Vir zahlcující RAM
Napsal: 29 kvě 2015 08:55
Zdravím,
něco se mi sem dostalo a potřebuji s tím pomoc.
Úplně to zahltilo operační paměť a v normálním režimu nejsem schopný s Počítačem udělat vůbec nic. Takže log z FIRST je z Nouzového Režimu.
Prosím o pomoc.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05-2015 01
Ran by nemecp (administrator) on NTB-ZUZANA on 29-05-2015 09:50:59
Running from C:\Users\nemecp\Desktop
Loaded Profiles: nemecp (Available Profiles: zuzana & janm & zbynekv & nemecp & ova)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\nemecp\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2731304 2011-03-24] (Synaptics Incorporated)
HKLM\...\Run: [TPHOTKEY] => C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [69560 2010-07-27] (Lenovo Group Limited)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11821160 2011-05-09] (Realtek Semiconductor)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2011-02-28] (Lenovo Group Limited)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [4148664 2014-04-04] (ESET)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-31] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [openvpn-gui] => C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe [436776 2013-06-14] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\...\Policies\Explorer: [NoAutoTrayNotify] 1
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\...\Policies\Explorer: [NoPropertiesRecycleBin] 1
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\...\MountPoints2: {4032ecc6-a701-11e0-bc66-806e6f6e6963} - Q:\LenovoQDrive.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-07-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3086065964-2013533356-904573443-6885\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {75CD1527-AC97-4303-AE4E-F8153DFC4BF0} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {75CD1527-AC97-4303-AE4E-F8153DFC4BF0} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-01-13] (Sun Microsystems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.3.15.1 10.3.2.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2012-01-13] (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2014-06-25]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR Profile: C:\Users\nemecp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Skype Click to Call) - C:\Users\nemecp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-29]
CHR Extension: (Google Wallet) - C:\Users\nemecp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AuditPro Scan; C:\Program Files (x86)\AuditPro Scan\Scan.exe [2603328 2014-11-24] (truconneXion, a. s.)
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [477032 2011-04-18] (Lenovo.)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [42048 2014-04-04] (ESET)
S2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1029704 2014-04-04] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [191368 2014-04-04] (ESET)
S2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [81024 2015-03-23] (The OpenVPN Project)
S2 OpenVPNServiceInteractive; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [81024 2015-03-23] (The OpenVPN Project)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S2 PwmEWSvc; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [143360 2011-04-18] () [File not signed]
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2011-03-24] (Realtek Semiconductor)
S2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2010-11-25] (Lenovo Group Limited) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [219696 2014-04-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [185224 2013-09-09] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [155896 2013-09-09] (ESET)
S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [147096 2013-09-09] (ESET)
S2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2011-08-19] (The OpenVPN Project)
S3 vwmfbus; C:\Windows\System32\DRIVERS\vwmfbus.sys [127488 2009-11-11] (MCCI Corporation)
S3 vwmfdiag; C:\Windows\System32\DRIVERS\vwmfdiag.sys [128512 2009-11-11] (MCCI Corporation)
S3 vwmfmdfl; C:\Windows\System32\DRIVERS\vwmfmdfl.sys [18944 2009-11-11] (MCCI Corporation)
S3 vwmfmdm; C:\Windows\System32\DRIVERS\vwmfmdm.sys [161280 2009-11-11] (MCCI Corporation)
S3 vwmfserd; C:\Windows\System32\DRIVERS\vwmfserd.sys [128512 2009-11-11] (MCCI Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-29 09:50 - 2015-05-29 09:51 - 00013014 _____ () C:\Users\nemecp\Desktop\FRST.txt
2015-05-29 09:50 - 2015-05-29 09:51 - 00000000 ____D () C:\FRST
2015-05-29 09:49 - 2015-05-29 09:49 - 00112640 _____ (forum.viry.cz) C:\Users\nemecp\Downloads\FRSTLauncher.exe
2015-05-29 09:49 - 2015-05-29 09:49 - 00112640 _____ (forum.viry.cz) C:\Users\nemecp\Desktop\FRSTLauncher.exe
2015-05-29 09:49 - 2015-05-29 09:48 - 02108928 _____ (Farbar) C:\Users\nemecp\Desktop\FRST64.exe
2015-05-29 09:48 - 2015-05-29 09:48 - 02108928 _____ (Farbar) C:\Users\nemecp\Downloads\FRST64.exe
2015-05-29 09:48 - 2015-05-29 09:48 - 00000000 ____D () C:\Users\nemecp\AppData\Roaming\WinRAR
2015-05-29 09:25 - 2015-05-29 09:25 - 00118744 _____ () C:\Users\nemecp\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-29 09:25 - 2015-05-29 09:25 - 00001434 _____ () C:\Users\nemecp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-29 09:25 - 2015-05-29 09:25 - 00001400 _____ () C:\Users\nemecp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-05-29 09:25 - 2015-05-29 09:25 - 00000000 ____D () C:\Users\nemecp\Documents\Bluetooth Exchange Folder
2015-05-29 09:25 - 2015-05-29 09:25 - 00000000 ____D () C:\Users\nemecp\AppData\Roaming\Lenovo
2015-05-29 09:25 - 2015-05-29 09:25 - 00000000 ____D () C:\Users\nemecp\AppData\Local\Sophos
2015-05-29 09:25 - 2015-05-29 09:25 - 00000000 ____D () C:\Users\nemecp\AppData\Local\Google
