Prosím o kontrolu logu :)

[xixao25]

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Vraśa on 27.04.2017 at 20:36:37,94.
Microsoft Windows 10 Home 10.0.15063 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\VRAA~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27.04.2017 20:47:49 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\CashflowDemo deleted successfully
C:\PROGRA~2\Phuvelepatuther deleted successfully
C:\PROGRA~2\Phuvelepatuther_ deleted successfully
C:\PROGRA~2\VideoLAN deleted successfully
C:\PROGRA~2\{1F7897CA-0656-4DA7-BBCD-D1E74FF4B66B} deleted successfully
C:\Program Files\CyberGhost 6 deleted successfully
C:\Program Files\RapidMiner deleted successfully
C:\Users\VRAA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Xiaomi deleted successfully
C:\PROGRA~3\Aventail deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\MSSQL$SQLEXPRESS\AppData\LocalLow deleted successfully
C:\Users\VRAA~1\AppData\Local\ActiveSync deleted successfully
C:\Users\VRAA~1\AppData\Local\ConnectedDevicesPlatform deleted successfully
C:\Users\VRAA~1\AppData\Local\DBG deleted successfully
C:\Users\VRAA~1\AppData\Local\NetworkTiles deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\CashflowDemo not found
C:\PROGRA~2\Phuvelepatuther not found
C:\PROGRA~2\Phuvelepatuther_ not found
C:\PROGRA~2\VideoLAN not found
C:\PROGRA~2\{1F7897CA-0656-4DA7-BBCD-D1E74FF4B66B} not found
C:\Users\VRAA~1\.android deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
"C:\PROGRA~3\Package Cache" deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]

LINE - VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\menkifleemblimdogmoihpfopnplikde
AdblockPro - VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch
Chrome Media Router - VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_shoppingcart.aliexpress.com_0.localstorage deleted successfully
C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_shoppingcart.aliexpress.com_0.localstorage-journal deleted successfully
C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d3mwhxgzltpnyp.cloudfront.net_0.localstorage deleted successfully
C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d3mwhxgzltpnyp.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.davebestdeals.com_0.localstorage deleted successfully
C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully
C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\VRAA~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\VRAA~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1262 folders=2050 5560362749 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\VRAA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
"C:\Users\VRAA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.davebestdeals.com_0.localstorage" not deleted

==== EOF on 27.04.2017 at 23:18:44,77 ======================

[Reklama]

[xixao25]

Zemana AntiMalware 2.72.2.388 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.4.28
Operating System : Windows 10 64-bit
Processor : 4X Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
BIOS Mode : UEFI
CUID : 12AD12E49720E552A56111
Scan Type : Skenování systému
Duration : 47m 36s
Scanned Objects : 227848
Detected Objects : 3
Excluded Objects : 0
Read Level : Normal
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Edge Homepage
Status : Skenováno
Object : http://www.ourluckysites.com/?type=hp&t ... J9HC503642
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Podezřelé nastavení prohlížeče
Cleaning Action : Opravit
Related Objects :
Nastavení prohlížeče - Edge Homepage

mio.exe
Status : Skenováno
Object : NE->c:\program files (x86)\mio\mio.exe
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/ELEX.O!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)

{6a2bef4d-0730-46b9-beec-27320b00ed68}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{6a2bef4d-0730-46b9-beec-27320b00ed68}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)


Cleaning Result
-------------------------------------------------------
Cleaned : 3
Reported as safe : 0
Failed : 0

[xixao25]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:51:42, on 28.04.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Users\Vraťa\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
C:\Users\Vraťa\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft Web Test Recorder 14.0 Helper - {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} - C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [SafeQClient] C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
O4 - HKLM\..\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Vraťa\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Vraťa\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Aventail VPN Connection.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://files.creative.com/Web/softwareu ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://files.creative.com/Web/softwareu ... /CTPID.cab
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apache2.4 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 12594 bytes

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

Co problémy?

[xixao25]

Pár problémů: Chrome se po otevření nemohl synchronizovat můj účet, pod kterým jsem v něm přihlášen, musel jsem se 2x přihlašovat. Včera po skončení všech scanu, jsem zapnul znovu Windows Defender a ten mi nalezl 2 hrozby - 2 nějaké trojany. Jinak vše funguje tak jak má :). Děkuji za Vaše rady a návodu pro vyčištění mého pc.

[jaro3]

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[xixao25]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-04-2017
Ran by Vraťa (administrator) on DESKTOP-7OACK7P (28-04-2017 20:11:38)
Running from C:\Users\Vraťa\Desktop
Loaded Profiles: Vraťa & MSSQL$SQLEXPRESS (Available Profiles: Vraťa & MSSQL$SQLEXPRESS)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Spotify Ltd) C:\Users\Vraťa\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Vraťa\AppData\Roaming\Spotify\Spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe
(Spotify Ltd) C:\Users\Vraťa\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Vraťa\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Vraťa\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5552\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Blizzard App\Battle.net.8657\Battle.net.exe
() C:\Program Files (x86)\Blizzard App\Battle.net.8657\Battle.net Helper.exe
() C:\Program Files (x86)\Blizzard App\Battle.net.8657\Battle.net Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8119.42377.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8119.42377.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [Creative SB Monitoring Utility] => RunDll32 sbavmon.dll,SBAVMonitor
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [SafeQClient] => C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [493568 2015-12-10] (VŠB-TU Ostrava)
HKLM-x32\...\Run: [Module Loader] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [57344 2007-07-23] (Creative Technology Ltd.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd)
HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\Run: [Spotify Web Helper] => C:\Users\Vraťa\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-20] (Spotify Ltd)
HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\Run: [Spotify] => C:\Users\Vraťa\AppData\Roaming\Spotify\Spotify.exe [7064176 2017-04-20] (Spotify Ltd)
HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\MountPoints2: {16e012fb-29e1-11e7-b903-dc0ea1f75a5b} - "H:\Setup.exe"
HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\MountPoints2: {16e01351-29e1-11e7-b903-dc0ea1f75a5b} - "F:\InsertOtherCD.exe"
HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\MountPoints2: {16e01357-29e1-11e7-b903-dc0ea1f75a5b} - "G:\Setup.exe"
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aventail VPN Connection.lnk [2016-08-22]
ShortcutTarget: Aventail VPN Connection.lnk -> (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 158.196.0.53 158.196.99.166
Tcpip\..\Interfaces\{ba5224aa-5f88-434f-bbd1-2b4aaab3d482}: [DhcpNameServer] 158.196.0.53 158.196.99.166
Tcpip\..\Interfaces\{f27bc881-1f64-4ab5-a56b-02e22a2e1c9f}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-3962596098-4286487324-2245620134-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-04-26] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-04-26] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-04-26] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-07] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-26] (Microsoft Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareu ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareu ... /CTPID.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-26] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3962596098-4286487324-2245620134-1001 -> hxxp://www.google.com

