AdBlocker Vyřešeno

[tomik.pb]

2015-05-11 18:08 - 2015-05-11 18:08 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-05-11 18:08 - 2015-05-11 18:08 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-05-11 18:08 - 2015-05-11 18:08 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-05-11 18:08 - 2015-05-11 18:08 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-05-11 18:08 - 2015-05-11 18:08 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-05-11 18:08 - 2015-05-11 18:08 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00022924 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-05-11 18:08 - 2015-05-11 18:08 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-05-11 18:08 - 2015-05-11 18:08 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-05-11 18:07 - 2015-05-11 18:07 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-05-11 18:07 - 2015-05-11 18:07 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-05-11 18:07 - 2015-05-11 18:07 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-05-11 18:07 - 2015-05-11 18:07 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-05-11 18:07 - 2015-05-11 18:07 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-05-11 18:07 - 2015-05-11 18:07 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-05-11 18:07 - 2015-05-11 18:07 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-05-11 18:07 - 2015-05-11 18:07 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-05-11 18:07 - 2015-05-11 18:07 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-05-11 18:07 - 2015-05-11 18:07 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-05-11 18:05 - 2015-05-11 18:05 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-05-11 18:05 - 2015-05-11 18:05 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-05-11 18:05 - 2015-05-11 18:05 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-05-11 18:05 - 2015-05-11 18:05 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-05-11 18:05 - 2015-05-11 18:05 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-05-11 18:05 - 2015-05-11 18:05 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-05-11 18:04 - 2015-05-11 18:04 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-05-11 18:04 - 2015-05-11 18:04 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-05-11 18:03 - 2015-05-11 18:03 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-05-11 18:03 - 2015-05-11 18:03 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-05-11 18:03 - 2015-05-11 18:03 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-05-11 18:03 - 2015-05-11 18:03 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-05-11 18:03 - 2015-05-11 18:03 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-05-11 18:03 - 2015-05-11 18:03 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-05-11 18:03 - 2015-05-11 18:03 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-05-11 18:03 - 2015-05-11 18:03 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-05-11 18:03 - 2015-05-11 18:03 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-05-11 18:03 - 2015-05-11 18:03 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-05-11 18:03 - 2015-05-11 18:03 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-05-11 18:03 - 2015-05-11 18:03 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-05-11 18:03 - 2015-05-11 18:03 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-05-11 18:03 - 2015-05-11 18:03 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-05-11 18:03 - 2015-05-11 18:03 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-05-11 18:02 - 2015-05-11 18:02 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-05-11 18:01 - 2015-05-11 18:01 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-05-11 18:01 - 2015-05-11 18:01 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-05-11 18:01 - 2015-05-11 18:01 - 00000000 ____D () C:\Program Files\MSBuild
2015-05-11 18:01 - 2015-05-11 18:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-05-11 18:01 - 2015-05-11 18:01 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-05-11 18:00 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-05-11 18:00 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-05-11 17:59 - 2015-05-11 17:59 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-11 17:59 - 2015-05-11 17:59 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-11 17:52 - 2015-05-11 17:52 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-05-11 17:48 - 2015-05-11 17:48 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-05-11 17:47 - 2015-05-23 20:17 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC
2015-05-11 17:47 - 2015-05-23 18:37 - 00000000 ____D () C:\Users\Romana S
2015-05-11 17:47 - 2015-05-11 18:09 - 00032388 _____ () C:\WINDOWS\diagwrn.xml
2015-05-11 17:47 - 2015-05-11 18:09 - 00032388 _____ () C:\WINDOWS\diagerr.xml
2015-05-11 17:47 - 2015-05-11 17:48 - 00000000 ___RD () C:\Users\Romana S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-11 17:47 - 2015-05-11 17:48 - 00000000 ___RD () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\Romana S\Šablony
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\Romana S\Soubory cookie
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\Romana S\Poslední
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\Romana S\Okolní tiskárny
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\Romana S\Okolní síť
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\Romana S\Nabídka Start
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\Romana S\Dokumenty
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\Romana S\Documents\Obrázky
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\Romana S\Documents\Hudba
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\Romana S\Documents\Filmy
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\Romana S\Data aplikací
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\Romana S\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\Romana S\AppData\Local\Data aplikací