2015-05-29 09:25 - 2015-05-29 09:25 - 00000000 ____D () C:\Users\nemecp\AppData\Local\Broadcom
2015-05-29 09:24 - 2015-05-29 09:25 - 00000000 ____D () C:\Users\nemecp
2015-05-29 09:24 - 2015-05-29 09:24 - 00103914 __RSH () C:\Users\nemecp\ntuser.pol
2015-05-29 09:24 - 2015-05-29 09:24 - 00000020 ___SH () C:\Users\nemecp\ntuser.ini
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Šablony
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Soubory cookie
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Poslední
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Okolní tiskárny
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Okolní síť
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Nabídka Start
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Dokumenty
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Documents\Obrázky
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Documents\Hudba
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Documents\Filmy
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Data aplikací
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\AppData\Local\Data aplikací
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 ____D () C:\Users\nemecp\AppData\Roaming\Intel
2015-05-29 09:24 - 2015-02-26 09:00 - 00000000 __SHD () C:\Users\nemecp\Desktop\%APPDATA%
2015-05-29 09:24 - 2015-02-26 09:00 - 00000000 ____D () C:\Users\nemecp\AppData\Roaming\Adobe
2015-05-29 09:24 - 2011-10-20 15:09 - 00000000 ____D () C:\Users\nemecp\AppData\Local\Microsoft Help
2015-05-29 09:24 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\nemecp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-29 09:24 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\nemecp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-29 09:06 - 2015-05-29 09:09 - 00000000 ____D () C:\AdwCleaner
2015-05-29 09:06 - 2015-05-29 09:04 - 02223104 _____ () C:\Users\zuzana\Desktop\adwcleaner_4.205.exe
2015-05-19 08:31 - 2015-05-29 08:43 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA1d091fd6b62c23f.job
2015-05-19 08:31 - 2015-05-19 08:31 - 00003942 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA1d091fd6b62c23f
2015-05-18 08:17 - 2015-05-29 08:43 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d091325a0725d4.job
2015-05-18 08:17 - 2015-05-18 08:17 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d091325a0725d4
2015-05-14 10:36 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-14 10:36 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-14 10:36 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-14 10:36 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-14 10:36 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-14 10:36 - 2015-04-04 05:29 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-14 10:36 - 2015-04-04 05:29 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-14 10:36 - 2015-04-04 05:22 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-14 10:36 - 2015-04-04 05:20 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-14 10:36 - 2015-04-04 05:20 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-14 10:36 - 2015-04-04 05:17 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-14 10:36 - 2015-04-04 05:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-14 10:36 - 2015-04-04 05:15 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-14 10:36 - 2015-04-04 05:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-14 10:36 - 2015-04-04 05:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-14 10:36 - 2015-04-04 05:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-14 10:36 - 2015-04-04 05:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-14 10:36 - 2015-04-04 05:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-14 10:36 - 2015-04-04 05:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-14 10:36 - 2015-04-04 05:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-14 10:36 - 2015-04-04 05:04 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-14 10:36 - 2015-04-04 05:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-14 10:36 - 2015-04-04 05:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-14 10:36 - 2015-04-04 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-14 10:36 - 2015-04-04 04:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-14 10:31 - 2015-04-20 05:16 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-14 10:31 - 2015-04-20 05:16 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-14 10:31 - 2015-04-20 04:55 - 01081344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-14 10:31 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-14 10:30 - 2015-04-10 18:54 - 17881088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-14 10:30 - 2015-04-10 18:44 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-14 10:30 - 2015-04-10 18:43 - 10935808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-14 10:30 - 2015-04-10 18:43 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-14 10:30 - 2015-04-10 18:39 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-14 10:30 - 2015-04-10 18:39 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-14 10:30 - 2015-04-10 18:38 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-14 10:30 - 2015-04-10 18:37 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-14 10:30 - 2015-04-10 18:37 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-14 10:30 - 2015-04-10 18:37 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-14 10:30 - 2015-04-10 18:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-05-14 10:30 - 2015-04-10 17:30 - 12379136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-14 10:30 - 2015-04-10 17:25 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-14 10:30 - 2015-04-10 