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-04-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-04-26] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-04-26] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default [2017-04-28]
CHR Extension: (Překladač Google) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-07-04]
CHR Extension: (Prezentace Google) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-07]
CHR Extension: (Dokumenty Google) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-07]
CHR Extension: (Disk Google) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-07]
CHR Extension: (YouTube) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-07]
CHR Extension: (Adblock Plus) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]
CHR Extension: (Adobe Acrobat) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Tabulky Google) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-08]
CHR Extension: (AdBlock) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13]
CHR Extension: (LINE) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\menkifleemblimdogmoihpfopnplikde [2017-01-18]
CHR Extension: (Office Online) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2016-10-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Adblock Pro) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-06-07]
CHR Extension: (Gmail) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-07]
CHR Extension: (Chrome Media Router) - C:\Users\Vraťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22528 2015-10-13] (Apache Software Foundation) [File not signed]
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2017-04-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971776 2017-04-13] (Microsoft Corporation)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2015-02-05] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [199360 2016-09-23] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-04-20] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [452152 2017-04-20] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [454848 2016-09-23] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7184144 2016-07-06] (TeamViewer GmbH)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1295360 2017-03-18] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-04-26] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-04-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-22] ()
S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504 2017-03-18] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448 2017-03-18] (Intel Corporation)
R3 ksaud; C:\WINDOWS\system32\drivers\ksaud.sys [1591296 2016-08-22] (Creative Technology Ltd.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-04-27] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-04-28] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-04-28] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-04-28] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-04-28] (Malwarebytes)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew00.sys [3341824 2017-03-18] (Intel Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2015-08-21] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_9cf4218401aa29c5\nvlddmkm.sys [14847088 2017-04-21] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-04-20] (NVIDIA Corporation)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [242688 2016-03-24] (QUALCOMM Incorporated)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [220672 2017-03-18] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-04-27] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-04-27] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-04-27] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-28 20:11 - 2017-04-28 20:13 - 00024574 _____ C:\Users\Vraťa\Desktop\FRST.txt
2017-04-28 20:11 - 2017-04-28 20:11 - 00000000 ____D C:\FRST
2017-04-28 20:09 - 2017-04-28 20:09 - 02427392 _____ (Farbar) C:\Users\Vraťa\Desktop\FRST64.exe
2017-04-28 11:12 - 2017-04-28 11:12 - 00000000 ____D C:\Users\Vraťa\Downloads\backups
2017-04-27 23:31 - 2017-04-28 20:13 - 00182812 _____ C:\WINDOWS\ZAM.krnl.trace
2017-04-27 23:31 - 2017-04-28 20:13 - 00154997 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-04-27 23:31 - 2017-04-27 23:31 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-04-27 23:31 - 2017-04-27 23:31 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-04-27 23:31 - 2017-04-27 23:31 - 00001221 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-04-27 23:31 - 2017-04-27 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-04-27 23:31 - 2017-04-27 23:31 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-04-27 23:30 - 2017-04-27 23:30 - 00000000 ____D C:\Users\Vraťa\AppData\Local\Zemana
2017-04-27 23:17 - 2017-04-27 23:17 - 00000000 ____D C:\Users\Vraťa\AppData\Local\ConnectedDevicesPlatform
2017-04-27 21:32 - 2017-04-27 20:36 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2017-04-27 20:36 - 2017-04-27 21:24 - 00000000 ____D C:\zoek_backup
2017-04-27 19:31 - 2017-04-27 19:31 - 01309184 _____ C:\Users\Vraťa\Desktop\zoek.exe
2017-04-27 17:34 - 2017-04-27 19:35 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-04-27 17:34 - 2017-04-27 19:32 - 00000000 ____D C:\ProgramData\RogueKiller
2017-04-27 17:32 - 2017-04-27 17:32 - 00004613 _____ C:\Users\Vraťa\Desktop\domaci_ukoly
2017-04-27 12:43 - 2017-04-27 12:43 - 00000000 ____D C:\ProgramData\Sophos
2017-04-27 12:42 - 2017-04-27 12:42 - 00002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2017-04-27 12:42 - 2017-04-27 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2017-04-27 12:42 - 2017-04-27 12:42 - 00000000 ____D C:\Program Files (x86)\Sophos
2017-04-27 12:00 - 2017-04-27 12:00 - 26296392 _____ C:\Users\Vraťa\Desktop\RogueKillerX64.exe
2017-04-27 11:58 - 2017-04-27 11:59 - 166064976 _____ (Sophos Limited) C:\Users\Vraťa\Downloads\Sophos Virus Removal Tool.exe
2017-04-27 11:11 - 2017-04-28 18:24 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-27 11:11 - 2017-04-28 11:15 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-27 11:11 - 2017-04-28 11:15 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-04-27 11:11 - 2017-04-28 11:15 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-04-27 11:11 - 2017-04-27 11:11 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-27 11:10 - 2017-04-27 11:10 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-27 11:10 - 2017-04-27 11:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-27 11:10 - 2017-04-27 11:10 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-27 11:10 - 2017-03-22 11:02 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-04-27 11:09 - 2017-04-27 11:09 - 04102600 _____ C:\Users\Vraťa\Downloads\adwcleaner_6.046.exe
2017-04-27 11:08 - 2017-04-27 12:04 - 00000000 ____D C:\AdwCleaner
2017-04-27 11:02 - 2017-04-27 11:02 - 00448512 _____ (OldTimer Tools) C:\Users\Vraťa\Downloads\TFC.exe
2017-04-27 11:01 - 2017-04-27 11:01 - 60107896 _____ (Malwarebytes ) C:\Users\Vraťa\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-04-27 10:53 - 2017-04-27 10:53 - 00029977 _____ C:\ProgramData\agent.update.1493283181.bdinstall.bin
2017-04-27 10:40 - 2017-04-27 10:40 - 00001196 _____ C:\Users\Vraťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2017-04-27 10:40 - 2017-04-27 10:40 - 00000000 ____D C:\Users\Vraťa\AppData\Local\Bitdefender Antivirus Free
2017-04-27 10:37 - 2017-04-27 10:37 - 00000000 ____D C:\ProgramData\Bitdefender
2017-04-27 10:31 - 2017-04-27 10:31 - 00000000 ____D C:\Users\Vraťa\AppData\Roaming\QuickScan
2017-04-27 10:30 - 2017-04-27 10:30 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-04-27 10:28 - 2017-04-28 19:19 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-04-27 10:28 - 2017-04-27 10:28 - 00047363 _____ C:\ProgramData\agent.1493281722.bdinstall.bin
2017-04-27 10:28 - 2017-04-27 10:28 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2017-04-26 21:29 - 2017-04-26 21:29 - 00000000 ____D C:\WINDOWS\psgo
2017-04-26 21:27 - 2017-04-26 21:27 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2017-04-26 21:27 - 2017-04-26 21:27 - 00000000 ____D C:\Insist
2017-04-26 20:37 - 1999-11-10 11:05 - 00086016 _____ (MindVision) C:\WINDOWS\unvise32qt.exe
2017-04-26 20:35 - 2017-04-26 20:37 - 00054156 ____H C:\WINDOWS\QTFont.qfn
2017-04-26 20:35 - 2017-04-26 20:37 - 00001409 _____ C:\WINDOWS\QTFont.for
2017-04-26 20:34 - 2017-04-26 20:37 - 00000000 ____D C:\ProgramData\QuickTime
2017-04-26 20:28 - 2017-04-26 20:28 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2017-04-26 20:25 - 2017-04-26 20:30 - 00000000 ____D C:\Users\Vraťa\AppData\Roaming\DAEMON Tools Lite
2017-04-26 20:25 - 2017-04-26 20:25 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2017-04-26 20:25 - 2017-04-26 20:25 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2017-04-26 20:24 - 2017-04-26 20:24 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-04-26 20:22 - 2017-04-26 20:22 - 00692072 _____ (Disc Soft Ltd.) C:\Users\Vraťa\Downloads\DTLiteInstaller.exe
2017-04-26 15:28 - 2017-04-26 15:28 - 00024576 _____ C:\Users\Vraťa\Desktop\Vysledky_ctvrtek.xls
2017-04-26 15:19 - 2017-04-26 15:24 - 1038090240 _____ C:\Users\Vraťa\Downloads\Cashflow101and202.part1.rar
2017-04-26 15:18 - 2017-04-26 15:21 - 449349110 _____ C:\Users\Vraťa\Downloads\Cashflow101and202.part2.rar