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\koryt_000.ROMCA-PC\Šablony
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\koryt_000.ROMCA-PC\Soubory cookie
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\koryt_000.ROMCA-PC\Poslední
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\koryt_000.ROMCA-PC\Okolní tiskárny
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\koryt_000.ROMCA-PC\Okolní síť
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\koryt_000.ROMCA-PC\Nabídka Start
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\koryt_000.ROMCA-PC\Dokumenty
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\koryt_000.ROMCA-PC\Documents\Obrázky
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\koryt_000.ROMCA-PC\Documents\Hudba
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\koryt_000.ROMCA-PC\Documents\Filmy
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\koryt_000.ROMCA-PC\Data aplikací
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-05-11 17:47 - 2015-05-11 17:47 - 00000000 _SHDL () C:\Users\koryt_000.ROMCA-PC\AppData\Local\Data aplikací
2015-05-11 17:47 - 2014-11-21 14:15 - 00000000 ___RD () C:\Users\Romana S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-11 17:47 - 2014-11-21 14:15 - 00000000 ___RD () C:\Users\Romana S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-11 17:47 - 2014-11-21 14:15 - 00000000 ___RD () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-11 17:47 - 2014-11-21 14:15 - 00000000 ___RD () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-11 17:47 - 2014-11-21 07:02 - 00000369 _____ () C:\Users\Romana S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-11 17:47 - 2014-11-21 07:02 - 00000369 _____ () C:\Users\Romana S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-11 17:47 - 2014-11-21 07:02 - 00000369 _____ () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-11 17:47 - 2014-11-21 07:02 - 00000369 _____ () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-11 17:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Romana S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-11 17:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-11 17:35 - 2015-05-11 17:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-05-11 17:35 - 2015-05-11 17:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-05-11 17:35 - 2015-05-11 17:35 - 00000000 ____D () C:\Program Files\Realtek
2015-05-11 17:35 - 2015-05-11 17:35 - 00000000 ____D () C:\Program Files\Elantech
2015-05-11 08:23 - 2015-05-11 18:09 - 00006526 _____ () C:\WINDOWS\comsetup.log
2015-05-10 20:16 - 2015-05-24 20:51 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\vlc
2015-05-10 20:13 - 2015-05-11 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-05-10 20:13 - 2015-05-10 20:13 - 00001038 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-10 20:12 - 2015-05-10 20:12 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-05-10 07:54 - 2015-05-14 19:42 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-05-09 21:29 - 2015-03-04 09:26 - 00011105 ____N () C:\WINDOWS\system32\AutoconfigV2.cab
2015-05-09 19:42 - 2015-05-09 19:42 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\Macromedia
2015-05-09 10:34 - 2015-05-11 17:54 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-05-09 10:34 - 2015-05-09 10:34 - 00001170 _____ () C:\Users\koryt_000.ROMCA-PC\Desktop\Format Factory.lnk
2015-05-09 10:22 - 2015-05-24 21:03 - 00000000 ____D () C:\FFOutput
2015-05-09 10:22 - 2015-05-09 10:22 - 00000000 ____D () C:\Users\Public\Documents\Baidu
2015-05-09 10:19 - 2015-05-09 10:19 - 00000000 ____D () C:\Program Files (x86)\FreeTime
2015-05-09 09:49 - 2015-04-26 23:35 - 1793189888 _____ () C:\Users\koryt_000.ROMCA-PC\Documents\Hunger-Games-Síla-vzdoru-BRRip-CZ.avi
2015-05-09 09:05 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-05-09 08:00 - 2015-05-09 08:00 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\VitySoft
2015-05-09 08:00 - 2015-05-09 08:00 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\.objectdb
2015-05-09 07:56 - 2015-05-09 07:59 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\Downloads\KNIGHT RIDER - LEGENDA SE VRACI(CZ)
2015-05-09 07:55 - 2015-05-24 21:39 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\uTorrent
2015-05-09 07:55 - 2015-05-11 17:54 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2015-05-09 07:55 - 2015-05-09 07:55 - 00000963 _____ () C:\Users\koryt_000.ROMCA-PC\Desktop\µTorrent.lnk
2015-05-08 23:23 - 2015-05-16 11:17 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-05-08 23:05 - 2015-05-16 07:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-08 23:05 - 2015-05-16 07:19 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-08 20:25 - 2015-05-08 20:25 - 00000117 _____ () C:\WINDOWS\system32\netcfg-16477578.txt
2015-05-08 20:25 - 2015-05-08 20:25 - 00000117 _____ () C:\WINDOWS\system32\netcfg-16477359.txt
2015-05-08 19:28 - 2015-05-08 19:29 - 00000117 _____ () C:\WINDOWS\system32\netcfg-13063828.txt
2015-05-08 19:28 - 2015-05-08 19:28 - 00000117 _____ () C:\WINDOWS\system32\netcfg-13062218.txt
2015-05-08 19:00 - 2015-05-08 19:00 - 00000117 _____ () C:\WINDOWS\system32\netcfg-11369484.txt
2015-05-08 17:40 - 2015-05-08 17:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-6591984.txt
2015-05-08 15:56 - 2015-05-08 15:57 - 00002881 _____ () C:\Users\koryt_000.ROMCA-PC\Desktop\Firemní.lnk
2015-05-08 15:51 - 2015-05-08 15:51 - 00000117 _____ () C:\WINDOWS\system32\netcfg-44484.txt
2015-05-08 15:50 - 2015-05-08 15:50 - 00000117 _____ () C:\WINDOWS\system32\netcfg-25904375.txt
2015-05-08 15:49 - 2015-05-08 15:49 - 00000951 _____ () C:\Users\koryt_000.ROMCA-PC\Desktop\TOTALCMD64 – zástupce.lnk
2015-05-08 15:47 - 2015-05-10 19:05 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\GHISLER
2015-05-08 15:40 - 2015-05-08 15:40 - 00001488 _____ () C:\Users\koryt_000.ROMCA-PC\AppData\Local\recently-used.xbel
2015-05-08 15:40 - 2015-05-08 15:40 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Local\gtk-2.0