17:25 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-14 10:30 - 2015-04-10 17:24 - 09750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-14 10:30 - 2015-04-10 17:21 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-14 10:30 - 2015-04-10 17:20 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-14 10:30 - 2015-04-10 17:20 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-14 10:30 - 2015-04-10 17:19 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-14 10:30 - 2015-04-10 17:19 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-14 10:30 - 2015-04-10 17:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-14 10:30 - 2015-04-10 17:19 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-14 10:30 - 2015-04-10 17:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-14 10:30 - 2015-04-10 17:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-05-14 10:30 - 2015-04-10 17:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-14 10:30 - 2015-04-10 17:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-14 10:30 - 2015-04-10 17:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-14 10:30 - 2015-04-10 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-14 10:30 - 2015-04-10 17:18 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-14 10:30 - 2015-04-10 17:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-14 10:30 - 2015-04-10 17:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-05-14 10:30 - 2015-04-10 17:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-05-14 10:30 - 2015-04-10 17:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-05-14 10:30 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-14 10:30 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-14 10:30 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-14 10:29 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 10:29 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 10:29 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-14 10:29 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-11 19:35 - 2015-05-11 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2015-05-11 19:34 - 2015-05-11 19:35 - 01387912 _____ () C:\Users\zuzana\Downloads\sslvpn_inst_zuzana@dcc.adler.info.exe
2015-04-30 13:11 - 2015-05-29 09:25 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-30 13:11 - 2015-05-29 08:43 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-30 13:11 - 2015-05-26 08:25 - 00002194 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-30 13:11 - 2015-05-18 08:17 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-30 13:11 - 2015-05-18 08:17 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-30 13:11 - 2015-04-30 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-30 13:10 - 2015-04-30 13:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-30 08:48 - 2015-04-30 08:48 - 00118744 _____ () C:\Users\zbynekv\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-30 08:48 - 2015-04-30 08:48 - 00001434 _____ () C:\Users\zbynekv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-30 08:48 - 2015-04-30 08:48 - 00001400 _____ () C:\Users\zbynekv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-04-30 08:48 - 2015-04-30 08:48 - 00000000 ____D () C:\Users\zbynekv\Documents\Bluetooth Exchange Folder
2015-04-30 08:48 - 2015-04-30 08:48 - 00000000 ____D () C:\Users\zbynekv\AppData\Roaming\WinRAR
2015-04-30 08:48 - 2015-04-30 08:48 - 00000000 ____D () C:\Users\zbynekv\AppData\Roaming\PwrMgr
2015-04-30 08:48 - 2015-04-30 08:48 - 00000000 ____D () C:\Users\zbynekv\AppData\Roaming\Lenovo
2015-04-30 08:48 - 2015-04-30 08:48 - 00000000 ____D () C:\Users\zbynekv\AppData\Local\Broadcom
2015-04-30 08:47 - 2015-04-30 08:48 - 00000000 ____D () C:\Users\zbynekv
2015-04-30 08:47 - 2015-04-30 08:47 - 00103914 __RSH () C:\Users\zbynekv\ntuser.pol
2015-04-30 08:47 - 2015-04-30 08:47 - 00000020 ___SH () C:\Users\zbynekv\ntuser.ini
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Šablony
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Soubory cookie
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Poslední
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Okolní tiskárny
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Okolní síť
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Nabídka Start
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Dokumenty
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Documents\Obrázky
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Documents\Hudba
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Documents\Filmy
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Data aplikací
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\AppData\Local\Data aplikací
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 ____D () C:\Users\zbynekv\AppData\Roaming\Intel
2015-04-30 08:47 - 2015-02-26 09:00 - 00000000 __SHD () C:\Users\zbynekv\Desktop\%APPDATA%
2015-04-30 08:47 - 2015-02-26 09:00 - 00000000 ____D () C:\Users\zbynekv\AppData\Roaming\Adobe
2015-04-30 08:47 - 2011-10-20 15:09 - 00000000 ____D () C:\Users\zbynekv\AppData\Local\Microsoft Help
2015-04-30 08:47 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\zbynekv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-30 08:47 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\zbynekv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-30 08:10 - 2015-04-30 08:13 - 00000000 ____D () C:\Users\zuzana\Desktop\asdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-29 09:44 - 2011-09-15 11:40 - 00000120 _____ () C:\Windows\system32\config\netlogon.ftl
2015-05-29 09:40 - 2011-07-05 14:11 - 00669660 _____ () C:\Windows\system32\perfh005.dat
2015-05-29 09:40 - 2011-07-05 14:11 - 00141292 _____ () C:\Windows\system32\perfc005.dat