2017-04-26 15:07 - 2017-04-26 15:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Vraťa\Downloads\HijackThis.exe
2017-04-26 08:49 - 2017-04-26 08:49 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-04-25 17:51 - 2017-04-27 10:07 - 00000000 ____D C:\Program Files (x86)\CASHFLOW 202
2017-04-25 17:03 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-04-25 17:03 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-04-25 17:03 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-04-25 17:03 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-04-25 16:58 - 2017-04-21 02:31 - 00047032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2017-04-25 16:58 - 2017-04-20 03:59 - 40201152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 35354232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 35280320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 28590712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 11111392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 11056272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 10635008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 09316648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 09014976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 08876456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 03789248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 03246200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438189.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 01589880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438189.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 01278712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 01054144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 00990328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 00960632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 00911296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 00776048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 00612088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 00609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-04-25 16:58 - 2017-04-20 03:59 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-04-25 16:48 - 2017-04-25 17:01 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-04-25 16:47 - 2017-03-28 05:32 - 00153536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-04-25 16:47 - 2017-03-28 05:32 - 00127424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-04-20 14:21 - 2017-04-20 14:21 - 00000000 ____D C:\Users\Vraťa\Downloads\wifi router
2017-04-20 07:52 - 2017-04-20 07:52 - 03932160 _____ C:\Users\Vraťa\Downloads\openwrt-ar71xx-generic-tl-wr841n-v8-squashfs-factory.bin
2017-04-20 07:33 - 2017-04-20 07:33 - 00000000 ____D C:\Users\Vraťa\AppData\Roaming\Google
2017-04-19 15:00 - 2017-04-19 15:00 - 00000000 ____D C:\Program Files (x86)\ClockworkMod
2017-04-19 14:53 - 2017-04-19 14:53 - 15912494 _____ C:\Users\Vraťa\Downloads\UniversalAdbDriver (1).zip
2017-04-19 14:24 - 2017-04-19 14:24 - 08682859 _____ C:\Users\Vraťa\Downloads\latest_usb_driver_windows (1).zip
2017-04-19 14:24 - 2014-09-17 13:48 - 00000000 ____D C:\Users\Vraťa\Downloads\usb_driver
2017-04-19 14:22 - 2017-04-19 14:22 - 00000000 ____D C:\adb
2017-04-19 14:21 - 2017-04-19 14:21 - 09324267 _____ C:\Users\Vraťa\Downloads\adb-setup-1.4.3.zip
2017-04-19 14:16 - 2014-09-17 13:48 - 00000000 ____D C:\Users\Vraťa\Downloads\usb_driver_1
2017-04-19 14:16 - 2014-09-15 13:08 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2017-04-19 14:16 - 2014-09-15 13:08 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2017-04-19 14:13 - 2017-04-19 14:13 - 08682859 _____ C:\Users\Vraťa\Downloads\latest_usb_driver_windows.zip
2017-04-18 14:07 - 2017-04-18 14:08 - 00000571 _____ C:\Users\Vraťa\Downloads\DeviceDiagnostic.diagcab
2017-04-15 07:31 - 2017-04-15 07:31 - 00000000 ____D C:\Users\Vraťa\Downloads\Nová složka
2017-04-15 07:28 - 2017-04-15 07:28 - 15912494 _____ C:\Users\Vraťa\Downloads\UniversalAdbDriver.zip
2017-04-14 23:46 - 2017-04-22 03:56 - 00000000 ____D C:\Users\Vraťa\Downloads\knížky a DVD
2017-04-14 19:18 - 2017-04-14 19:18 - 00000321 _____ C:\Users\Vraťa\Documents\účet.txt
2017-04-14 19:10 - 2017-04-14 19:10 - 00003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-14 19:05 - 2017-04-14 19:05 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-04-14 18:57 - 2017-04-14 18:57 - 00000020 ___SH C:\Users\Vraťa\ntuser.ini
2017-04-14 18:53 - 2017-04-14 18:54 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-04-14 18:53 - 2017-04-14 18:54 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-04-14 18:47 - 2017-04-28 17:30 - 00004212 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{66326201-DBFE-4EB3-9A77-2B8C3C02A4D6}
2017-04-14 18:47 - 2017-04-28 11:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-14 18:47 - 2017-04-25 16:48 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-14 18:47 - 2017-04-25 16:48 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-14 18:47 - 2017-04-25 16:48 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-14 18:47 - 2017-04-25 16:48 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-14 18:47 - 2017-04-25 16:48 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-14 18:47 - 2017-04-25 16:48 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-14 18:47 - 2017-04-25 16:48 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-04-14 18:47 - 2017-04-14 18:47 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-14 18:47 - 2017-04-14 18:47 - 00003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-14 18:47 - 2017-04-14 18:47 - 00003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-14 18:47 - 2017-04-14 18:47 - 00002276 _____ C:\WINDOWS\System32\Tasks\{7378A38C-618C-4034-B398-5A802F9EBA87}
2017-04-14 18:39 - 2017-04-14 18:39 - 00000020 ___SH C:\Users\MSSQL$SQLEXPRESS\ntuser.ini
2017-04-14 18:37 - 2017-04-27 09:25 - 00000000 ____D C:\Windows.old
2017-04-14 18:37 - 2017-04-14 18:37 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 23675392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 19334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 11869696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 08319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-14 18:37 - 2017-04-14 18:37 - 08247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 06756920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-14 18:37 - 2017-04-14 18:37 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-14 18:37 - 2017-04-14 18:37 - 02444184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-14 18:37 - 2017-04-14 18:37 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 01411640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 01323880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-14 18:37 - 2017-04-14 18:37 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-14 18:37 - 2017-04-14 18:37 - 00986592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-14 18:37 - 2017-04-14 18:37 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-14 18:37 - 2017-04-14 18:37 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-04-14 18:37 - 2017-04-14 18:37 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-04-14 18:37 - 2017-04-14 18:37 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-14 18:37 - 2017-04-14 18:37 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00205728 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-14 18:37 - 2017-04-14 18:37 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-14 18:37 - 2017-04-14 18:37 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-04-14 18:35 - 2017-03-17 23:48 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxToolsReportGenerator.dll
2017-04-14 18:35 - 2017-03-17 23:08 - 17777152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCaptureReplay.dll
2017-04-14 18:35 - 2017-03-17 23:05 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxToolsReportGenerator.dll
2017-04-14 18:35 - 2017-03-17 23:02 - 00393216 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe
2017-04-14 18:35 - 2017-03-17 22:59 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsProxyStub.dll
2017-04-14 18:35 - 2017-03-17 22:59 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll
2017-04-14 18:35 - 2017-03-17 22:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll
2017-04-14 18:35 - 2017-03-17 22:53 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXGIDebug.dll
2017-04-14 18:35 - 2017-03-17 22:52 - 04897280 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe
2017-04-14 18:35 - 2017-03-17 22:51 - 05776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-04-14 18:35 - 2017-03-17 22:49 - 01309184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11_3SDKLayers.dll
2017-04-14 18:35 - 2017-03-17 22:49 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1debug3.dll
2017-04-14 18:35 - 2017-03-17 22:48 - 13785600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCaptureReplay.dll
2017-04-14 18:35 - 2017-03-17 22:47 - 06806016 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll
2017-04-14 18:35 - 2017-03-17 22:46 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
2017-04-14 18:35 - 2017-03-17 22:46 - 00370176 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe

