5695065-E409-4595-A611-6DF0B7AE4F98} URL = hxxp://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\ProgramData\KGyGaAvL.sys
C:\ProgramData\ezsidmv.dat
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
Task: {168FAB74-803B-4059-BAD0-2C42312B4354} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3B4448F9-76F8-4B8A-BC23-ECC29EDD3A22} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {46DB9C2B-CF8F-49A7-AE4C-206B456858F7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {627E0BC5-6D3E-4134-9D13-95F4BC73CA50} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6BB26D59-6F58-4BD8-9372-3CBA1085CB86} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6DCF6BC5-176F-454E-9871-9F27C1D30F2D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6E48111A-B593-43BD-B1B4-664688AE47B5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {871ADFC0-DBCF-4493-9789-80BBC912B771} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {BD142090-A170-4DB0-BF23-C34924A1251D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C973F2CE-3CBA-468C-9C66-CDC6DBADB46F} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {D4B9F2EB-41DE-4C19-921C-BD9ECF26FF07} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {E40937B2-5EB2-450F-9C14-7072E4B5EC45} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {F2AD6351-6772-49C3-924F-7792EB483C89} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F943A08E-F470-487B-BBAA-3C33F3AB56FD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[Nightingale]

Ted se mi stala jeste jedna vec, kdyz jsem se snazil jit pres ovladaci panely do "programy a funkce" , tak se poprve vse vyplo a vyskocilo to na plochu. Vesel jsem do nabidky programu podruhe a pc se cely resetoval, nacetl se docasny profil, kde nebyly moje soubory (ale nebyl to nouzovy rezim).

[Nightingale]

https://www.virustotal.com/cs/file/648a ... 483353949/

udelal jsem to i tady, tady to neco naslo:

http://r.virscan.org/report/237ddf03618 ... 623718d493

jakej je u te javy rozdil mezi "8u112" a "8u111"? To druhe je starsi verze?