2015-05-29 09:40 - 2009-07-14 07:13 - 01585934 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-29 09:32 - 2009-07-14 06:45 - 00031072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-29 09:32 - 2009-07-14 06:45 - 00031072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-29 09:29 - 2011-09-15 16:06 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-05-29 09:27 - 2011-09-15 16:06 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-05-29 09:26 - 2013-01-04 09:15 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-29 09:25 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-05-29 09:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-29 09:23 - 2009-07-14 06:51 - 00112010 _____ () C:\Windows\setupact.log
2015-05-29 09:18 - 2012-01-20 12:30 - 00000000 ____D () C:\Users\zuzana\AppData\Roaming\Skype
2015-05-29 09:10 - 2012-01-13 13:30 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA.job
2015-05-29 09:10 - 2012-01-13 13:30 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196Core.job
2015-05-29 09:10 - 2009-07-14 07:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-29 08:48 - 2011-07-05 14:24 - 01888821 _____ () C:\Windows\WindowsUpdate.log
2015-05-29 08:43 - 2015-02-09 09:46 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA1d0443c7ad9bc50.job
2015-05-29 08:43 - 2015-02-09 09:46 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196Core1d0443c7a768d2e.job
2015-05-29 08:43 - 2011-09-19 09:16 - 00000000 ____D () C:\Users\zuzana
2015-05-29 08:12 - 2011-09-19 09:20 - 00002016 ____H () C:\Users\zuzana\Documents\Default.rdp
2015-05-27 13:14 - 2011-09-15 11:42 - 00191648 __RSH () C:\ProgramData\ntuser.pol
2015-05-26 08:16 - 2012-01-20 12:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-19 08:31 - 2015-02-09 09:46 - 00003942 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA1d0443c7ad9bc50
2015-05-19 08:31 - 2015-02-09 09:46 - 00003546 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196Core1d0443c7a768d2e
2015-05-19 08:18 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-05-18 13:44 - 2014-10-15 08:01 - 00002731 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-05-18 13:44 - 2014-10-15 08:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-05-18 13:43 - 2012-01-20 12:30 - 00000000 ____D () C:\ProgramData\Skype
2015-05-18 12:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-14 18:57 - 2009-07-14 06:45 - 00455184 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 18:55 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-04 08:29 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-04 08:17 - 2010-11-21 05:47 - 00007952 _____ () C:\Windows\PFRO.log
==================== Files in the root of some directories =======
2012-01-10 14:42 - 2012-01-10 14:42 - 0000083 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
Some files in TEMP:
====================
C:\Users\zuzana\AppData\Local\Temp\3ufoyupe.dll
C:\Users\zuzana\AppData\Local\Temp\lhxc0djm.dll
C:\Users\zuzana\AppData\Local\Temp\owl3nkad.dll
C:\Users\zuzana\AppData\Local\Temp\Quarantine.exe
C:\Users\zuzana\AppData\Local\Temp\scan.dll
C:\Users\zuzana\AppData\Local\Temp\SkypeSetup.exe
C:\Users\zuzana\AppData\Local\Temp\sqlite3.dll
C:\Users\zuzana\AppData\Local\Temp\ul1whmwm.dll
C:\Users\zuzana\AppData\Local\Temp\_is7E5.exe
C:\Users\zuzana\AppData\Local\Temp\_is7E6B.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-25 12:04
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Windows7_OS) (Fixed) (Total:452.87 GB) (Free:387.92 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (STMIVANI) (CDROM) (Total:7.62 GB) (Free:0 GB) UDF
Drive h: (D) (Network) (Total:7.81 GB) (Free:0.64 GB) NTFS
Drive i: (D) (Network) (Total:60 GB) (Free:0.64 GB) NTFS
Drive l: (D) (Network) (Total:15 GB) (Free:0.64 GB) NTFS
Drive m: (D) (Network) (Total:110 GB) (Free:0.64 GB) NTFS
Drive n: (D) (Network) (Total:20 GB) (Free:0.64 GB) NTFS
Drive o: (D) (Network) (Total:15 GB) (Free:0.64 GB) NTFS
Drive p: (D) (Network) (Total:12 GB) (Free:0.64 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:11.72 GB) (Free:2.37 GB) NTFS
Drive r: (D) (Network) (Total:15 GB) (Free:0.64 GB) NTFS
Drive t: (D) (Network) (Total:60 GB) (Free:0.64 GB) NTFS
Drive u: (personal) (Network) (Total:180 GB) (Free:33.4 GB) NTFS
Drive v: (D) (Network) (Total:460 GB) (Free:0.64 GB) NTFS
Drive w: (D) (Network) (Total:15 GB) (Free:0.64 GB) NTFS
Drive x: (D) (Network) (Total:460 GB) (Free:0.64 GB) NTFS
Available physical RAM: 989.57 MB
Total physical RAM: 1888.48 MB
Percentage of memory in use: 47%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 465.8 GB) (Disk ID: A72ECE91)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d091325a0725d4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196Core.job => C:\Users\zuzana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196Core1d0443c7a768d2e.job => C:\Users\zuzana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA.job => C:\Users\zuzana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA1d0443c7ad9bc50.job => C:\Users\zuzana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA1d091fd6b62c23f.job => C:\Users\zuzana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exeq-backgroundmon scripts\backgroundmon.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
==================== Security Center ==================
AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\nemecp\Desktop" je 2 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lenovo Registration
C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LENOVO.TPKNRRES
C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
něco se mi sem dostalo a potřebuji s tím pomoc.
Úplně to zahltilo operační paměť a v normálním režimu nejsem schopný s Počítačem udělat vůbec nic. Takže log z FIRST je z Nouzového Režimu.