[xixao25]

2017-04-14 18:35 - 2017-03-17 22:44 - 01977344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll
2017-04-14 18:35 - 2017-03-17 22:44 - 01174528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCap.exe
2017-04-14 18:35 - 2017-03-17 22:44 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsExperiment.dll
2017-04-14 18:35 - 2017-03-17 22:44 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsCapture.dll
2017-04-14 18:35 - 2017-03-17 22:43 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsMonitor.dll
2017-04-14 18:35 - 2017-03-17 22:43 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsReporting.dll
2017-04-14 18:35 - 2017-03-17 22:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll
2017-04-14 18:35 - 2017-03-17 22:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsProxyStub.dll
2017-04-14 18:35 - 2017-03-17 22:41 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll
2017-04-14 18:35 - 2017-03-17 22:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXGIDebug.dll
2017-04-14 18:35 - 2017-03-17 22:38 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf_gputiming.dll
2017-04-14 18:35 - 2017-03-17 22:36 - 04544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-04-14 18:35 - 2017-03-17 22:35 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11_3SDKLayers.dll
2017-04-14 18:35 - 2017-03-17 22:35 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1debug3.dll
2017-04-14 18:35 - 2017-03-17 22:33 - 05141504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll
2017-04-14 18:35 - 2017-03-17 22:33 - 03648000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsRemoteEngine.exe
2017-04-14 18:35 - 2017-03-17 22:32 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll
2017-04-14 18:35 - 2017-03-17 22:30 - 01480704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsOfflineAnalysis.dll
2017-04-14 18:35 - 2017-03-17 22:30 - 00926208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCap.exe
2017-04-14 18:35 - 2017-03-17 22:30 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsExperiment.dll
2017-04-14 18:35 - 2017-03-17 22:30 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsCapture.dll
2017-04-14 18:35 - 2017-03-17 22:29 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsMonitor.dll
2017-04-14 18:35 - 2017-03-17 22:29 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsReporting.dll
2017-04-14 18:35 - 2017-03-17 22:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf_gputiming.dll
2017-04-14 18:34 - 2017-04-14 18:34 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-04-14 18:34 - 2017-04-14 18:34 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-04-14 18:34 - 2017-04-14 18:34 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-04-14 18:34 - 2017-03-17 23:00 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-04-14 18:34 - 2017-03-17 22:59 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-04-14 18:34 - 2017-03-17 22:48 - 06348288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-04-14 18:34 - 2017-03-17 22:43 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-04-14 18:34 - 2017-03-17 22:35 - 05484544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-04-14 18:33 - 2017-04-14 18:33 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-04-14 18:33 - 2017-04-14 17:42 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-04-14 18:28 - 2017-04-14 18:37 - 00000000 ____D C:\Program Files\MSBuild
2017-04-14 18:28 - 2017-04-14 18:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IIS
2017-04-14 18:28 - 2017-04-14 18:28 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-04-14 18:28 - 2017-04-14 18:28 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-04-14 18:28 - 2017-04-14 18:28 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-04-14 18:28 - 2017-04-14 18:28 - 00000000 ____D C:\Program Files\Windows Identity Foundation
2017-04-14 18:28 - 2017-04-14 18:28 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-04-14 18:28 - 2017-04-14 18:28 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-04-14 18:28 - 2017-04-14 18:28 - 00000000 ____D C:\inetpub
2017-04-14 18:28 - 2017-04-14 18:08 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-04-14 18:27 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-04-14 18:27 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-04-14 18:27 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-04-14 18:26 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-04-14 18:26 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-04-14 18:26 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-04-14 17:54 - 2017-04-14 17:54 - 00000000 ____D C:\ProgramData\USOShared
2017-04-14 17:53 - 2017-04-14 18:37 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-04-14 17:49 - 2017-04-28 11:53 - 00000000 ____D C:\Users\Vraťa
2017-04-14 17:49 - 2017-04-14 18:43 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\Vraťa\Šablony
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\Vraťa\Soubory cookie
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\Vraťa\Poslední
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\Vraťa\Okolní tiskárny
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\Vraťa\Okolní síť
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\Vraťa\Nabídka Start
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\Vraťa\Dokumenty
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\Vraťa\Documents\Obrázky
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\Vraťa\Documents\Hudba
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\Vraťa\Documents\Filmy
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\Vraťa\Data aplikací
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\Vraťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\Vraťa\AppData\Local\Data aplikací
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\MSSQL$SQLEXPRESS\Šablony
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\MSSQL$SQLEXPRESS\Soubory cookie
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\MSSQL$SQLEXPRESS\Poslední
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\MSSQL$SQLEXPRESS\Okolní tiskárny
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\MSSQL$SQLEXPRESS\Okolní síť
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\MSSQL$SQLEXPRESS\Nabídka Start
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\MSSQL$SQLEXPRESS\Dokumenty
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\MSSQL$SQLEXPRESS\Documents\Obrázky
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\MSSQL$SQLEXPRESS\Documents\Hudba
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\MSSQL$SQLEXPRESS\Documents\Filmy
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\MSSQL$SQLEXPRESS\Data aplikací
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\MSSQL$SQLEXPRESS\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-04-14 17:49 - 2017-04-14 17:49 - 00000000 _SHDL C:\Users\MSSQL$SQLEXPRESS\AppData\Local\Data aplikací
2017-04-14 17:48 - 2017-04-25 18:49 - 02463210 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-14 17:48 - 2017-04-15 06:34 - 00000159 ___RH C:\WINDOWS\ctfile.rfc
2017-04-14 17:48 - 2017-04-14 17:48 - 01893812 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-04-14 17:48 - 2010-07-22 16:46 - 00237056 _____ C:\WINDOWS\system32\APOMgr64.DLL
2017-04-14 17:48 - 2010-07-22 16:45 - 00181760 _____ C:\WINDOWS\SysWOW64\APOMngr.DLL
2017-04-14 17:48 - 2009-12-29 16:52 - 00089088 _____ C:\WINDOWS\system32\CmdRtr64.DLL
2017-04-14 17:48 - 2009-12-29 16:50 - 00073728 _____ C:\WINDOWS\SysWOW64\CmdRtr.DLL
2017-04-14 17:47 - 2017-04-28 12:25 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-14 17:47 - 2017-04-25 16:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-04-14 17:47 - 2017-04-25 16:48 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-04-14 17:47 - 2017-04-25 16:48 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-04-14 17:47 - 2017-04-20 02:45 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-04-14 17:47 - 2017-04-20 02:44 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-04-14 17:47 - 2017-04-20 02:44 - 02479736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-04-14 17:47 - 2017-04-20 02:44 - 01762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-04-14 17:47 - 2017-04-20 02:44 - 00548472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-04-14 17:47 - 2017-04-20 02:44 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-04-14 17:47 - 2017-04-20 02:44 - 00147064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-04-14 17:47 - 2017-04-20 02:44 - 00082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-04-14 17:47 - 2017-04-20 02:44 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-04-14 17:47 - 2017-04-20 00:29 - 07915387 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-04-14 17:47 - 2017-04-14 17:47 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-04-14 17:47 - 2017-04-14 17:47 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-04-14 17:47 - 2017-04-14 17:47 - 00000000 ____D C:\Program Files\Synaptics
2017-04-14 17:46 - 2017-04-20 03:59 - 00513144 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-04-14 17:46 - 2017-04-20 03:59 - 00418752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-04-14 17:46 - 2017-04-14 17:46 - 00000000 ____D C:\Program Files\Intel
2017-04-14 17:46 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-04-14 17:42 - 2017-04-28 17:15 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-14 17:42 - 2017-04-28 11:16 - 00427400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-14 16:03 - 2017-04-14 19:01 - 00000000 ___DC C:\WINDOWS\Panther
2017-04-13 18:44 - 2017-04-13 18:44 - 00000000 ____D C:\Users\Vraťa\AppData\Local\UNP
2017-04-13 15:04 - 2017-04-14 18:37 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-04-13 15:04 - 2017-04-13 15:05 - 00000000 ____D C:\Program Files\UNP
2017-04-13 09:39 - 2017-04-13 09:39 - 00627440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2017-04-13 09:39 - 2017-04-13 09:39 - 00264448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2017-04-13 09:39 - 2017-04-13 09:39 - 00242968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2017-04-13 09:37 - 2017-04-13 09:37 - 00438000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2017-04-13 09:37 - 2017-04-13 09:37 - 00391424 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2017-04-13 09:37 - 2017-04-13 09:37 - 00332560 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2017-04-13 09:37 - 2017-04-13 09:37 - 00087280 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2017-04-13 09:37 - 2017-04-13 09:37 - 00083696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2017-04-12 19:15 - 2017-04-12 19:15 - 00001000 _____ C:\Users\Vraťa\Desktop\rkward - novy.exe.lnk
2017-04-12 19:07 - 2017-04-12 19:07 - 00000000 ____D C:\Users\Vraťa\Downloads\RKWard_2_2017
2017-04-12 19:06 - 2017-04-12 19:06 - 00000863 _____ C:\Users\Vraťa\Desktop\rkward - stary.exe.lnk
2017-04-12 19:05 - 2017-04-12 19:06 - 356533310 _____ C:\Users\Vraťa\Downloads\RKWard_2_2017.zip
2017-04-12 18:51 - 2016-01-05 18:50 - 00000000 ____D C:\Users\Vraťa\Downloads\RKWard2
2017-04-12 18:47 - 2017-04-12 18:50 - 360933722 _____ C:\Users\Vraťa\Downloads\RKWard.zip
2017-04-12 16:47 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-12 16:47 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-10 15:11 - 2017-04-10 15:13 - 00363256 _____ C:\Users\Vraťa\Desktop\dobrozdání .pdf
2017-04-10 11:54 - 2017-04-11 15:00 - 00523498 _____ C:\Users\Vraťa\Desktop\zadost_zmena_semproj.pdf
2017-04-10 11:52 - 2017-04-10 11:53 - 00510253 _____ C:\Users\Vraťa\Desktop\zadost_opakovani_rocniku.pdf
2017-04-10 10:15 - 2017-04-14 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-04-10 10:15 - 2017-04-10 10:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-04-07 20:23 - 2017-04-20 03:59 - 04085712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-04-07 20:23 - 2017-04-20 03:59 - 03602112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-04-07 20:23 - 2017-04-20 03:59 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-04-07 20:23 - 2017-04-20 03:59 - 00043956 _____ C:\WINDOWS\system32\nvinfo.pb
2017-04-07 20:23 - 2017-04-01 05:27 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438165.dll
2017-04-07 20:23 - 2017-04-01 05:27 - 01591352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438165.dll
2017-04-07 20:23 - 2017-04-01 05:27 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-04-07 20:23 - 2017-04-01 05:27 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-04-07 13:39 - 2017-04-07 13:39 - 00000000 ____D C:\Users\Vraťa\AppData\Roaming\.mono
2017-04-07 13:39 - 2017-04-07 13:39 - 00000000 ____D C:\Users\Vraťa\AppData\LocalLow\Blizzard Entertainment