2015-05-08 15:39 - 2015-05-08 15:39 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\.thumbnails
2015-05-08 15:33 - 2015-05-08 15:33 - 00001208 _____ () C:\Users\koryt_000.ROMCA-PC\Downloads\podpis_Tomas Korejs.html
2015-05-08 15:26 - 2015-05-22 19:04 - 00002250 ____H () C:\Users\koryt_000.ROMCA-PC\Documents\Default.rdp
2015-05-08 15:20 - 2015-05-21 19:04 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\.gimp-2.8
2015-05-08 15:20 - 2015-05-08 15:20 - 00000906 _____ () C:\Users\koryt_000.ROMCA-PC\Desktop\GIMP 2.lnk
2015-05-08 15:20 - 2015-05-08 15:20 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Local\gegl-0.2
2015-05-08 15:10 - 2015-05-08 15:10 - 00001336 _____ () C:\Users\koryt_000.ROMCA-PC\Desktop\frd – zástupce.lnk
2015-05-08 14:58 - 2015-05-24 21:09 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\Centrum Mail
2015-05-08 14:58 - 2015-05-08 14:58 - 00001464 _____ () C:\Users\koryt_000.ROMCA-PC\Desktop\Email.lnk
2015-05-08 14:57 - 2015-05-08 14:57 - 00001404 _____ () C:\Users\koryt_000.ROMCA-PC\Desktop\cdbxpp – zástupce.lnk
2015-05-08 14:56 - 2015-05-08 14:56 - 00001122 _____ () C:\Users\koryt_000.ROMCA-PC\Desktop\Dokumenty – zástupce.lnk
2015-05-08 14:55 - 2015-05-24 21:42 - 00000003 _____ () C:\Users\koryt_000.ROMCA-PC\stut
2015-05-08 14:53 - 2015-05-23 21:32 - 00000330 _____ () C:\Users\koryt_000.ROMCA-PC\rgut
2015-05-08 14:51 - 2015-05-24 07:23 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Local\Google
2015-05-08 14:51 - 2015-05-23 19:48 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Local\VirtualStore
2015-05-08 14:51 - 2015-05-22 11:27 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Local\Packages
2015-05-08 14:51 - 2015-05-08 14:51 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\lm
2015-05-08 14:51 - 2015-05-08 14:51 - 00000000 ____D () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\Adobe
2015-05-08 14:45 - 2015-05-08 14:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-21966500.txt
2015-05-08 14:45 - 2015-05-08 14:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-21966421.txt
2015-05-08 14:44 - 2015-05-08 14:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-21906218.txt
2015-05-08 14:43 - 2015-05-08 14:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-21902984.txt
2015-05-08 14:30 - 2015-05-08 14:32 - 00000000 ____D () C:\totalcmd
2015-05-08 14:24 - 2015-05-08 14:24 - 00000117 _____ () C:\WINDOWS\system32\netcfg-36906.txt
2015-05-08 14:23 - 2015-05-08 14:23 - 00000117 _____ () C:\WINDOWS\system32\netcfg-3311265.txt
2015-05-08 13:55 - 2015-05-23 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-05-08 13:54 - 2015-05-08 13:54 - 00000000 ____D () C:\ProgramData\VS Revo Group
2015-05-08 13:54 - 2015-05-08 13:54 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-05-08 13:54 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2015-05-08 13:50 - 2015-05-11 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-08 13:49 - 2015-05-08 13:49 - 00000000 ____D () C:\Program Files\WinRAR
2015-05-08 13:45 - 2015-05-11 17:54 - 00000000 ____D () C:\Users\Romana S\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-08 13:45 - 2015-05-08 13:45 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2015-05-08 13:28 - 2015-05-08 13:28 - 00000117 _____ () C:\WINDOWS\system32\netcfg-52390.txt
2015-05-08 13:27 - 2015-05-08 13:27 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1146921.txt
2015-05-08 13:17 - 2015-05-24 07:27 - 00003714 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-08 13:17 - 2015-05-24 07:23 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-08 13:17 - 2015-05-08 13:18 - 00000000 ____D () C:\Users\Romana S\AppData\Local\Google
2015-05-08 13:15 - 2015-05-08 13:15 - 00000000 ____D () C:\Users\Romana S\AppData\Roaming\Macromedia
2015-05-08 13:15 - 2015-05-08 13:15 - 00000000 _____ () C:\Recovery.txt
2015-05-08 13:09 - 2015-05-08 13:09 - 00000117 _____ () C:\WINDOWS\system32\netcfg-55062.txt
2015-05-08 13:09 - 2015-05-08 13:09 - 00000117 _____ () C:\WINDOWS\system32\netcfg-48531.txt
2015-05-08 13:08 - 2015-05-08 13:08 - 00000117 _____ () C:\WINDOWS\system32\netcfg-902890.txt
2015-05-08 13:06 - 2015-05-11 17:54 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-05-08 13:04 - 2015-05-08 13:04 - 00328592 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-05-08 12:57 - 2015-05-08 12:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-277531.txt
2015-05-08 12:57 - 2015-05-08 12:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-15527484.txt
2015-05-08 12:57 - 2015-05-08 12:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-15527375.txt
2015-05-08 12:55 - 2015-05-08 14:51 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-05-08 12:55 - 2015-05-08 12:55 - 00000000 ____D () C:\Users\Romana S\AppData\Roaming\lm
2015-05-08 12:55 - 2015-05-08 12:55 - 00000000 ____D () C:\Users\Romana S\AppData\Roaming\Adobe
2015-05-08 12:54 - 2015-05-12 20:18 - 00000000 ____D () C:\Users\Romana S\AppData\Local\Packages
2015-05-08 12:54 - 2015-05-08 08:18 - 00000000 ____D () C:\Users\Romana S\AppData\Local\VirtualStore
2015-05-08 12:52 - 2015-05-11 16:50 - 01441550 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-05-08 12:51 - 2015-05-08 12:51 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2155937.txt
2015-05-08 10:55 - 2015-05-08 10:55 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-05-08 10:54 - 2015-05-08 10:54 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-05-08 10:54 - 2015-05-08 10:54 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2015-05-08 10:54 - 2015-05-08 10:54 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2015-05-08 10:52 - 2015-05-08 10:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-8017453.txt
2015-05-08 10:52 - 2015-05-08 10:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-8015203.txt
2015-05-08 09:07 - 2015-05-08 09:07 - 00000906 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-05-08 09:06 - 2015-05-08 09:07 - 00000000 ____D () C:\Program Files\GIMP 2