Prosím o pomoc.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05-2015 01
Ran by nemecp (administrator) on NTB-ZUZANA on 29-05-2015 09:50:59
Running from C:\Users\nemecp\Desktop
Loaded Profiles: nemecp (Available Profiles: zuzana & janm & zbynekv & nemecp & ova)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\nemecp\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2731304 2011-03-24] (Synaptics Incorporated)
HKLM\...\Run: [TPHOTKEY] => C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [69560 2010-07-27] (Lenovo Group Limited)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11821160 2011-05-09] (Realtek Semiconductor)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2011-02-28] (Lenovo Group Limited)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [4148664 2014-04-04] (ESET)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-31] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [openvpn-gui] => C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe [436776 2013-06-14] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\...\Policies\Explorer: [NoAutoTrayNotify] 1
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\...\Policies\Explorer: [NoPropertiesRecycleBin] 1
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\...\MountPoints2: {4032ecc6-a701-11e0-bc66-806e6f6e6963} - Q:\LenovoQDrive.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-07-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-3086065964-2013533356-904573443-6885\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-3086065964-2013533356-904573443-6885\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {75CD1527-AC97-4303-AE4E-F8153DFC4BF0} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {75CD1527-AC97-4303-AE4E-F8153DFC4BF0} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-01-13] (Sun Microsystems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.3.15.1 10.3.2.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2012-01-13] (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2014-06-25]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR Profile: C:\Users\nemecp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Skype Click to Call) - C:\Users\nemecp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-29]
CHR Extension: (Google Wallet) - C:\Users\nemecp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AuditPro Scan; C:\Program Files (x86)\AuditPro Scan\Scan.exe [2603328 2014-11-24] (truconneXion, a. s.)
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [477032 2011-04-18] (Lenovo.)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [42048 2014-04-04] (ESET)
S2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1029704 2014-04-04] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [191368 2014-04-04] (ESET)
S2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [81024 2015-03-23] (The OpenVPN Project)
S2 OpenVPNServiceInteractive; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [81024 2015-03-23] (The OpenVPN Project)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S2 PwmEWSvc; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [143360 2011-04-18] () [File not signed]
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2011-03-24] (Realtek Semiconductor)
S2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2010-11-25] (Lenovo Group Limited) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [219696 2014-04-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [185224 2013-09-09] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [155896 2013-09-09] (ESET)
S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [147096 2013-09-09] (ESET)
S2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2011-08-19] (The OpenVPN Project)
S3 vwmfbus; C:\Windows\System32\DRIVERS\vwmfbus.sys [127488 2009-11-11] (MCCI Corporation)
S3 vwmfdiag; C:\Windows\System32\DRIVERS\vwmfdiag.sys [128512 2009-11-11] (MCCI Corporation)
S3 vwmfmdfl; C:\Windows\System32\DRIVERS\vwmfmdfl.sys [18944 2009-11-11] (MCCI Corporation)
S3 vwmfmdm; C:\Windows\System32\DRIVERS\vwmfmdm.sys [161280 2009-11-11] (MCCI Corporation)
S3 vwmfserd; C:\Windows\System32\DRIVERS\vwmfserd.sys [128512 2009-11-11] (MCCI Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-29 09:50 - 2015-05-29 09:51 - 00013014 _____ () C:\Users\nemecp\Desktop\FRST.txt
2015-05-29 09:50 - 2015-05-29 09:51 - 00000000 ____D () C:\FRST
2015-05-29 09:49 - 2015-05-29 09:49 - 00112640 _____ (forum.viry.cz) C:\Users\nemecp\Downloads\FRSTLauncher.exe
2015-05-29 09:49 - 2015-05-29 09:49 - 00112640 _____ (forum.viry.cz) C:\Users\nemecp\Desktop\FRSTLauncher.exe
2015-05-29 09:49 - 2015-05-29 09:48 - 02108928 _____ (Farbar) C:\Users\nemecp\Desktop\FRST64.exe
2015-05-29 09:48 - 2015-05-29 09:48 - 02108928 _____ (Farbar) C:\Users\nemecp\Downloads\FRST64.exe
2015-05-29 09:48 - 2015-05-29 09:48 - 00000000 ____D () C:\Users\nemecp\AppData\Roaming\WinRAR
2015-05-29 09:25 - 2015-05-29 09:25 - 00118744 _____ () C:\Users\nemecp\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-29 09:25 - 2015-05-29 09:25 - 00001434 _____ () C:\Users\nemecp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-29 09:25 - 2015-05-29 09:25 - 00001400 _____ () C:\Users\nemecp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-05-29 09:25 - 2015-05-29 09:25 - 00000000 ____D () C:\Users\nemecp\Documents\Bluetooth Exchange Folder
2015-05-29 09:25 - 2015-05-29 09:25 - 00000000 ____D () C:\Users\nemecp\AppData\Roaming\Lenovo
2015-05-29 09:25 - 2015-05-29 09:25 - 00000000 ____D () C:\Users\nemecp\AppData\Local\Sophos
2015-05-29 09:25 - 2015-05-29 09:25 - 00000000 ____D () C:\Users\nemecp\AppData\Local\Google
2015-05-29 09:25 - 2015-05-29 09:25 - 00000000 ____D () C:\Users\nemecp\AppData\Local\Broadcom