2017-04-07 13:39 - 2017-04-07 13:39 - 00000000 ____D C:\Users\Vraťa\AppData\Local\Blizzard
2017-04-07 13:39 - 2017-04-07 13:39 - 00000000 ____D C:\ProgramData\.mono
2017-04-07 13:38 - 2017-04-14 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2017-04-07 13:38 - 2017-04-07 13:38 - 00000978 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2017-04-07 13:34 - 2017-04-25 11:23 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2017-04-07 13:33 - 2017-04-07 13:33 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2017-04-07 13:31 - 2017-04-28 20:13 - 00000000 ____D C:\Users\Vraťa\AppData\Local\Battle.net
2017-04-07 13:31 - 2017-04-14 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App
2017-04-07 13:31 - 2017-04-07 13:31 - 00000966 _____ C:\Users\Public\Desktop\Blizzard App.lnk
2017-04-07 13:31 - 2017-04-07 13:31 - 00000000 ____D C:\Users\Vraťa\AppData\Local\Blizzard Entertainment
2017-04-07 13:30 - 2017-04-28 11:52 - 00000000 ____D C:\Program Files (x86)\Blizzard App
2017-04-07 13:29 - 2017-04-07 13:33 - 00000000 ____D C:\Users\Vraťa\AppData\Roaming\Battle.net
2017-04-07 13:29 - 2017-04-07 13:29 - 00000000 ____D C:\ProgramData\Battle.net
2017-04-07 13:24 - 2017-04-07 13:29 - 03341296 _____ (Blizzard Entertainment) C:\Users\Vraťa\Downloads\Hearthstone-Setup.exe
2017-04-06 10:50 - 2017-04-06 10:50 - 00005011 _____ C:\Users\Vraťa\Desktop\09_interv_odhad.R.rkward_autosave
2017-04-06 10:09 - 2017-04-06 10:09 - 00005060 _____ C:\Users\Vraťa\Desktop\09_interv_odhad.R
2017-04-05 09:06 - 2017-04-05 09:08 - 00000032 _____ C:\Users\Vraťa\Desktop\startup.bat
2017-04-03 20:17 - 2017-04-03 20:17 - 00017577 _____ C:\Users\Vraťa\Desktop\cviceni_04.sql
2017-04-03 18:12 - 2017-04-03 18:12 - 00005697 _____ C:\Users\Vraťa\Desktop\BI.zip
2017-04-02 08:15 - 2017-04-02 08:15 - 00087904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UNPUXWorker.exe
2017-03-31 22:56 - 2017-03-31 22:56 - 05949291 _____ C:\Users\Vraťa\Desktop\nahled-XXVEK01-r.pdf
2017-03-30 02:18 - 2017-04-27 17:31 - 00007627 _____ C:\Users\Vraťa\Desktop\Nový textový dokument (2).txt
2017-03-29 23:52 - 2017-03-29 23:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2017-03-29 23:38 - 2017-03-29 23:38 - 00000000 ____D C:\Users\Vraťa\Downloads\adbdriver
2017-03-29 23:35 - 2017-03-29 23:36 - 09667561 _____ C:\Users\Vraťa\Downloads\adbdriver.zip
2017-03-29 22:52 - 2017-04-14 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Android Device USB driver
2017-03-29 22:52 - 2017-03-29 22:52 - 09328058 _____ C:\Users\Vraťa\Downloads\IntelAndroidDrvSetup1.10.0.zip
2017-03-29 22:52 - 2017-03-29 22:52 - 00000000 ____D C:\Program Files (x86)\Intel Android Device USB driver
2017-03-29 22:27 - 2017-03-29 22:27 - 00000000 ____D C:\WMSDK
2017-03-29 22:25 - 2017-03-29 22:25 - 06756704 _____ (Microsoft Corporation) C:\Users\Vraťa\Downloads\mtppk12.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-28 19:21 - 2016-06-10 18:32 - 00000000 ____D C:\Users\Vraťa\AppData\Roaming\Skype
2017-04-28 18:22 - 2016-11-25 18:52 - 00000000 ____D C:\Users\Vraťa\AppData\Roaming\Spotify
2017-04-28 11:21 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-04-28 11:19 - 2017-01-05 11:17 - 00001142 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-04-28 11:18 - 2016-11-25 18:57 - 00000000 ____D C:\Users\Vraťa\AppData\Local\Spotify
2017-04-28 11:16 - 2016-06-07 23:58 - 00000000 __SHD C:\Users\Vraťa\IntelGraphicsProfiles
2017-04-28 11:13 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-04-28 10:52 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-28 10:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-28 00:49 - 2016-06-07 23:35 - 00000000 ____D C:\Users\Vraťa\AppData\Local\VirtualStore
2017-04-27 21:23 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-04-27 17:32 - 2017-02-14 19:22 - 00000000 ____D C:\Users\Vraťa\.rkward
2017-04-27 12:03 - 2016-07-22 08:01 - 00001457 _____ C:\Users\Vraťa\Desktop\LINE.lnk
2017-04-27 12:03 - 2016-07-20 16:43 - 00000000 ____D C:\Users\Vraťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2017-04-27 12:03 - 2016-06-07 23:42 - 00001379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-27 11:15 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-04-27 10:26 - 2016-06-07 23:42 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-26 21:47 - 2016-06-23 11:47 - 00000000 ____D C:\Users\Vraťa\AppData\Local\CrashDumps
2017-04-26 20:19 - 2016-06-13 18:17 - 00000000 ____D C:\Users\Vraťa\AppData\Roaming\vlc
2017-04-26 15:36 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-04-26 15:31 - 2016-06-07 23:34 - 00000000 ____D C:\Users\Vraťa\AppData\Local\Packages
2017-04-26 08:50 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-26 08:49 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-26 08:48 - 2016-06-10 18:12 - 00000000 ____D C:\Program Files\Microsoft Office
2017-04-25 18:49 - 2017-03-20 06:43 - 01023548 _____ C:\WINDOWS\system32\perfh005.dat
2017-04-25 18:49 - 2017-03-20 06:43 - 00255686 _____ C:\WINDOWS\system32\perfc005.dat
2017-04-25 17:03 - 2016-07-09 07:48 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-04-25 16:48 - 2016-10-23 06:17 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-04-25 14:36 - 2017-02-27 13:14 - 00015517 _____ C:\Users\Vraťa\Desktop\Docházka 1032.xlsx
2017-04-25 10:55 - 2017-03-17 18:59 - 00002326 _____ C:\Users\Vraťa\Desktop\Nový textový dokument.txt
2017-04-20 17:33 - 2017-03-20 17:50 - 00009606 _____ C:\Users\Vraťa\Desktop\Gorčík_odpracovane_hodiny.xlsx
2017-04-20 03:59 - 2016-12-28 14:24 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-04-19 09:29 - 2016-08-08 20:18 - 00000000 ____D C:\ProgramData\Oracle
2017-04-19 09:29 - 2016-08-08 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-19 09:29 - 2016-08-08 20:18 - 00000000 ____D C:\Program Files\Java
2017-04-19 09:28 - 2016-08-08 20:18 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-04-18 14:17 - 2016-09-24 12:34 - 00000000 ____D C:\Users\Vraťa\AppData\Local\ElevatedDiagnostics
2017-04-15 06:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-04-14 21:06 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-14 19:25 - 2016-06-08 14:29 - 00000000 ____D C:\Users\Vraťa\AppData\Local\Comms
2017-04-14 19:10 - 2016-06-07 23:38 - 00002391 _____ C:\Users\Vraťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-14 19:10 - 2016-06-07 23:38 - 00000000 ___RD C:\Users\Vraťa\OneDrive
2017-04-14 19:01 - 2016-06-11 01:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2017-04-14 19:01 - 2016-06-10 22:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2017-04-14 19:01 - 2016-06-10 22:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2017-04-14 18:58 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-14 18:58 - 2016-06-07 23:57 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-04-14 18:58 - 2016-04-27 08:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-14 18:57 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-04-14 18:56 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-04-14 18:55 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-04-14 18:55 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-04-14 18:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-04-14 18:48 - 2017-03-20 06:46 - 00000000 ____D C:\WINDOWS\HoloShell
2017-04-14 18:47 - 2016-09-18 07:23 - 00023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-04-14 18:46 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-04-14 18:41 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-04-14 18:37 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-04-14 18:37 - 2017-03-16 10:46 - 00000000 ____D C:\Users\Vraťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KDE Release
2017-04-14 18:37 - 2017-02-15 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Power BI Desktop
2017-04-14 18:37 - 2017-01-16 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2017-04-14 18:37 - 2016-11-07 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2017-04-14 18:37 - 2016-11-06 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-04-14 18:37 - 2016-10-23 06:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-04-14 18:37 - 2016-09-27 09:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2017-04-14 18:37 - 2016-08-10 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2017-04-14 18:37 - 2016-08-08 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weka 3.8.0
2017-04-14 18:37 - 2016-06-30 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeQClient
2017-04-14 18:37 - 2016-06-13 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-04-14 18:37 - 2016-06-11 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-14 18:37 - 2016-06-11 01:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2017-04-14 18:37 - 2016-06-11 01:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2017-04-14 18:37 - 2016-06-10 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2017-04-14 18:37 - 2016-06-10 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2017-04-14 18:37 - 2016-06-10 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2014
2017-04-14 18:37 - 2016-06-10 19:08 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2017-04-14 18:37 - 2016-06-10 18:59 - 00000000 ____D C:\WINDOWS\system32\1033
2017-04-14 18:37 - 2016-06-10 18:32 - 00000000 ____D C:\Users\Vraťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-14 18:37 - 2016-06-10 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-14 18:37 - 2016-06-10 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-04-14 18:34 - 2017-03-20 06:45 - 00000000 ____D C:\WINDOWS\OCR
2017-04-14 18:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-04-14 18:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-04-14 18:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-04-14 18:28 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-04-14 18:28 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-04-14 18:28 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-04-14 18:28 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-04-14 18:28 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-04-14 18:28 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-04-14 18:28 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-04-14 18:28 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-04-14 18:28 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-04-14 18:28 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-04-14 18:28 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-04-14 18:28 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-04-14 18:28 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-04-14 18:28 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-04-14 18:10 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-04-14 18:10 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-14 18:10 - 2016-06-07 23:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-14 18:09 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-04-14 18:08 - 2017-02-27 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2017-04-14 18:08 - 2016-06-10 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
2017-04-14 18:08 - 2016-06-10 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2017-04-14 18:08 - 2016-06-10 22:09 - 00000000 ____D C:\Program Files\IIS
2017-04-14 18:08 - 2016-06-10 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2017-04-14 18:08 - 2016-06-10 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2017-04-14 17:54 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-04-14 17:53 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-04-14 17:51 - 2017-01-16 18:05 - 00000000 ____D C:\Users\Vraťa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Creative
2017-04-14 17:48 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-04-14 17:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-04-13 14:49 - 2016-07-17 10:32 - 984825858 _____ C:\WINDOWS\MEMORY.DMP
2017-04-13 11:52 - 2016-06-11 10:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-13 11:52 - 2016-06-11 10:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-04-13 10:23 - 2016-06-07 23:54 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-12 22:35 - 2016-06-16 19:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-10 10:15 - 2016-06-10 18:31 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2017-04-10 10:15 - 2016-06-10 18:17 - 00000000 ____D C:\ProgramData\Skype
2017-04-08 09:02 - 2016-06-08 14:27 - 00532136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-03 20:22 - 2016-06-10 19:24 - 00000000 ____D C:\Users\Vraťa\Documents\SQL Server Management Studio
2017-04-03 18:56 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-03 18:56 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-29 23:20 - 2016-07-05 14:29 - 00000000 ____D C:\Users\Vraťa\AppData\Roaming\Xiaomi