2015-05-08 08:39 - 2015-05-08 08:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-41359.txt
2015-05-08 08:39 - 2015-05-08 08:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-36093.txt
2015-05-08 08:38 - 2015-05-08 08:38 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2713031.txt
2015-05-08 08:19 - 2015-05-08 08:19 - 00000000 ____D () C:\Users\Romana S\Downloads\FRD
2015-05-08 08:18 - 2015-05-08 08:18 - 00000000 ____D () C:\Users\Romana S\AppData\Roaming\VitySoft
2015-05-08 08:18 - 2015-05-08 08:18 - 00000000 ____D () C:\Users\Romana S\.objectdb
2015-05-08 08:17 - 2015-05-11 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-08 08:17 - 2015-05-08 08:17 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-05-08 08:17 - 2015-05-08 08:17 - 00000000 ____D () C:\ProgramData\Sun
2015-05-08 08:17 - 2015-05-08 08:17 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-08 08:17 - 2015-05-08 08:17 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-08 08:16 - 2015-05-08 08:16 - 00562272 _____ (Oracle Corporation) C:\Users\Romana S\Downloads\chromeinstall-8u45.exe
2015-05-08 08:15 - 2015-05-08 08:15 - 00001336 _____ () C:\Users\Romana S\Desktop\frd – zástupce.lnk
2015-05-08 08:14 - 2015-05-08 08:14 - 00000000 ____D () C:\Users\Romana S\Downloads\FreeRapid-Downloader_0.9u4_sk_cz_PORTABLE
2015-05-08 08:14 - 2014-05-20 09:14 - 00000000 ____D () C:\Program Files\FreeRapid
2015-05-08 08:13 - 2015-05-08 08:13 - 00000000 ____D () C:\Users\Romana S\AppData\Roaming\WinRAR
2015-05-08 08:12 - 2015-05-08 08:13 - 17406410 _____ () C:\Users\Romana S\Downloads\FreeRapid-Downloader_0.9u4_sk_cz_PORTABLE.zip
2015-05-08 08:09 - 2015-05-08 08:09 - 00000000 ____D () C:\Users\Romana S\Tracing
2015-05-08 08:09 - 2015-05-08 08:09 - 00000000 ____D () C:\Users\Romana S\AppData\Local\Skype
2015-05-08 08:08 - 2015-05-24 20:24 - 00000000 ____D () C:\Users\Romana S\AppData\Roaming\Skype
2015-05-08 08:08 - 2015-05-11 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-05-08 08:08 - 2015-05-08 08:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-08 08:08 - 2015-05-08 08:08 - 00000000 ____D () C:\ProgramData\Skype
2015-05-08 08:07 - 2015-05-08 08:07 - 01384064 _____ (Skype Technologies S.A.) C:\Users\Romana S\Downloads\SkypeSetup.exe
2015-05-08 07:54 - 2015-05-08 07:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-33500.txt
2015-05-08 07:53 - 2015-05-08 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-585437.txt
2015-05-08 07:50 - 2015-05-21 09:10 - 00000000 ____D () C:\Users\Romana S\AppData\Roaming\Centrum Mail
2015-05-08 07:48 - 2015-05-24 11:27 - 00000003 _____ () C:\Users\Romana S\stut
2015-05-08 07:46 - 2015-05-08 07:46 - 00001072 _____ () C:\Users\Romana S\Desktop\Dokumenty.lnk
2015-05-08 07:46 - 2015-05-08 07:46 - 00000359 _____ () C:\Users\Romana S\Desktop\Tento počítač.lnk
2015-05-08 07:45 - 2015-05-23 19:05 - 00000330 _____ () C:\Users\Romana S\rgut
2015-05-08 07:44 - 2015-05-08 07:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-51203.txt
2015-05-08 07:43 - 2015-05-08 07:43 - 00000117 _____ () C:\WINDOWS\system32\netcfg-8397828.txt
2015-05-08 07:22 - 2015-05-16 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-05-08 07:21 - 2015-05-16 07:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2015-05-08 07:21 - 2015-05-08 07:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2015-05-08 07:18 - 2015-05-18 19:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-08 07:18 - 2015-05-17 11:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-08 07:18 - 2015-05-08 07:18 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-05-08 07:17 - 2015-05-08 07:17 - 00000000 __RHD () C:\MSOCache
2015-05-08 06:32 - 2013-05-04 06:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2015-05-08 06:32 - 2013-05-04 06:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2015-05-08 06:06 - 2015-05-08 06:06 - 00000959 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Centrum Mail.lnk
2015-05-08 06:06 - 2015-05-08 06:06 - 00000000 ____D () C:\Program Files (x86)\Centrum Mail
2015-05-08 05:56 - 2013-08-11 15:40 - 00043520 ____S (NirSoft) C:\WINDOWS\SysWOW64\nircmdc.exe
2015-05-08 05:55 - 2015-05-11 17:54 - 00000000 ____D () C:\WINDOWS\SysWOW64\bitstreams
2015-05-08 05:55 - 2014-03-05 22:19 - 00007670 ____S () C:\WINDOWS\SysWOW64\mncoftom.vbe
2015-05-08 05:55 - 2013-10-26 20:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\WINDOWS\SysWOW64\libeay32.dll
2015-05-08 05:55 - 2013-10-26 20:30 - 00538126 ____S () C:\WINDOWS\SysWOW64\libcurl-4.dll
2015-05-08 05:55 - 2013-10-26 20:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\WINDOWS\SysWOW64\ssleay32.dll
2015-05-08 05:55 - 2013-10-26 20:30 - 00192512 ____S () C:\WINDOWS\SysWOW64\libidn-11.dll
2015-05-08 05:55 - 2013-10-26 20:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\WINDOWS\SysWOW64\libssh2.dll
2015-05-08 05:55 - 2013-10-26 20:30 - 00133632 ____S () C:\WINDOWS\SysWOW64\librtmp.dll
2015-05-08 05:55 - 2013-10-26 20:30 - 00044727 ____S () C:\WINDOWS\SysWOW64\diablo130302.cl
2015-05-08 05:55 - 2013-10-26 20:30 - 00043810 ____S () C:\WINDOWS\SysWOW64\poclbm130302.cl
2015-05-08 05:55 - 2013-10-26 20:30 - 00030802 ____S () C:\WINDOWS\SysWOW64\diakgcn121016.cl
2015-05-08 05:55 - 2013-10-26 20:30 - 00023825 ____S () C:\WINDOWS\SysWOW64\scrypt130511.cl
2015-05-08 05:55 - 2013-10-26 20:30 - 00013062 ____S () C:\WINDOWS\SysWOW64\phatk121016.cl
2015-05-08 05:55 - 2013-06-12 15:15 - 00119888 ____S (Open Source Software community LGPL) C:\WINDOWS\SysWOW64\pthreadGC2.dll
2015-05-08 05:55 - 2013-06-12 15:15 - 00100864 ____S () C:\WINDOWS\SysWOW64\zlib1.dll
2015-05-08 05:55 - 2012-09-25 23:46 - 00472424 ____S (NVIDIA Corporation) C:\WINDOWS\SysWOW64\cudart32_50_35.dll
2015-05-08 05:55 - 2012-05-27 01:36 - 00055808 ____S (Open Source Software community LGPL) C:\WINDOWS\SysWOW64\pthreadVC2.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-24 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-24 21:43 - 2014-11-21 06:53 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-24 21:43 - 2014-11-21 06:10 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2015-05-24 21:43 - 2014-11-21 06:10 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2015-05-24 21:39 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-24 21:38 - 2013-08-22 16:46 - 00329311 _____ () C:\WINDOWS\setupact.log