2015-05-29 09:24 - 2015-05-29 09:25 - 00000000 ____D () C:\Users\nemecp
2015-05-29 09:24 - 2015-05-29 09:24 - 00103914 __RSH () C:\Users\nemecp\ntuser.pol
2015-05-29 09:24 - 2015-05-29 09:24 - 00000020 ___SH () C:\Users\nemecp\ntuser.ini
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Šablony
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Soubory cookie
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Poslední
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Okolní tiskárny
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Okolní síť
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Nabídka Start
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Dokumenty
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Documents\Obrázky
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Documents\Hudba
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Documents\Filmy
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\Data aplikací
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 _SHDL () C:\Users\nemecp\AppData\Local\Data aplikací
2015-05-29 09:24 - 2015-05-29 09:24 - 00000000 ____D () C:\Users\nemecp\AppData\Roaming\Intel
2015-05-29 09:24 - 2015-02-26 09:00 - 00000000 __SHD () C:\Users\nemecp\Desktop\%APPDATA%
2015-05-29 09:24 - 2015-02-26 09:00 - 00000000 ____D () C:\Users\nemecp\AppData\Roaming\Adobe
2015-05-29 09:24 - 2011-10-20 15:09 - 00000000 ____D () C:\Users\nemecp\AppData\Local\Microsoft Help
2015-05-29 09:24 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\nemecp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-29 09:24 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\nemecp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-29 09:06 - 2015-05-29 09:09 - 00000000 ____D () C:\AdwCleaner
2015-05-29 09:06 - 2015-05-29 09:04 - 02223104 _____ () C:\Users\zuzana\Desktop\adwcleaner_4.205.exe
2015-05-19 08:31 - 2015-05-29 08:43 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA1d091fd6b62c23f.job
2015-05-19 08:31 - 2015-05-19 08:31 - 00003942 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA1d091fd6b62c23f
2015-05-18 08:17 - 2015-05-29 08:43 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d091325a0725d4.job
2015-05-18 08:17 - 2015-05-18 08:17 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d091325a0725d4
2015-05-14 10:36 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-14 10:36 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-14 10:36 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-14 10:36 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-14 10:36 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-14 10:36 - 2015-04-04 05:29 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-14 10:36 - 2015-04-04 05:29 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-14 10:36 - 2015-04-04 05:22 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-14 10:36 - 2015-04-04 05:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-14 10:36 - 2015-04-04 05:20 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-14 10:36 - 2015-04-04 05:20 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-14 10:36 - 2015-04-04 05:17 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-14 10:36 - 2015-04-04 05:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-14 10:36 - 2015-04-04 05:15 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-14 10:36 - 2015-04-04 05:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-14 10:36 - 2015-04-04 05:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-14 10:36 - 2015-04-04 05:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-14 10:36 - 2015-04-04 05:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-14 10:36 - 2015-04-04 05:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-14 10:36 - 2015-04-04 05:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-14 10:36 - 2015-04-04 05:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-14 10:36 - 2015-04-04 05:04 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-14 10:36 - 2015-04-04 05:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-14 10:36 - 2015-04-04 05:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-14 10:36 - 2015-04-04 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-14 10:36 - 2015-04-04 04:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-14 10:31 - 2015-04-20 05:16 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-14 10:31 - 2015-04-20 05:16 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-14 10:31 - 2015-04-20 04:55 - 01081344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-14 10:31 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-14 10:30 - 2015-04-10 18:54 - 17881088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-14 10:30 - 2015-04-10 18:44 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-14 10:30 - 2015-04-10 18:43 - 10935808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-14 10:30 - 2015-04-10 18:43 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-14 10:30 - 2015-04-10 18:39 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-14 10:30 - 2015-04-10 18:39 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-14 10:30 - 2015-04-10 18:38 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-14 10:30 - 2015-04-10 18:37 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-14 10:30 - 2015-04-10 18:37 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-14 10:30 - 2015-04-10 18:37 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-14 10:30 - 2015-04-10 18:37 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-14 10:30 - 2015-04-10 18:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-05-14 10:30 - 2015-04-10 17:30 - 12379136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-14 10:30 - 2015-04-10 17:25 