==================== Files in the root of some directories =======

2017-04-27 10:28 - 2017-04-27 10:28 - 0047363 _____ () C:\ProgramData\agent.1493281722.bdinstall.bin
2017-04-27 10:53 - 2017-04-27 10:53 - 0029977 _____ () C:\ProgramData\agent.update.1493283181.bdinstall.bin
2017-01-16 17:51 - 2016-08-22 18:52 - 0001772 _____ () C:\ProgramData\cfSB1095.ini
2017-01-16 17:51 - 2016-08-22 18:52 - 0001772 _____ () C:\ProgramData\cfSB1095A.ini
2016-12-28 14:26 - 2017-01-24 18:28 - 0015106 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-28 14:26 - 2017-01-16 17:56 - 0011774 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Files to move or delete:
====================
C:\Users\Vraťa\.mongorc.js


Some files in TEMP:
====================
2017-04-27 23:28 - 2017-03-18 22:57 - 1930320 _____ (Microsoft Corporation) C:\Users\Vraťa\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-27 09:06

==================== End of FRST.txt ============================

[xixao25]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2017
Ran by Vraťa (28-04-2017 20:15:02)
Running from C:\Users\Vraťa\Desktop
Windows 10 Home Version 1703 (X64) (2017-04-14 16:57:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3962596098-4286487324-2245620134-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3962596098-4286487324-2245620134-503 - Limited - Disabled)
Guest (S-1-5-21-3962596098-4286487324-2245620134-501 - Limited - Disabled)
Vraťa (S-1-5-21-3962596098-4286487324-2245620134-1001 - Administrator - Enabled) => C:\Users\Vraťa

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

%SQL_PRODUCT_SHORT_NAME% Data Tools - BI for Visual Studio 2013 (x32 Version: 12.0.2430.0 - Microsoft Corporation) Hidden
%SQL_PRODUCT_SHORT_NAME% SSIS 64Bit For SSDTBI (Version: 12.0.2430.0 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (HKLM\...\{32C0D7B2-1046-43AC-98AD-B748E1910916}) (Version: 13.0.1601.5 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Aktualizace NVIDIA 24.0.0.0 (Version: 24.0.0.0 - NVIDIA Corporation) Hidden
Ansel (Version: 381.89 - NVIDIA Corporation) Hidden
ApowerMirror verze 1.1.3 (HKLM-x32\...\{a9482532-9c34-478c-80c3-85bdccbb981f}_is1) (Version: 1.1.3 - APOWERSOFT LIMITED)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.5 - Microsoft Corporation) Hidden
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{D25C9EDD-984F-444C-9229-5A58130C6B10}) (Version: 4.3.60226.3 - Microsoft Corporation)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Creative ASIO (USB) (HKLM-x32\...\Creative_ASIO(USB)) (Version: 1.00 - Creative Technology Limited)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition 5.19.0 (x32 Version: 5.19.0.2930 - PreEmptive Solutions) Hidden
Entity Framework 6.1.3 Tools for Visual Studio 2013 (HKLM-x32\...\{D5170452-84D1-4725-AD9C-F9ECFD0A9E9F}) (Version: 12.0.40302.0 - Microsoft Corporation)
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
GDR 4213 for SQL Server 2014 (KB3070446) (HKLM-x32\...\KB3070446) (Version: 12.1.4213.0 - Microsoft Corporation)
GDR 4232 for SQL Server 2014 (KB3194720) (HKLM-x32\...\KB3194720) (Version: 12.1.4232.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hotfix 2569 for SQL Server 2014 (KB3158271) (64-bit) (HKLM\...\KB3158271) (Version: 12.0.2569.0 - Microsoft Corporation)
Hotfix 2569 for SQL Server 2014 (KB3158271) (HKLM-x32\...\KB3158271) (Version: 12.0.2569.0 - Microsoft Corporation)
IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.10.0 - Intel)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.1) (Version: 4.1.1 - Riot Games)
League of Legends (x32 Version: 4.1.1 - Riot Games) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Memory Profiler (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (čeština) (HKLM-x32\...\{E249803A-BD5B-4FDC-A630-976C2971F5B4}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (čeština) (HKLM-x32\...\{25C7677B-0398-46A3-A0EE-7B393D20FA30}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft AS OLE DB Provider for SQL Server 2014 (HKLM\...\{B18D21B6-0056-4E35-896A-339E84D86897}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.24720 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A7A76890-1134-424F-97DA-7BED0D9CFA19}) (Version: 12.1.4232.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.8067.2018 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Power BI Desktop (x64) (HKLM\...\{7892414E-F8C9-4C44-A267-3175A57DDF82}) (Version: 2.43.4647.541 - Microsoft Corporation)
Microsoft Report Viewer 2014 Runtime (HKLM-x32\...\{327E9C0D-1687-414F-923E-F5979E549548}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SharePoint Designer 2013 (HKLM\...\Office15.SharePointDesigner) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{E2D10175-7411-4EA5-8E32-FA21262B435D}) (Version: 11.2.5592.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 (HKLM-x32\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{6F6200F6-B172-4B55-9CC7-93014725953B}) (Version: 12.1.4232.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Policies (HKLM-x32\...\{1C30FE7E-8A8C-4492-89D6-10CB20C3B0EB}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM-x32\...\{2DB5F6D2-B809-48E0-88BB-0ECDA512C9F1}) (Version: 12.1.4232.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service (HKLM\...\{C9533745-8C14-466B-A79B-ECD68D5FD46B}) (Version: 12.1.4232.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM\...\{7FE9A69F-6D91-4E2E-86B5-E2EB27AE6041}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM\...\{FE3BF1DD-677E-4793-9770-C07AECC88882}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.60525.0) (HKLM-x32\...\{A4122514-A88E-4530-AD93-18B617D1CD39}) (Version: 12.0.60525.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools 2013 (HKLM-x32\...\{a85fb061-150b-4759-ae82-e81d31a58311}) (Version: 12.0.60525.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data-Tier Application Framework (x64) (HKLM\...\{8EEC46D2-8208-4799-8328-2AA00F96AB8A}) (Version: 12.0.1294.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{CCA90A36-FA50-42CF-BA7D-44AD6EC27F10}) (Version: 12.0.2569.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2012 Shell (Integrated) (HKLM-x32\...\{55b160d2-8221-45fd-ab30-4388c69c0f3b}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2012 Shell (Isolated) (HKLM-x32\...\{d2e0df0f-bf0a-4a89-9530-ebf93842c393}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2013 Shell (Isolated) (HKLM-x32\...\{dd77c2ff-db69-44f7-9e5c-63aa540dfe07}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Enterprise 2015 with Updates (HKLM-x32\...\{f90e9ec5-977b-4752-8518-abe39dac065d}) (Version: 14.0.24720.41 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{02a877fe-5dac-4ac0-b869-4b9da00f651c}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{e20d88d6-6150-4602-b4ef-49e138467d4d}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 Language Support (HKLM-x32\...\{44774b10-3e2b-443c-899b-56c46b370aa7}) (Version: 11.0.50727.0 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
MongoDB 3.2.10 2008R2Plus SSL (64 bit) (HKLM\...\{E6D95615-0D72-4123-B516-1FEE40C8E07A}) (Version: 3.2.10 - MongoDB)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
MTP Porting Kit (HKLM-x32\...\{353B1E6D-7073-4450-8C80-699BD8FCFB49}) (Version: 12.0.0 - Microsoft Corp)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.2 - Notepad++ Team)
NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 381.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.89 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.5.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.8067.2018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7766.2039 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 381.89 (Version: 381.89 - NVIDIA Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 Design-Time - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
PowerShellIntegration.Notifications (x32 Version: 2.6.0.0 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
R for Windows 3.3.1 (HKLM\...\R for Windows 3.3.1_is1) (Version: 3.3.1 - R Core Team)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.24730 - Microsoft Corporation) Hidden
SafeQ (HKLM-x32\...\SafeQ) (Version: 0.9 - VŠB-TUO)
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for SQL Server 2014 (KB3058865) (HKLM-x32\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 7.1.0360 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.5.0.70 - NVIDIA Corporation) Hidden
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
Sound Blaster X-Fi Surround 5.1 Pro (HKLM-x32\...\{0A9DA353-D0CD-4922-A54B-2F5F4EC90986}) (Version: 1.0 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
SQL Server 2014 Client Tools (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (x32 Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Data Tools - BI for Visual Studio 2013 (x32 Version: 12.0.2430.0 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (x32 Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (x32 Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 SQL Data Quality Common (x32 Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (x32 Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Sublime Text Build 3126 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Tableau 9.3 (9300.16.0726.1843) (HKLM\...\{41B28449-BC3F-49FE-90AD-AA686B34412B}) (Version: 9.3.1879 - Tableau Software)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.24712 - Microsoft Corporation) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.62308 - TeamViewer)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.7.6.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.7.6.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.7.6.0 (HKLM-x32\...\{5ee9a47a-3630-4016-b76d-dc752e9218dd}) (Version: 1.7.24809.0 - Microsoft Corporation)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for Skype for Business 2015 (KB3178731) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.SharePointDesigner_{949C4091-F95D-418E-B215-27303F51F9AA}) (Version: - Microsoft)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2013 Update 5 (KB2829760) (HKLM-x32\...\{17551f85-1d1c-4142-a83f-bbd18a3522c2}) (Version: 12.0.40629 - Microsoft Corporation)
Visual Studio 2015 Update 1 (KB3022398) (HKLM-x32\...\{fcaa9dba-9438-48b6-ad91-4e9b4cc7084a}) (Version: 14.0.24720 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
VS Update core components (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Weka 3.8.0 (HKLM\...\Weka 3.8.0) (Version: 3.8.0 - Machine Learning Group, University of Waikato, Hamilton, NZ)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.23-0 - Bitnami)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.72.0.388 - Zemana Ltd.)
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для среды разработки набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3962596098-4286487324-2245620134-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