2015-05-24 21:21 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-24 10:50 - 2014-11-20 21:43 - 00012246 _____ () C:\WINDOWS\PFRO.log
2015-05-23 22:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PLA
2015-05-22 11:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-20 07:46 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-16 11:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-16 11:22 - 2013-08-22 16:44 - 00411208 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-16 11:18 - 2014-11-21 14:14 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-05-16 11:17 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-16 11:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-05-16 11:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-05-16 11:17 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-16 06:46 - 2014-11-21 06:34 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 19:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-05-11 18:29 - 2013-08-22 17:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-05-11 18:25 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-05-11 18:23 - 2014-11-21 06:09 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2015-05-11 18:23 - 2014-11-21 06:09 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2015-05-11 18:23 - 2014-11-21 06:09 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-05-11 18:23 - 2014-11-21 06:09 - 00000000 ____D () C:\WINDOWS\system32\winrm
2015-05-11 18:23 - 2014-11-21 06:09 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2015-05-11 18:23 - 2014-11-21 06:09 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2015-05-11 18:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-05-11 18:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-05-11 18:23 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-05-11 18:23 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-05-11 18:23 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-05-11 18:23 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-05-11 18:23 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\servicing
2015-05-11 18:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-11 18:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-11 18:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-05-11 18:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-05-11 18:09 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2015-05-11 18:09 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-11 18:08 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-11 18:05 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-05-11 18:05 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-11 18:05 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-05-11 18:03 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-05-11 17:54 - 2014-11-21 06:34 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-05-11 17:54 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2015-05-11 17:54 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-05-11 17:54 - 2012-09-05 21:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
2015-05-11 17:54 - 2012-08-03 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell
2015-05-11 17:53 - 2013-08-22 17:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-05-11 17:52 - 2014-11-21 06:09 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-05-11 17:52 - 2014-11-21 06:09 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-05-11 17:52 - 2014-11-21 06:09 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-05-11 17:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-05-11 17:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-05-11 17:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-05-11 17:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-05-11 17:52 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-05-11 17:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-05-11 17:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-05-11 17:51 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-05-11 17:50 - 2013-08-22 17:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-05-11 17:50 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-05-11 17:50 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-05-11 17:50 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-05-11 17:50 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-11 17:50 - 2012-08-03 13:59 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-11 17:50 - 2012-08-03 13:54 - 00000000 ____D () C:\ProgramData\PRICache
2015-05-11 17:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-05-11 07:06 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-05-08 14:27 - 2012-08-03 13:59 - 00000000 ____D () C:\ProgramData\WildTangent
2015-05-08 14:23 - 2012-08-03 14:04 - 00000000 ____D () C:\ProgramData\Norton
2015-05-08 14:14 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-05-08 13:10 - 2012-09-05 21:10 - 00015802 _____ () C:\WINDOWS\system32\results.xml
2015-05-08 13:07 - 2012-09-05 21:21 - 00009590 _____ () C:\WINDOWS\DPINST.LOG
2015-05-08 12:56 - 2012-08-03 14:40 - 00000000 ___HD () C:\OEM
2015-05-08 12:55 - 2012-08-03 14:05 - 00000000 ____D () C:\ProgramData\OEM
2015-05-05 19:59 - 2014-11-21 14:21 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2014-11-21 14:21 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-05-23 17:20 - 2015-05-23 17:20 - 0000024 _____ () C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\appdataFr25.bin
2015-05-08 15:40 - 2015-05-08 15:40 - 0001488 _____ () C:\Users\koryt_000.ROMCA-PC\AppData\Local\recently-used.xbel
2015-05-23 17:44 - 2015-05-23 17:44 - 0000000 _____ () C:\Users\koryt_000.ROMCA-PC\AppData\Local\Temp.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-22 13:45

