automatické rovnání ikon Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: automatické rovnání ikon

Příspěvekod jerabina » 20 zář 2015 22:22

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;


klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit Farbar Recovery Scan Tool (FRST)
32bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
64bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
a ulož jej na plochu. ,pak spusť FRST jako správce
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Co problémy?
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Nahoru
Reklama
Top
Zdeněk Flanderka
nováček
Příspěvky: 47
Registrován: září 15
Pohlaví: Muž
Stav:
Offline

Re: automatické rovnání ikon

Příspěvekod Zdeněk Flanderka » 21 zář 2015 13:33

RogueKiller V10.10.6.0 (x64) [Sep 21 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.10240) 64 bits version
Spuštěno : Normální režim
Uživatel : zdenda [Práva správce]
Started from : C:\Users\zdenda\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 09/21/2015 13:29:02

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2292692883-487480938-3015334422-1001\Software\Microsoft\Windows\CurrentVersion\Run | DesktopOK : "C:\Users\zdenda\AppData\Local\Temp\Temp2_DesktopOK_Unicode.zip\DesktopOK_Unicode.exe" -bg -startup [x][x][x] -> Smazáno
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2292692883-487480938-3015334422-1001\Software\Microsoft\Windows\CurrentVersion\Run | DesktopOK : "C:\Users\zdenda\AppData\Local\Temp\Temp2_DesktopOK_Unicode.zip\DesktopOK_Unicode.exe" -bg -startup [x][x][x] -> ERROR [2]
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nahrazeno (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nahrazeno (2)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MQ01ABD100 +++++
--- User ---
[MBR] 546630fcfb144f5fb221d5040325779f
[BSP] 27095db7d374257140694ff79a31904f : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 953067 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1952600064 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK
Zdeněk Flanderka
mám notebook DELL
OS: Win 10 Home
Procesor: Intel Core i5-4200U 1,60GHz 2,30 GHz
RAM: 8,00 GB (použitelné 7,89 GB)
Typ systému: 64bit, procesor pro platformu x64
Rozlišení: 1600x900 (doporučeno)
Nahoru
Zdeněk Flanderka
nováček
Příspěvky: 47
Registrován: září 15
Pohlaví: Muž
Stav:
Offline

Re: automatické rovnání ikon

Příspěvekod Zdeněk Flanderka » 21 zář 2015 14:03

Zoek.exe v5.0.0.0 Updated 21-09-2015
Tool run by zdenda on po 21. 09. 2015 at 13:35:12,41.
Microsoft Windows 10 Home 10.0.10240 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\zdenda\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

21. 9. 2015 13:43:33 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Cisco deleted successfully
C:\Program Files\Common Files\Intel deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\CorelDRAW Graphics Suite X7 deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\WinZip deleted successfully
C:\Users\zdenda\AppData\Local\GHISLER deleted successfully
C:\Users\zdenda\AppData\Local\NetworkTiles deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\tdyeim5r.default\prefs.js:

Added to C:\Users\zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\tdyeim5r.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Cisco not found
C:\Users\zdenda\AppData\Roaming\calibre deleted
C:\Users\zdenda\AppData\Roaming\Seznam Browser deleted
C:\PROGRA~3\StreamingMediaTechnologyLog.txt deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\zdenda\AppData\Local\Unity deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\zdenda\AppData\LocalLow\Unity deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\tdyeim5r.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chromium Look ======================

eRepublik - zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkdgljgbgpkidcggafgoabibfligjaal
AdBlock - zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Vyhledávání na Uložto.cz - zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmkajlpofgoacniacbaappohkglliini
Any.do - zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\zdenda\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\zdenda\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\zdenda\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\zdenda\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=976 folders=247 503832658 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\zdenda\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 21. 09. 2015 at 13:59:20,21 ======================
Zdeněk Flanderka
mám notebook DELL
OS: Win 10 Home
Procesor: Intel Core i5-4200U 1,60GHz 2,30 GHz
RAM: 8,00 GB (použitelné 7,89 GB)
Typ systému: 64bit, procesor pro platformu x64
Rozlišení: 1600x900 (doporučeno)
Nahoru
Zdeněk Flanderka
nováček
Příspěvky: 47
Registrován: září 15
Pohlaví: Muž
Stav:
Offline