[xixao25]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0ACBF16E-53FF-419B-BEAD-8D1508B8264D} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation)
Task: {0E983014-29F2-4C57-BC00-73B41F99A6EC} - System32\Tasks\{7378A38C-618C-4034-B398-5A802F9EBA87} => pcalua.exe -a "D:\League of Legends\lol.launcher.exe" -d "D:\League of Legends\"
Task: {10F60960-DF9A-4313-8ED6-E96FBEBF1000} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-04-26] (Microsoft Corporation)
Task: {144AD9F2-F0A1-4B96-9B54-A210965A6854} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-04-26] ()
Task: {2D9051CB-3F08-483A-9941-CF37A1E9ACB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-07] (Google Inc.)
Task: {41525C08-8E27-40EE-8195-CC415B6FFF5F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-13] (Microsoft Corporation)
Task: {432DE16F-1B5C-40BF-B35C-70B6301C357F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-04-26] (Microsoft Corporation)
Task: {4BBFF069-B2BF-4F66-AD54-44862C43CC5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {55187F28-9D30-45D9-BE2B-4A0D084E4935} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-04-26] ()
Task: {6064F0A3-783D-4B96-9D35-73BB2DCE3B78} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-03-28] (NVIDIA Corporation)
Task: {6C5142C9-4905-4E7C-831F-D641E55A19F4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation)
Task: {6DFB7A03-1E6C-4094-8EFC-4C3F9792F868} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-02-02] (Bitdefender)
Task: {80D30531-21ED-43E3-B017-E373910240BD} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-03-28] (NVIDIA Corporation)
Task: {9B931680-52AE-4AB7-9B12-58C4FC2D0795} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {B38E9A65-FA9E-4AE8-A425-7066293CB721} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-03-28] (NVIDIA Corporation)
Task: {BC99894E-A0C4-48D5-A5C0-782690B6A777} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-13] (Microsoft Corporation)
Task: {C6FF5021-61D6-4CB6-925A-21345E480734} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation)
Task: {C78040F9-472C-46E5-A296-5522A5EF389A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation)
Task: {D0AF4C38-66BD-4989-8E07-89BAA8DCA079} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-07] (Google Inc.)
Task: {FA79760A-C323-4B0F-805C-EE9F182EBB5B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-04-26] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-10-23 06:16 - 2017-03-28 05:32 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-04-27 11:10 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-27 11:10 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-04-27 23:31 - 2017-04-27 23:31 - 00154480 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2017-03-18 22:59 - 2017-03-20 06:45 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-26 13:53 - 2017-04-26 13:53 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-26 13:53 - 2017-04-26 13:53 - 00190464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-26 13:53 - 2017-04-26 13:53 - 43011072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-26 13:53 - 2017-04-26 13:53 - 02451456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-14 17:48 - 2009-12-29 16:52 - 00089088 _____ () C:\WINDOWS\SYSTEM32\CmdRtr64.DLL
2017-04-14 17:48 - 2010-07-22 16:46 - 00237056 _____ () C:\WINDOWS\SYSTEM32\APOMgr64.DLL
2017-04-19 20:02 - 2017-04-19 07:03 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\libglesv2.dll
2017-04-19 20:02 - 2017-04-19 07:03 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\libegl.dll
2017-04-14 10:38 - 2017-04-14 10:38 - 01507816 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.8657\Battle.net Helper.exe
2017-04-25 14:03 - 2017-04-25 14:04 - 01710080 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8119.42377.0_x64__8wekyb3d8bbwe\HxMail.exe
2017-04-25 14:03 - 2017-04-25 14:04 - 13358272 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8119.42377.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2016-11-07 14:40 - 2015-06-05 12:54 - 00404992 _____ () C:\xampp\apache\bin\pcre.dll
2016-11-07 14:43 - 2016-06-22 21:40 - 00130048 _____ () C:\xampp\php\libpq.dll
2016-10-23 06:16 - 2017-03-28 05:32 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-25 18:57 - 2017-04-20 07:31 - 67725936 _____ () C:\Users\Vraťa\AppData\Roaming\Spotify\libcef.dll
2016-11-25 18:57 - 2017-04-20 07:31 - 00110192 _____ () C:\Users\Vraťa\AppData\Roaming\Spotify\SpotifyWinRT.dll
2017-01-30 12:52 - 2017-01-30 12:52 - 01926632 ____R () C:\Program Files (x86)\Skype\Phone\roottools.dll
2016-11-25 18:57 - 2017-04-20 07:31 - 01929840 _____ () C:\Users\Vraťa\AppData\Roaming\Spotify\libglesv2.dll
2016-11-25 18:57 - 2017-04-20 07:31 - 00087152 _____ () C:\Users\Vraťa\AppData\Roaming\Spotify\libegl.dll
2016-10-23 06:16 - 2017-03-21 06:27 - 02442176 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-23 06:16 - 2017-03-21 06:27 - 00363576 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-23 06:16 - 2017-03-21 06:27 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-23 06:16 - 2017-03-21 06:27 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-23 06:16 - 2017-03-21 06:27 - 00469048 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-23 06:16 - 2017-03-21 06:27 - 00571840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-04-14 10:38 - 2017-04-14 10:38 - 55758824 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.8657\libcef.dll
2017-04-14 10:38 - 2017-04-14 10:38 - 00540336 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.8657\ortp.dll
2017-04-14 10:38 - 2017-04-14 10:38 - 00133632 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.8657\libEGL.dll
2017-04-14 10:38 - 2017-04-14 10:38 - 03384832 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.8657\libGLESv2.dll
2017-04-14 10:38 - 2017-04-14 10:38 - 03384832 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.8657\libglesv2.dll
2017-04-14 10:38 - 2017-04-14 10:38 - 00133632 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.8657\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\sharepoint.com -> hxxps://vsb-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2017-04-27 20:48 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vraťa\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{709dc5cb-3ca1-40da-a010-b0d5b74f2f6a}.jpg
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 158.196.0.53 - 158.196.99.166
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "SafeQClient"
HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\StartupApproved\Run: => "MiPhoneManager"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{87C8A1CB-137B-4BA3-A18E-C2E3317C9063}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A6E50E10-E6D3-4B44-80C3-129C21F35372}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B18C5124-B5DC-4F9B-A6F9-7B47540A4246}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{83792036-65B8-445E-98E0-1633E84DE8C6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1FC8C016-02F1-4AAA-8739-CF6DE4B323B5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{808B1F0D-2AEF-4545-B93C-C8792855D912}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A434A76E-C7E3-430B-BE74-4EABD7696B34}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{ED791731-7A44-4D83-B6ED-2FC6119765B4}] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{42316A2A-0CA2-47A7-B81D-CA9EA88428E0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{AB7399F0-ED59-4888-A6E0-2FFA31EDE808}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{C3BBD0CF-3D71-4337-9BE2-194EA4FF9C69}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FD111C12-F4A2-4EE2-A9AE-795B162EA20D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{02F401DE-5972-453A-942A-A7C1ACC8A5F1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{10EAB64E-D76D-4C59-BB3F-2A9EE6790753}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C5A02F97-B87B-453B-8747-E2AC6331ABA4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BA27942B-D406-4062-85ED-E28BEF8A4D9F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3B18EEC1-2312-443C-AE3C-97F84E649914}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{161B0E02-9495-4020-B4C7-CE08A1FC044F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{03828630-1DB8-4460-ABB4-45289E94B7AC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B5007E78-5C12-4ECB-9A8E-44ACCB1617D0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C2D2AF3E-BDD4-4820-BCCB-DA9E6C67763F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9A0F7B69-BFC3-4D4C-98A8-8647752DC9F5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{96A884D5-700C-4932-BDDC-8FDD56109B86}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2167ED1D-8282-40B5-977D-C79D98556C51}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F9ACFD73-3747-4A2A-8A9C-4D78D7FAC5EE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F5F773F9-F827-4F83-B969-109C1AD1F408}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0C58742B-2F73-4756-B98A-B75405E9BC17}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{361F5CC4-E21B-49E9-A49D-896953B1FAD4}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe
FirewallRules: [{DC52F385-6F97-4691-AD56-CEAB2BCDCF18}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe
FirewallRules: [{540F4425-300C-4760-91DF-73D4E07AAC58}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A1B92A17-5530-4313-A27E-23B77FE900F4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3C4452B6-AEA1-4DF9-8572-8F4D53ED2A1B}] => (Allow) C:\Program Files\Microsoft Power BI Desktop\bin\msmdsrv.exe
FirewallRules: [{E69D2EAC-D41A-4D9B-A267-9645C241085C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B16A2A1E-B9F5-454A-97F5-A6B1EC7CE95A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D9BCC210-4D2E-4FC8-809F-9DDC7D8ACC5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{EB786EBB-A5C7-4488-ABCF-B4BA0A6E8A8A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{875E2F36-467F-4013-AFCD-3D308983DD73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{15EDA3EA-1764-4B8F-9C5F-87A1AB136249}C:\users\vraťa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vraťa\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{265C7AD5-DB2D-4F81-A49C-6886269752FB}C:\users\vraťa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vraťa\appdata\roaming\spotify\spotify.exe
FirewallRules: [{47269CC0-B5D6-4475-8A52-FB980D2EE716}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{5BA8D7F0-AAFE-4454-81B8-1FF0DE0F2AC7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{28F641A7-ECED-4B92-A84F-F91CA0773A32}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5BCD3B16-9174-4991-9351-1AF3E44B5A4C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [UDP Query User{BD1C8E4E-9E67-4214-8350-A19584BCAAD9}C:\apache\bin\httpd.exe] => (Allow) C:\apache\bin\httpd.exe
FirewallRules: [TCP Query User{008F230F-1DD8-41D1-AD37-1436E587FE52}C:\apache\bin\httpd.exe] => (Allow) C:\apache\bin\httpd.exe
FirewallRules: [UDP Query User{28FA2DF9-47E3-4C23-85F8-E54FFF838953}C:\program files\mongodb\server\3.2\bin\mongod.exe] => (Allow) C:\program files\mongodb\server\3.2\bin\mongod.exe
FirewallRules: [TCP Query User{7C12E50B-6DD6-49DE-8CEF-C38624EB26C4}C:\program files\mongodb\server\3.2\bin\mongod.exe] => (Allow) C:\program files\mongodb\server\3.2\bin\mongod.exe
FirewallRules: [{29638EA8-174E-4AB1-B0D4-1794DAE3CA14}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{C8CF89A9-278D-4FEC-A91F-1815264C7BEA}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{5DDDEF3F-44BE-4008-AE0F-53EC09AFC9D2}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{905ED83F-107B-4292-B377-7C62ABAE39D3}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{9AB6763D-A08C-4BF2-BEE6-4B3442BF175A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{829754C9-20FE-4866-AE0D-8674BA4938A4}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{DFB7B818-3AC5-4807-99D6-CC40F312BB5C}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{A79164B8-A4C5-4728-A49C-059EF2E8F71A}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{870CA76E-40CB-49B5-B1C6-88E4B9A9AB71}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{54E7A1E0-0E44-4752-AB9C-5F27D47ADBDC}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{FF6908D8-8380-4082-AD2F-9D06FB4FFD49}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{434F58AC-A171-4026-9ED9-C4D7DB14FCA0}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{F82869D2-C1F9-4E5B-9BE0-29DFAA7A9E83}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{9243FAC3-0906-465E-B6BD-4FE767E89157}] => (Allow) LPort=12292
FirewallRules: [{AE996329-13A7-4C18-8E51-34A9E7CD8050}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{DB3B2F55-49F2-4724-83AA-AF115B846687}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F6B26EA1-BAE4-41DE-8FEB-892ADF45A74F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1D589A8E-D8CA-44E7-95CB-75FFD0DAEC5B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{46467C41-39D0-4BB5-B950-AAC1DE2C0819}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{F079FA46-972A-4E5A-B498-B0477CE67D65}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{4DF8C7A5-5BAC-43C7-8905-ABF2A2DB4E70}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{3560C971-222D-4265-8AE6-07D67D669E70}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{7A4599B6-4E53-4FF5-8C8B-D68D6AAEDC0A}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{69D01AD5-D7C8-488A-95AE-6873B3FC6E55}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{045C0E56-1911-4BBB-9EC4-B2029AF21EA3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{399B842D-CC99-4350-9D00-A6E838D436A8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C8AC7B50-A022-4A11-A583-E97572D4C6B7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0FE24470-D1E7-4DF9-943F-5AC0C2F94662}] => (Allow) C:\Program Files (x86)\MIO\loader\st1000lm024xhn-m101mbb_s2u5j9hc503642.dat
FirewallRules: [{48FBE362-BEA9-4963-BA48-05DE529C5FC7}] => (Allow) C:\Program Files (x86)\MIO\loader\st1000lm024xhn-m101mbb_s2u5j9hc503642.dat
FirewallRules: [{B6FAEB8E-D48F-4A3B-B413-4D8C15F0962F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F220FB00-557E-4931-B948-88351DDCC998}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C1F42763-871A-4B2D-812B-D7F4D7AA1F92}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{22E8C251-7DA1-4E1D-A9F0-1AAB153E9011}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{ADD6006E-BD98-47E5-BAAC-B56761657EEC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6DAA115D-64C6-4ACB-8FA7-4C0EB80915E7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{477AA378-5A1C-4C15-99B5-317AFAE7385B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F1B8A4B3-C880-4D4E-AC05-C93B9B3D86D9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8B9296D9-1E6A-4E86-9BB9-500997D61940}] => (Allow) %systemroot%\system32\alg.exe