==================== End of log ============================

[Reklama]

[tomik.pb]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015 01
Ran by koryt_000 at 2015-05-24 22:05:11
Running from C:\Users\koryt_000.ROMCA-PC\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1560035657-911311260-1851593216-500 - Administrator - Disabled)
Guest (S-1-5-21-1560035657-911311260-1851593216-501 - Limited - Disabled)
koryt_000 (S-1-5-21-1560035657-911311260-1851593216-1003 - Administrator - Enabled) => C:\Users\koryt_000.ROMCA-PC
Romana S (S-1-5-21-1560035657-911311260-1851593216-1001 - Administrator - Enabled) => C:\Users\Romana S

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.20 - Broadcom Corporation)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Centrum Mail (HKLM-x32\...\{1FA96E54-9D16-4CA5-AA9E-B0FA93356865}) (Version: 4.0.15145.0 - Centrum Holdings s.r.o.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4220.52 - CyberLink Corp.)
ETDWare PS/2-X64 11.6.11.002_WHQL (HKLM\...\Elantech) (Version: 11.6.11.002 - ELAN Microelectronic Corp.)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Packard Bell)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Packard Bell)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Packard Bell Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Packard Bell)
Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Packard Bell)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 2.5.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.1 - VS Revo Group, Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

19-05-2015 18:18:08 Windows Update
23-05-2015 17:41:04 Revo Uninstaller Pro's restore point - Translate This
23-05-2015 17:42:54 Revo Uninstaller Pro's restore point - Fuin2SSavE
23-05-2015 17:43:56 Revo Uninstaller Pro's restore point - DiGiCoupon
23-05-2015 17:45:38 Revo Uninstaller Pro's restore point - AlulSoavear
23-05-2015 19:30:33 Revo Uninstaller Pro's restore point - AdBlocker
23-05-2015 19:31:59 Revo Uninstaller Pro's restore point - AdBlock
24-05-2015 07:13:43 Revo Uninstaller Pro's restore point - Google Chrome
24-05-2015 08:24:23 Revo Uninstaller Pro's restore point - Malwarebytes Anti-Malware verze 2.1.6.1022
24-05-2015 10:31:18 zoek.exe restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-05-24 10:32 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E68C2D0-CB0A-45F9-8C9B-0074EF712B2A} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2012-08-23] (Acer Incorporated)
Task: {34D8AF07-51F6-4C70-B44E-637C2CF02E64} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {4B1AEBF6-FFF5-4563-A14C-1AF8FB48CCDE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-24] (Google Inc.)
Task: {4BEB0EAD-C71F-42FE-9D53-9FEEEFDB47DD} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {53CA8CF9-9572-4A69-B7C2-DDBF40DAD272} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-24] (Google Inc.)
Task: {6CEFE19E-7751-4278-B051-0A647D40B8DB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-16] (Microsoft Corporation)
Task: {9C152BA6-CCBC-466E-89D0-E3C8225442F4} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2012-08-24] ()
Task: {AD64DB18-B8CA-4537-80B5-863DCD7D3ABE} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {DF1A5A09-9B98-4BB9-8DFE-DA38016CB7CB} - \Optimize Start Menu Cache Files-S-1-5-21-1560035657-911311260-1851593216-500 No Task File <==== ATTENTION
Task: {E152FDA8-905E-48B4-A057-E248C10FFCC4} - \Optimize Start Menu Cache Files-S-1-5-21-1560035657-911311260-1851593216-1002 No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-08 13:45 - 2009-06-02 01:15 - 00051200 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-09-05 21:18 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\koryt_000.ROMCA-PC\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1560035657-911311260-1851593216-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\koryt_000.ROMCA-PC\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\plocha.jpg
DNS Servers: 212.80.70.2 - 212.80.66.7

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{7FA064CE-CDA6-4E7E-B792-9D3DF136DB0F}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [TCP Query User{BE846B66-3CC4-4AF8-9352-82DA698F37A4}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe
FirewallRules: [UDP Query User{708E92F2-BA00-4D8B-93AB-D886BC85D134}C:\users\koryt_000.romca-pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\koryt_000.romca-pc\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{4F57C394-3D31-4D10-8D8D-78D66F1BD69A}C:\users\koryt_000.romca-pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\koryt_000.romca-pc\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{07D8709D-61A9-4E58-B29D-9A038CCBF58F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [TCP Query User{480585CB-6888-4A94-B0CB-02217627310F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{33BB9324-FBEC-40FA-9252-0A70D22FCE18}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{79B98315-3509-420B-AEED-6AE622553015}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{80FFF11B-8619-4B52-AA0C-0E222D77F73A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{33AC7A02-BECB-456F-8BFE-A4C3868EDA8A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{524109DF-12E2-4562-93DF-5C4EA37A7C24}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{24FAAED2-D265-42A6-AE3D-75E78DD6E09E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{DE7C51A5-4616-4A7D-A7F3-317248C53A36}C:\users\koryt_000.romca-pc\downloads\odorik.exe] => (Allow) C:\users\koryt_000.romca-pc\downloads\odorik.exe
FirewallRules: [UDP Query User{213DFCC5-7930-40DF-B488-D611E6F6FB73}C:\users\koryt_000.romca-pc\downloads\odorik.exe] => (Allow) C:\users\koryt_000.romca-pc\downloads\odorik.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/24/2015 09:20:45 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (05/24/2015 09:01:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.3.9600.17667 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: bac

Čas spuštění: 01d095fec90ade90

Čas ukončení: 0

Cesta k aplikaci: C:\WINDOWS\Explorer.EXE

ID hlášení: 2fc8f935-0247-11e5-be87-b888e3c04e13

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (05/24/2015 08:24:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamscheduler.exe, verze: 3.1.2.0, časové razítko: 0x5450097e
Název chybujícího modulu: MSVCR100.dll, verze: 10.0.40219.325, časové razítko: 0x4df2be1e
Kód výjimky: 0x40000015
Posun chyby: 0x0008d6fd
ID chybujícího procesu: 0x928
Čas spuštění chybující aplikace: 0xmbamscheduler.exe0
Cesta k chybující aplikaci: mbamscheduler.exe1
Cesta k chybujícímu modulu: mbamscheduler.exe2
ID zprávy: mbamscheduler.exe3
Úplný název chybujícího balíčku: mbamscheduler.exe4
ID aplikace související s chybujícím balíčkem: mbamscheduler.exe5

Error: (05/24/2015 07:13:43 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {e196f528-0495-45e1-a01e-fededf275bd2}

Error: (05/23/2015 09:45:47 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=3EE356A5B96D4E0A92D695DA8E4FF7D5;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\1d88d977-4768-4a63-aba0-055f26f2a163.dmp

Error: (05/23/2015 09:28:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROMCA-PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/23/2015 06:01:51 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.65;lang=;guid=3EE356A5B96D4E0A92D695DA8E4FF7D5;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\6c4411d3-1107-45ed-a4de-bf5ade57d60d.dmp

Error: (05/23/2015 05:41:03 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {1ccf574d-27f3-49cc-8f44-3a3ac13c3d21}

Error: (05/23/2015 05:37:08 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20856 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 914

Čas spuštění: 01d09470eb633a4b

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: fac22005-00fc-11e5-be81-b888e3c04e13