Re: automatické rovnání ikon

Příspěvekod Zdeněk Flanderka » 21 zář 2015 14:14

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by zdenda (administrator) on FLANDELLKA (21-09-2015 14:10:54)
Running from C:\Users\zdenda\Downloads
Loaded Profiles: zdenda (Available Profiles: zdenda)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files\AutoHotkey\AutoHotkey.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [396688 2015-07-18] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408 2013-03-05] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557984 2014-08-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [UVS11 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [341488 2007-03-03] (InterVideo Digital Technology Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2292692883-487480938-3015334422-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-2292692883-487480938-3015334422-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\test.ahk.ahk [2015-08-20] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\XAMPP Control Panel.lnk [2015-08-20]
ShortcutTarget: XAMPP Control Panel.lnk -> C:\xampp\xampp-control.exe ()
Startup: C:\Users\zdenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2015-09-14]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b6673560-0908-4de2-b30e-47e0d5be3142}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2292692883-487480938-3015334422-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotm ... ?ocid=iehp
SearchScopes: HKU\S-1-5-21-2292692883-487480938-3015334422-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-07] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-07] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\tdyeim5r.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-11] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-11] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2292692883-487480938-3015334422-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\zdenda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File

Chrome:
=======
CHR Profile: C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-17]
CHR Extension: (Dokumenty Google) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-17]
CHR Extension: (Disk Google) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-17]
CHR Extension: (YouTube) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-17]
CHR Extension: (Vyhledávání Google) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-17]
CHR Extension: (Tabulky Google) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-17]
CHR Extension: (Gmail) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-17]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-11] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-06-24] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [231520 2015-07-14] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-11] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-03-05] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-21 14:10 - 2015-09-21 14:11 - 00015040 _____ C:\Users\zdenda\Downloads\FRST.txt
2015-09-21 14:06 - 2015-09-21 14:10 - 00000000 ____D C:\FRST
2015-09-21 14:05 - 2015-09-21 14:06 - 02191360 _____ (Farbar) C:\Users\zdenda\Downloads\FRST64.exe
2015-09-21 13:59 - 2015-09-21 13:59 - 00016148 _____ C:\WINDOWS\system32\FLANDELLKA_zdenda_HistoryPrediction.bin
2015-09-21 13:56 - 2015-09-21 13:35 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-09-21 13:43 - 2015-09-21 13:59 - 00006683 _____ C:\zoek-results.log
2015-09-21 13:35 - 2015-09-21 13:54 - 00000000 ____D C:\zoek_backup
2015-09-21 13:34 - 2015-09-21 13:34 - 01308672 _____ C:\Users\zdenda\Desktop\zoek.exe
2015-09-21 13:16 - 2015-09-21 13:16 - 22748744 _____ C:\Users\zdenda\Desktop\RogueKillerX64.exe
2015-09-21 13:08 - 2015-09-21 13:08 - 00000000 ____D C:\Users\zdenda\AppData\Local\CrashDumps
2015-09-20 13:36 - 2015-09-21 13:16 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-09-20 13:36 - 2015-09-20 13:36 - 00000000 ____D C:\ProgramData\RogueKiller
2015-09-20 13:23 - 2015-09-20 13:23 - 00000000 ____D C:\Users\zdenda\AppData\Local\Canon_INC
2015-09-19 17:31 - 2015-09-19 17:31 - 00001146 _____ C:\Users\zdenda\Desktop\JRT.txt
2015-09-19 17:26 - 2015-09-19 17:27 - 01798976 _____ (Malwarebytes) C:\Users\zdenda\Desktop\JRT.exe
2015-09-19 17:09 - 2015-09-19 17:09 - 00002913 _____ C:\Users\zdenda\Desktop\mal.txt