Fix result of Farbar Recovery Scan Tool (x86) Version: 01-01-2017
Ran by Roman (02-01-2017 13:10:24) Run:1
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\...\MountPoints2: {56b47ca6-a756-11e6-8755-002713c7098f} - "D:\autorun.exe"
Lsa: [Notification Packages] DPPassFilter scecli
SearchScopes: HKLM -> DefaultScope {6537C524-DDDB-4964-B1C7-A9C977A0B269} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {6537C524-DDDB-4964-B1C7-A9C977A0B269} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002 -> DefaultScope {6537C524-DDDB-4964-B1C7-A9C977A0B269} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002 -> {6537C524-DDDB-4964-B1C7-A9C977A0B269} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002 -> {F5695065-E409-4595-A611-6DF0B7AE4F98} URL = hxxp://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\ProgramData\KGyGaAvL.sys
C:\ProgramData\ezsidmv.dat
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
Task: {168FAB74-803B-4059-BAD0-2C42312B4354} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3B4448F9-76F8-4B8A-BC23-ECC29EDD3A22} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {46DB9C2B-CF8F-49A7-AE4C-206B456858F7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {627E0BC5-6D3E-4134-9D13-95F4BC73CA50} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6BB26D59-6F58-4BD8-9372-3CBA1085CB86} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6DCF6BC5-176F-454E-9871-9F27C1D30F2D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6E48111A-B593-43BD-B1B4-664688AE47B5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {871ADFC0-DBCF-4493-9789-80BBC912B771} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {BD142090-A170-4DB0-BF23-C34924A1251D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C973F2CE-3CBA-468C-9C66-CDC6DBADB46F} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {D4B9F2EB-41DE-4C19-921C-BD9ECF26FF07} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {E40937B2-5EB2-450F-9C14-7072E4B5EC45} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {F2AD6351-6772-49C3-924F-7792EB483C89} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F943A08E-F470-487B-BBAA-3C33F3AB56FD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{56b47ca6-a756-11e6-8755-002713c7098f} => key removed successfully.
HKCR\CLSID\{56b47ca6-a756-11e6-8755-002713c7098f} => key not found.
HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6537C524-DDDB-4964-B1C7-A9C977A0B269} => key removed successfully.
HKCR\CLSID\{6537C524-DDDB-4964-B1C7-A9C977A0B269} => key not found.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key removed successfully.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6537C524-DDDB-4964-B1C7-A9C977A0B269} => key removed successfully.
HKCR\CLSID\{6537C524-DDDB-4964-B1C7-A9C977A0B269} => key not found.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F5695065-E409-4595-A611-6DF0B7AE4F98} => key removed successfully.
HKCR\CLSID\{F5695065-E409-4595-A611-6DF0B7AE4F98} => key not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} => key removed successfully.
HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => key not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} => key not found.
HKCR\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} => key not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => key removed successfully.
HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => key not found.
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully.
idsvc => service removed successfully.
HKLM\System\CurrentControlSet\Services\wpcsvc => key removed successfully.
wpcsvc => service removed successfully.
C:\ProgramData\KGyGaAvL.sys => moved successfully
C:\ProgramData\ezsidmv.dat => moved successfully
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0000002F-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0002E005-0000-0000-C000-000000000046} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6} => key removed successfully.
HKU\S-1-5-21-2965035555-1507124462-2575329643-1002_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{168FAB74-803B-4059-BAD0-2C42312B4354} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{168FAB74-803B-4059-BAD0-2C42312B4354} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B4448F9-76F8-4B8A-BC23-ECC29EDD3A22} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B4448F9-76F8-4B8A-BC23-ECC29EDD3A22} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46DB9C2B-CF8F-49A7-AE4C-206B456858F7} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46DB9C2B-CF8F-49A7-AE4C-206B456858F7} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{627E0BC5-6D3E-4134-9D13-95F4BC73CA50} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{627E0BC5-6D3E-4134-9D13-95F4BC73CA50} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6BB26D59-6F58-4BD8-9372-3CBA1085CB86} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BB26D59-6F58-4BD8-9372-3CBA1085CB86} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DCF6BC5-176F-454E-9871-9F27C1D30F2D} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DCF6BC5-176F-454E-9871-9F27C1D30F2D} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E48111A-B593-43BD-B1B4-664688AE47B5} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E48111A-B593-43BD-B1B4-664688AE47B5} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{871ADFC0-DBCF-4493-9789-80BBC912B771} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{871ADFC0-DBCF-4493-9789-80BBC912B771} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD142090-A170-4DB0-BF23-C34924A1251D} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD142090-A170-4DB0-BF23-C34924A1251D} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C973F2CE-3CBA-468C-9C66-CDC6DBADB46F} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C973F2CE-3CBA-468C-9C66-CDC6DBADB46F} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4B9F2EB-41DE-4C19-921C-BD9ECF26FF07} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4B9F2EB-41DE-4C19-921C-BD9ECF26FF07} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E40937B2-5EB2-450F-9C14-7072E4B5EC45} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E40937B2-5EB2-450F-9C14-7072E4B5EC45} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2AD6351-6772-49C3-924F-7792EB483C89} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2AD6351-6772-49C3-924F-7792EB483C89} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F943A08E-F470-487B-BBAA-3C33F3AB56FD} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F943A08E-F470-487B-BBAA-3C33F3AB56FD} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15299073 B
Java, Flash, Steam htmlcache => 697 B
Windows/system/drivers => 333070 B
Edge => 13487921 B
Chrome => 0 B
Firefox => 53216302 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 52429 B
NetworkService => 775310 B
Roman => 71459758 B
DefaultAppPool => 16674 B

RecycleBin => 19698 B
EmptyTemp: => 147.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:12:31 ====

[jaro3]

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.

Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..


Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

[Nightingale]

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 10586] (x86)
Date : 2017/01/04 6:52:15

-- Controller Map ----------------------------------------------------------
+ Intel(R) PCHM SATA AHCI Controller 6 Port [ATA]
- TOSHIBA MK3256GSY
- hp DVD RW AD-7701H
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MK3256GSY : 320,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) TOSHIBA MK3256GSY
----------------------------------------------------------------------------
Model : TOSHIBA MK3256GSY
Firmware : LH013C
Serial Number : 209CF8BJS
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 13424 hod.
Power On Count : 2060 krát
Temperature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : C: F:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __2 000000000858 Čas na roztočení ploten
04 100 100 __0 00000000080C Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _67 _67 __0 000000003470 Hodin v činnosti
0A 141 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 00000000080C Počet cyklů zapnutí zařízení
B7 100 100 __1 000000000000 Specifický pro výrobce
B8 100 100 _97 000000000000 Ukončovacích chyb
B9 100 100 __1 00000000FFFF Specifický pro výrobce
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __1 000000000000 Vysoká rychlost zápisu
BE _67 _54 _45 000025120021 Teplota toku vzduchu
BF 100 100 __0 00000000005D Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000670067 Počet vypnutí disku
C1 _81 _81 __0 000000030A8C Počet cyklů načítání/vymazání
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2032 3039 4346 3842 4A53
020: 0000 8000 0004 4C48 3031 3343 2020 544F 5348 4942
030: 4120 4D4B 3332 3536 4753 5920 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D06 0000 004C 004C
080: 01F8 0000 706B 7C09 6123 7069 BC09 6123 203F 0028
090: 0028 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 4000 0000 5000 0392
110: 56D0 2DF5 0000 0000 0000 0000 0000 0000 0000 4014
120: 4014 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0033 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 28A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 64 64 00 00 00 00 00 00 00 02 07
010: 00 64 64 00 00 00 00 00 00 00 03 03 00 64 64 58
020: 08 00 00 00 00 00 04 32 00 64 64 0C 08 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0F
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 43 43 70 34 00 00 00
060: 00 00 0A 13 00 8D 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 0C 08 00 00 00 00 00 B7 22 00 64 64 00
080: 00 00 00 00 00 00 B8 33 00 64 64 00 00 00 00 00
090: 00 00 B9 32 00 64 64 FF FF 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BD 3A 00 64 64 00 00 00 00 00
0C0: 00 00 BE 22 00 43 36 21 00 12 25 00 00 00 BF 32
0D0: 00 64 64 5D 00 00 00 00 00 00 C0 32 00 64 64 67
0E0: 00 67 00 00 00 00 C1 32 00 51 51 8C 0A 03 00 00
0F0: 00 00 C4 32 00 64 64 00 00 00 00 00 00 00 C5 12
100: 00 64 64 00 00 00 00 00 00 00 C7 3E 00 C8 C8 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 51
170: 03 00 01 00 02 4F 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0B

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 02 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 B7 01 00 00 00 00
080: 00 00 00 00 00 00 B8 61 00 00 00 00 00 00 00 00
090: 00 00 B9 01 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BD 01 00 00 00 00 00 00 00 00
0C0: 00 00 BE 2D 00 00 00 00 00 00 00 00 00 00 BF 00
0D0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0E0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0F0: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
100: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 86

[jerabina]

Zdravím, co výsledku z Memtestu?

+ prosím udělejte po nějaké době(třeba dnes večer) log z Crystal Disk Info znovu, aby jsme se ujistili, že se neničí motorek disku.

[Nightingale]

Ahoj, testy bez chyb, jen jsem nevedel jestli mam udelat 2 testy po sobe nebo pustit dva soubezne, tka jsem udelal oboji. Dva testy soucasne jsem nechal jet celou noc a rano byly oba s "0 errors"

[jaro3]

souběžně , takže RAM OK.

000000000858 Čas na roztočení ploten
večer nebo spíš ráno udělej znovu CDI