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/18/2015 07:02:43 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


System errors:
=============
Error: (05/24/2015 09:38:20 PM) (Source: DCOM) (EventID: 10005) (User: ROMCA-PC)
Description: 1084WSearchNení k dispozici{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (05/24/2015 09:38:20 PM) (Source: DCOM) (EventID: 10005) (User: ROMCA-PC)
Description: 1084ShellHWDetectionNení k dispozici{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/24/2015 09:38:14 PM) (Source: DCOM) (EventID: 10005) (User: ROMCA-PC)
Description: 1084ShellHWDetectionNení k dispozici{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/24/2015 09:38:02 PM) (Source: DCOM) (EventID: 10005) (User: ROMCA-PC)
Description: 1084ShellHWDetectionNení k dispozici{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/24/2015 09:37:52 PM) (Source: DCOM) (EventID: 10005) (User: ROMCA-PC)
Description: 1084ShellHWDetectionNení k dispozici{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/24/2015 09:37:47 PM) (Source: DCOM) (EventID: 10005) (User: ROMCA-PC)
Description: 1084ShellHWDetectionNení k dispozici{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/24/2015 09:37:44 PM) (Source: DCOM) (EventID: 10005) (User: ROMCA-PC)
Description: 1068netprofmNení k dispozici{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (05/24/2015 09:37:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (05/24/2015 09:37:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Sledování umístění v síti (NLA) závisí na službě Klient DHCP, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (05/24/2015 09:37:44 PM) (Source: DCOM) (EventID: 10005) (User: ROMCA-PC)
Description: 1068netprofmNení k dispozici{A47979D2-C419-11D9-A5B4-001185AD2B89}


Microsoft Office:
=========================

CodeIntegrity Errors:
===================================
Date: 2015-05-24 13:42:15.773
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-05-24 08:03:41.573
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-05-23 18:23:22.939
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-05-18 15:51:22.557
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-05-16 09:37:27.888
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 23%
Total physical RAM: 3909.28 MB
Available physical RAM: 2984.39 MB
Total Pagefile: 7877.28 MB
Available Pagefile: 6729.37 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:678.75 GB) (Free:638.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: C0C66E1F)

Partition: GPT Partition Type.

==================== End of log ============================

[tomik.pb]

Žádná chyba, já už bych se na to dávno vy.... Díky

[jerabina]

Ahoj, jestli ti nevadí, že tam máš bitcoin minera tak OK ...
Každopádně já bych to dočistil.

Až budu doma, tak ti sem vložím fixlist a potom to můžeme klidně uzavřít.

[tomik.pb]

Jestli to tam nemá co dělat, tak to tam nechci. Tohle už fakt není moje parketa, takže si rád nechám poradit a udělám, co řekneš. Díky. Už teď šlape ale mnohem lépe. Díky.

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [mncoftomSrv] C:\WINDOWS\system32\mncoftom.vbe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\uTorrent\utorrent.exe"


Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

HKLM-x32\...\Run: [mncoftomSrv] => C:\WINDOWS\SysWOW64\mncoftom.vbe [7670 2014-03-05] ()
HKU\S-1-5-21-1560035657-911311260-1851593216-1003\...\Run: [uTorrent] => C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\uTorrent\utorrent.exe [416168 2015-02-22] (BitTorrent, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1560035657-911311260-1851593216-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
2015-05-24 07:22 - 2015-05-24 21:39 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-24 07:22 - 2015-05-24 07:27 - 00003950 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-24 07:22 - 2015-05-24 07:27 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
Task: {DF1A5A09-9B98-4BB9-8DFE-DA38016CB7CB} - \Optimize Start Menu Cache Files-S-1-5-21-1560035657-911311260-1851593216-500 No Task File <==== ATTENTION
Task: {E152FDA8-905E-48B4-A057-E248C10FFCC4} - \Optimize Start Menu Cache Files-S-1-5-21-1560035657-911311260-1851593216-1002 No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\koryt_000.ROMCA-PC\AppData\Local\Temp.dat
C:\WINDOWS\SysWOW64\mncoftom.vbe
C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\appdataFr25.bin
C:\Users\Romana S\AppData\Roaming\appdataFr25.bin
C:\ProgramData\Sun
C:\ProgramData\Norton
C:\Users\Romana S\AppData\Local\Temp
C:\Users\KORYT_~1.ROM\AppData\Local\Temp

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\WINDOWS\system32\drivers\icfsegiu.sys
C:\WINDOWS\SysWOW64\libcurl-4.dll
C:\WINDOWS\SysWOW64\libidn-11.dll
C:\WINDOWS\SysWOW64\librtmp.dll
C:\WINDOWS\SysWOW64\diablo130302.cl
C:\WINDOWS\SysWOW64\poclbm130302.cl
C:\WINDOWS\SysWOW64\diakgcn121016.cl
C:\WINDOWS\SysWOW64\scrypt130511.cl
C:\WINDOWS\SysWOW64\phatk121016.cl
C:\WINDOWS\SysWOW64\pthreadGC2.dll
C:\WINDOWS\SysWOW64\zlib1.dll
C:\WINDOWS\SysWOW64\cudart32_50_35.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

[tomik.pb]