==================== Restore Points =========================

26-04-2017 20:31:44 CASHFLOW® THE E-GAME Installation
27-04-2017 12:13:15 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Android ADB Interface
Description: Android ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Google, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Android Bootloader Interface
Description: Android Bootloader Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Google, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/28/2017 12:25:24 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/28/2017 11:14:55 AM) (Source: PHP-5.6.23) (EventID: 4) (User: )
Description: Event-ID 4

Error: (04/28/2017 11:14:55 AM) (Source: PHP-5.6.23) (EventID: 4) (User: )
Description: Event-ID 4

Error: (04/28/2017 11:14:55 AM) (Source: PHP-5.6.23) (EventID: 4) (User: )
Description: Event-ID 4

Error: (04/28/2017 11:14:51 AM) (Source: PHP-5.6.23) (EventID: 4) (User: )
Description: Event-ID 4

Error: (04/28/2017 11:14:51 AM) (Source: PHP-5.6.23) (EventID: 4) (User: )
Description: Event-ID 4

Error: (04/28/2017 11:14:50 AM) (Source: PHP-5.6.23) (EventID: 4) (User: )
Description: Event-ID 4

Error: (04/28/2017 11:12:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\redist\1033\vcredist_arm.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/28/2017 11:12:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\redist\1033\vcredist_arm.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/28/2017 11:11:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\redist\1033\vcredist_arm.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (04/28/2017 11:19:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (04/28/2017 11:15:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/28/2017 11:15:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby FontCache3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (04/28/2017 11:14:54 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba CDPUserSvc_5d120 byla ukončena s následující chybou:
Nespecifikovaná chyba

Error: (04/28/2017 11:14:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.

Error: (04/28/2017 10:34:20 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Uživatelská služba platformy připojených zařízení_1206b24 byla ukončena s následující chybou:
Nespecifikovaná chyba

Error: (04/28/2017 01:50:33 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7OACK7P)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/28/2017 01:50:33 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7OACK7P)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/28/2017 01:50:33 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7OACK7P)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/28/2017 01:50:33 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7OACK7P)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================
Date: 2017-04-28 20:10:08.269
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-28 20:10:08.263
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-28 20:06:34.072
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-28 20:06:34.064
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-28 19:31:03.221
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-28 19:31:03.216
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-28 19:30:52.899
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-28 19:30:52.890
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-28 19:28:08.448
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-28 19:28:08.445
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 58%
Total physical RAM: 8091.27 MB
Available physical RAM: 3353.44 MB
Total Virtual: 11741.07 MB
Available Virtual: 4520.74 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.03 GB) (Free:288.35 GB) NTFS
Drive d: () (Fixed) (Total:465.48 GB) (Free:122.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D003A0B8)

Partition: GPT.

==================== End of Addition.txt ============================

[jerabina]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)
HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\MountPoints2: {16e012fb-29e1-11e7-b903-dc0ea1f75a5b} - "H:\Setup.exe"
HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\MountPoints2: {16e01351-29e1-11e7-b903-dc0ea1f75a5b} - "F:\InsertOtherCD.exe"
HKU\S-1-5-21-3962596098-4286487324-2245620134-1001\...\MountPoints2: {16e01357-29e1-11e7-b903-dc0ea1f75a5b} - "G:\Setup.exe"
ShortcutTarget: Aventail VPN Connection.lnk -> (No File)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)

C:\ProgramData\RogueKiller
C:\Users\Vraťa\.mongorc.js

Task: {2D9051CB-3F08-483A-9941-CF37A1E9ACB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-07] (Google Inc.)
Task: {4BBFF069-B2BF-4F66-AD54-44862C43CC5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {D0AF4C38-66BD-4989-8E07-89BAA8DCA079} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-07] (Google Inc.)

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Tohle poznáváš?

Kód: Vybrat vše

Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для среды разработки набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému.

Toto otestuj na Virustotal
C:\ProgramData\agent.1493281722.bdinstall.bin
C:\ProgramData\agent.update.1493283181.bdinstall.bin

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

[xixao25]

https://www.virustotal.com/cs/file/fe78 ... 493585444/
https://www.virustotal.com/cs/file/b2b2 ... 493586030/