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-14 10:30 - 2015-04-10 17:25 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-14 10:30 - 2015-04-10 17:24 - 09750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-14 10:30 - 2015-04-10 17:21 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-14 10:30 - 2015-04-10 17:20 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-14 10:30 - 2015-04-10 17:20 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-14 10:30 - 2015-04-10 17:19 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-14 10:30 - 2015-04-10 17:19 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-14 10:30 - 2015-04-10 17:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-14 10:30 - 2015-04-10 17:19 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-14 10:30 - 2015-04-10 17:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-14 10:30 - 2015-04-10 17:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-05-14 10:30 - 2015-04-10 17:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-14 10:30 - 2015-04-10 17:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-14 10:30 - 2015-04-10 17:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-14 10:30 - 2015-04-10 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-14 10:30 - 2015-04-10 17:18 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-14 10:30 - 2015-04-10 17:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-14 10:30 - 2015-04-10 17:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-05-14 10:30 - 2015-04-10 17:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-05-14 10:30 - 2015-04-10 17:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-05-14 10:30 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-14 10:30 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-14 10:30 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-14 10:29 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 10:29 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 10:29 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-14 10:29 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-11 19:35 - 2015-05-11 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2015-05-11 19:34 - 2015-05-11 19:35 - 01387912 _____ () C:\Users\zuzana\Downloads\sslvpn_inst_zuzana@dcc.adler.info.exe
2015-04-30 13:11 - 2015-05-29 09:25 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-30 13:11 - 2015-05-29 08:43 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-30 13:11 - 2015-05-26 08:25 - 00002194 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-30 13:11 - 2015-05-18 08:17 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-30 13:11 - 2015-05-18 08:17 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-30 13:11 - 2015-04-30 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-30 13:10 - 2015-04-30 13:11 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-30 08:48 - 2015-04-30 08:48 - 00118744 _____ () C:\Users\zbynekv\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-30 08:48 - 2015-04-30 08:48 - 00001434 _____ () C:\Users\zbynekv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-30 08:48 - 2015-04-30 08:48 - 00001400 _____ () C:\Users\zbynekv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-04-30 08:48 - 2015-04-30 08:48 - 00000000 ____D () C:\Users\zbynekv\Documents\Bluetooth Exchange Folder
2015-04-30 08:48 - 2015-04-30 08:48 - 00000000 ____D () C:\Users\zbynekv\AppData\Roaming\WinRAR
2015-04-30 08:48 - 2015-04-30 08:48 - 00000000 ____D () C:\Users\zbynekv\AppData\Roaming\PwrMgr
2015-04-30 08:48 - 2015-04-30 08:48 - 00000000 ____D () C:\Users\zbynekv\AppData\Roaming\Lenovo
2015-04-30 08:48 - 2015-04-30 08:48 - 00000000 ____D () C:\Users\zbynekv\AppData\Local\Broadcom
2015-04-30 08:47 - 2015-04-30 08:48 - 00000000 ____D () C:\Users\zbynekv
2015-04-30 08:47 - 2015-04-30 08:47 - 00103914 __RSH () C:\Users\zbynekv\ntuser.pol
2015-04-30 08:47 - 2015-04-30 08:47 - 00000020 ___SH () C:\Users\zbynekv\ntuser.ini
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Šablony
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Soubory cookie
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Poslední
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Okolní tiskárny
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Okolní síť
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Nabídka Start
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Dokumenty
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Documents\Obrázky
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Documents\Hudba
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Documents\Filmy
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\Data aplikací
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 _SHDL () C:\Users\zbynekv\AppData\Local\Data aplikací
2015-04-30 08:47 - 2015-04-30 08:47 - 00000000 ____D () C:\Users\zbynekv\AppData\Roaming\Intel
2015-04-30 08:47 - 2015-02-26 09:00 - 00000000 __SHD () C:\Users\zbynekv\Desktop\%APPDATA%
2015-04-30 08:47 - 2015-02-26 09:00 - 00000000 ____D () C:\Users\zbynekv\AppData\Roaming\Adobe
2015-04-30 08:47 - 2011-10-20 15:09 - 00000000 ____D () C:\Users\zbynekv\AppData\Local\Microsoft Help
2015-04-30 08:47 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\zbynekv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-30 08:47 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\zbynekv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-30 08:10 - 2015-04-30 08:13 - 00000000 ____D () C:\Users\zuzana\Desktop\asdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-29 09:44 - 2011-09-15 11:40 - 00000120 _____ () C:\Windows\system32\config\netlogon.ftl
2015-05-29 09:40 - 2011-07-05 14:11 - 00669660 _____ () C:\Windows\system32\perfh005.dat