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015 01
Ran by koryt_000 at 2015-05-25 16:23:43 Run:1
Running from C:\Users\koryt_000.ROMCA-PC\Desktop
Loaded Profiles: Romana S & koryt_000 (Available Profiles: Romana S & koryt_000)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [mncoftomSrv] => C:\WINDOWS\SysWOW64\mncoftom.vbe [7670 2014-03-05] ()
HKU\S-1-5-21-1560035657-911311260-1851593216-1003\...\Run: [uTorrent] => C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\uTorrent\utorrent.exe [416168 2015-02-22] (BitTorrent, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1560035657-911311260-1851593216-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
2015-05-24 07:22 - 2015-05-24 21:39 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-24 07:22 - 2015-05-24 07:27 - 00003950 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-24 07:22 - 2015-05-24 07:27 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
Task: {DF1A5A09-9B98-4BB9-8DFE-DA38016CB7CB} - \Optimize Start Menu Cache Files-S-1-5-21-1560035657-911311260-1851593216-500 No Task File <==== ATTENTION
Task: {E152FDA8-905E-48B4-A057-E248C10FFCC4} - \Optimize Start Menu Cache Files-S-1-5-21-1560035657-911311260-1851593216-1002 No Task File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Users\koryt_000.ROMCA-PC\AppData\Local\Temp.dat
C:\WINDOWS\SysWOW64\mncoftom.vbe
C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\appdataFr25.bin
C:\Users\Romana S\AppData\Roaming\appdataFr25.bin
C:\ProgramData\Sun
C:\ProgramData\Norton
C:\Users\Romana S\AppData\Local\Temp
C:\Users\KORYT_~1.ROM\AppData\Local\Temp
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mncoftomSrv => value not found.
HKU\S-1-5-21-1560035657-911311260-1851593216-1003\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value not found.
"HKLM\SOFTWARE\Policies\Google" => key Removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
"HKU\S-1-5-21-1560035657-911311260-1851593216-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key Removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
c2cautoupdatesvc => Unable to stop service.
c2cautoupdatesvc => Service Removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF1A5A09-9B98-4BB9-8DFE-DA38016CB7CB}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF1A5A09-9B98-4BB9-8DFE-DA38016CB7CB}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-1560035657-911311260-1851593216-500" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E152FDA8-905E-48B4-A057-E248C10FFCC4}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E152FDA8-905E-48B4-A057-E248C10FFCC4}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-1560035657-911311260-1851593216-1002" => key Removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\Users\koryt_000.ROMCA-PC\AppData\Local\Temp.dat => Moved successfully.
C:\WINDOWS\SysWOW64\mncoftom.vbe => Moved successfully.
C:\Users\koryt_000.ROMCA-PC\AppData\Roaming\appdataFr25.bin => Moved successfully.
C:\Users\Romana S\AppData\Roaming\appdataFr25.bin => Moved successfully.
C:\ProgramData\Sun => Moved successfully.
C:\ProgramData\Norton => Moved successfully.

"C:\Users\Romana S\AppData\Local\Temp" folder move:

Could not move "C:\Users\Romana S\AppData\Local\Temp" folder => Scheduled to move on reboot.


"C:\Users\KORYT_~1.ROM\AppData\Local\Temp" folder move:

Could not move "C:\Users\KORYT_~1.ROM\AppData\Local\Temp" folder => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-05-25 16:26:30)<=

C:\Users\Romana S\AppData\Local\Temp => Is moved successfully
C:\Users\KORYT_~1.ROM\AppData\Local\Temp => Moved successfully

==== End of Fixlog 16:26:31 ====

[tomik.pb]

Jsou tam 2 soubory. Jeden víckrát na DrWeb a druhý je ta poslední červená.
První soubor jsem nikde v počítači nenašel.
2,
https://www.virustotal.com/cs/file/a899 ... 432564367/
Všechny zelené
3,
https://www.virustotal.com/cs/file/49e4 ... 432564552/
Všechny zelené
4,
https://www.virustotal.com/cs/file/b3f7 ... 432564726/
Všechny zelené
5,
https://www.virustotal.com/cs/file/0b01 ... 432564823/
Jedna červená!!!!!!
6,
https://www.virustotal.com/cs/file/96de ... 432564927/
Jedna červená
7,
https://www.virustotal.com/cs/file/d1bc ... 432565072/
Jedna červená
8,
https://www.virustotal.com/cs/file/9855 ... 432565195/
Jedna červená
9,
https://www.virustotal.com/cs/file/cae9 ... 432565323/
Jedna červená
10,
https://www.virustotal.com/cs/file/3b15 ... 432565427/
Vše zelené
11,
https://www.virustotal.com/cs/file/57fd ... 432565541/
Jedna červená
12,
https://www.virustotal.com/cs/file/c547 ... 432565670/
Všechny zelené

[jaro3]

Ty soubory budou asi OK.

Stáhni si z některého odkazu SystemLook
SystemLook (32-bit)
http://jpshortstuff.247fixes.com/SystemLook.exe

SystemLook (64-bit)
http://jpshortstuff.247fixes.com/SystemLook_x64.exe

a ulož si ho na plochu.

Poklepej na stažený SystemLook , zkopíruj do hlavního text. okna tento následující text:

Kód: Vybrat vše

:filefind
icfsegiu.*
icfsegiu.sys.*


Klikni na Look ke startu skenu. Když program skončí objeví se v poznámkovém bloku zpráva skenu. Zkopíruj sem celý jeho obsah. Log se také nachází na ploše pod názvem SystemLook.txt.

[tomik.pb]

SystemLook 30.07.11 by jpshortstuff
Log created at 19:46 on 25/05/2015 by koryt_000
Administrator - Elevation successful

========== filefind ==========

Searching for "icfsegiu.*"
No files found.

Searching for "icfsegiu.sys.*"
No files found.

-= EOF =-

[jaro3]

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Co problémy?

[tomik.pb]

Problémy nejsou prakticky žádné. PC šlape v pohodě a rychle.

# DelFix v1.010 - Logfile created 25/05/2015 at 20:16:48
# Updated 26/04/2015 by Xplode
# Username : koryt_000 - ROMCA-PC
# Operating System : Windows 8.1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\zoek-results.log
Deleted : C:\Users\koryt_000.ROMCA-PC\Downloads\ComboFix.exe
Deleted : C:\Users\koryt_000.ROMCA-PC\Downloads\FRST64.exe
Deleted : C:\Users\koryt_000.ROMCA-PC\Downloads\HijackThis.exe
Deleted : C:\Users\koryt_000.ROMCA-PC\Downloads\SystemLook_x64.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner

########## - EOF - ##########