2015-05-29 09:40 - 2011-07-05 14:11 - 00141292 _____ () C:\Windows\system32\perfc005.dat
2015-05-29 09:40 - 2009-07-14 07:13 - 01585934 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-29 09:32 - 2009-07-14 06:45 - 00031072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-29 09:32 - 2009-07-14 06:45 - 00031072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-29 09:29 - 2011-09-15 16:06 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-05-29 09:27 - 2011-09-15 16:06 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-05-29 09:26 - 2013-01-04 09:15 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-29 09:25 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-05-29 09:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-29 09:23 - 2009-07-14 06:51 - 00112010 _____ () C:\Windows\setupact.log
2015-05-29 09:18 - 2012-01-20 12:30 - 00000000 ____D () C:\Users\zuzana\AppData\Roaming\Skype
2015-05-29 09:10 - 2012-01-13 13:30 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA.job
2015-05-29 09:10 - 2012-01-13 13:30 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196Core.job
2015-05-29 09:10 - 2009-07-14 07:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-29 08:48 - 2011-07-05 14:24 - 01888821 _____ () C:\Windows\WindowsUpdate.log
2015-05-29 08:43 - 2015-02-09 09:46 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA1d0443c7ad9bc50.job
2015-05-29 08:43 - 2015-02-09 09:46 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196Core1d0443c7a768d2e.job
2015-05-29 08:43 - 2011-09-19 09:16 - 00000000 ____D () C:\Users\zuzana
2015-05-29 08:12 - 2011-09-19 09:20 - 00002016 ____H () C:\Users\zuzana\Documents\Default.rdp
2015-05-27 13:14 - 2011-09-15 11:42 - 00191648 __RSH () C:\ProgramData\ntuser.pol
2015-05-26 08:16 - 2012-01-20 12:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-19 08:31 - 2015-02-09 09:46 - 00003942 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA1d0443c7ad9bc50
2015-05-19 08:31 - 2015-02-09 09:46 - 00003546 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196Core1d0443c7a768d2e
2015-05-19 08:18 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-05-18 13:44 - 2014-10-15 08:01 - 00002731 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-05-18 13:44 - 2014-10-15 08:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-05-18 13:43 - 2012-01-20 12:30 - 00000000 ____D () C:\ProgramData\Skype
2015-05-18 12:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-14 18:57 - 2009-07-14 06:45 - 00455184 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 18:55 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-04 08:29 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-04 08:17 - 2010-11-21 05:47 - 00007952 _____ () C:\Windows\PFRO.log
==================== Files in the root of some directories =======
2012-01-10 14:42 - 2012-01-10 14:42 - 0000083 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
Some files in TEMP:
====================
C:\Users\zuzana\AppData\Local\Temp\3ufoyupe.dll
C:\Users\zuzana\AppData\Local\Temp\lhxc0djm.dll
C:\Users\zuzana\AppData\Local\Temp\owl3nkad.dll
C:\Users\zuzana\AppData\Local\Temp\Quarantine.exe
C:\Users\zuzana\AppData\Local\Temp\scan.dll
C:\Users\zuzana\AppData\Local\Temp\SkypeSetup.exe
C:\Users\zuzana\AppData\Local\Temp\sqlite3.dll
C:\Users\zuzana\AppData\Local\Temp\ul1whmwm.dll
C:\Users\zuzana\AppData\Local\Temp\_is7E5.exe
C:\Users\zuzana\AppData\Local\Temp\_is7E6B.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-25 12:04
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Windows7_OS) (Fixed) (Total:452.87 GB) (Free:387.92 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (STMIVANI) (CDROM) (Total:7.62 GB) (Free:0 GB) UDF
Drive h: (D) (Network) (Total:7.81 GB) (Free:0.64 GB) NTFS
Drive i: (D) (Network) (Total:60 GB) (Free:0.64 GB) NTFS
Drive l: (D) (Network) (Total:15 GB) (Free:0.64 GB) NTFS
Drive m: (D) (Network) (Total:110 GB) (Free:0.64 GB) NTFS
Drive n: (D) (Network) (Total:20 GB) (Free:0.64 GB) NTFS
Drive o: (D) (Network) (Total:15 GB) (Free:0.64 GB) NTFS
Drive p: (D) (Network) (Total:12 GB) (Free:0.64 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:11.72 GB) (Free:2.37 GB) NTFS
Drive r: (D) (Network) (Total:15 GB) (Free:0.64 GB) NTFS
Drive t: (D) (Network) (Total:60 GB) (Free:0.64 GB) NTFS
Drive u: (personal) (Network) (Total:180 GB) (Free:33.4 GB) NTFS
Drive v: (D) (Network) (Total:460 GB) (Free:0.64 GB) NTFS
Drive w: (D) (Network) (Total:15 GB) (Free:0.64 GB) NTFS
Drive x: (D) (Network) (Total:460 GB) (Free:0.64 GB) NTFS
Available physical RAM: 989.57 MB
Total physical RAM: 1888.48 MB
Percentage of memory in use: 47%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 465.8 GB) (Disk ID: A72ECE91)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d091325a0725d4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196Core.job => C:\Users\zuzana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196Core1d0443c7a768d2e.job => C:\Users\zuzana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA.job => C:\Users\zuzana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA1d0443c7ad9bc50.job => C:\Users\zuzana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3086065964-2013533356-904573443-1196UA1d091fd6b62c23f.job => C:\Users\zuzana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exeq-backgroundmon scripts\backgroundmon.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
==================== Security Center ==================
AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\nemecp\Desktop" je 2 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lenovo Registration
C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LENOVO.TPKNRRES
C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