2015-09-19 16:19 - 2015-09-20 12:56 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-19 16:19 - 2015-09-19 16:19 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-19 16:19 - 2015-09-19 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-19 16:19 - 2015-09-19 16:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-19 16:19 - 2015-09-19 16:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-19 16:19 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-19 16:19 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-19 16:19 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-18 20:59 - 2015-09-18 20:59 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\zdenda\Desktop\mbam-setup-2.1.8.1057.exe
2015-09-18 20:53 - 2015-09-20 12:50 - 00000000 ____D C:\AdwCleaner
2015-09-18 20:52 - 2015-09-18 20:52 - 01662976 _____ C:\Users\zdenda\Desktop\AdwCleaner.exe
2015-09-18 20:50 - 2015-09-18 20:50 - 00000000 ____D C:\Users\zdenda\AppData\Local\CEF
2015-09-18 20:49 - 2015-09-21 10:32 - 00000000 ____D C:\Users\zdenda\AppData\Local\Adobe
2015-09-18 20:42 - 2015-09-18 20:42 - 00448512 _____ (OldTimer Tools) C:\Users\zdenda\Desktop\TFC.exe
2015-09-18 17:47 - 2015-09-18 17:47 - 00050688 _____ (Atribune.org) C:\Users\zdenda\Desktop\ATF-Cleaner.exe
2015-09-18 15:16 - 2015-09-18 15:16 - 00011089 _____ C:\Users\zdenda\Desktop\hijackthis.log
2015-09-18 15:09 - 2015-09-18 15:10 - 00388608 _____ (Trend Micro Inc.) C:\Users\zdenda\Desktop\HijackThis.exe
2015-09-17 13:12 - 2015-09-17 13:14 - 00019164 _____ C:\Users\zdenda\Documents\ikony.dst
2015-09-17 13:10 - 2015-09-17 13:10 - 00000000 ____D C:\Users\zdenda\Desktop\Nová složka (3)
2015-09-17 13:09 - 2015-09-17 13:09 - 02432384 _____ C:\Users\zdenda\Desktop\DragStrip---Parádní-panel-s-přetahováním-a-plno-funkcemi.zip
2015-09-16 11:34 - 2015-09-16 11:35 - 96996227 _____ C:\Users\zdenda\Desktop\chrome-win32.zip
2015-09-16 09:11 - 2015-09-16 09:11 - 00111371 _____ C:\Users\zdenda\Desktop\DesktopOK_Unicode.zip
2015-09-16 08:58 - 2015-09-16 08:58 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-16 08:58 - 2015-09-16 08:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-15 17:14 - 2015-09-15 20:44 - 00000000 ____D C:\Users\zdenda\VirtualBox VMs
2015-09-15 17:13 - 2015-09-15 20:44 - 00000000 ____D C:\Users\zdenda\.VirtualBox
2015-09-15 17:13 - 2015-09-15 17:13 - 00001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-09-15 17:13 - 2015-09-15 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-09-15 17:13 - 2015-09-08 11:48 - 00964392 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2015-09-15 17:13 - 2015-09-08 11:47 - 00138904 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2015-09-15 17:12 - 2015-09-15 17:12 - 00000000 ____D C:\Program Files\Oracle
2015-09-15 17:09 - 2015-09-15 17:11 - 116662984 _____ (Oracle Corporation) C:\Users\zdenda\Desktop\VirtualBox-5.0.4-102546-Win.exe
2015-09-15 15:11 - 2015-09-15 15:20 - 00249856 ____N (Microsoft Corporation) C:\WINDOWS\Setup1.exe
2015-09-15 15:11 - 2015-09-15 15:20 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE
2015-09-15 10:53 - 2015-09-15 10:53 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\.mono
2015-09-15 10:38 - 2015-09-15 10:53 - 00000000 ____D C:\Users\zdenda\Desktop\Kerbal.Space.Program.v1.0.4.861
2015-09-14 14:21 - 2015-09-14 14:21 - 00000000 ____D C:\Users\zdenda\Documents\Adobe
2015-09-14 13:56 - 2015-09-14 13:56 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Canon_Inc_IC
2015-09-14 13:55 - 2015-09-14 13:56 - 00000000 ____D C:\Users\zdenda\Desktop\ovládání foto
2015-09-14 13:46 - 2015-09-14 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-09-14 13:46 - 2015-09-14 13:48 - 00000000 ____D C:\Program Files (x86)\Canon
2015-09-14 13:46 - 2015-09-14 13:46 - 00000000 ____D C:\Program Files\Canon
2015-09-14 13:39 - 2015-09-14 13:39 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\canon
2015-09-14 13:39 - 2015-09-14 13:39 - 00000000 ____D C:\ProgramData\Canon_Inc_IC
2015-09-13 16:04 - 2015-09-13 16:04 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Downloaded Installations
2015-09-13 15:20 - 2015-09-13 15:29 - 00000000 ____D C:\Users\zdenda\Documents\Knihovna Calibre
2015-09-13 14:35 - 2015-09-13 14:36 - 00000000 ____D C:\Users\zdenda\.cr3
2015-09-13 14:22 - 2015-09-13 14:22 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\PDM
2015-09-13 14:14 - 2015-09-13 14:16 - 00000000 ____D C:\ProgramData\AllMyBooks
2015-09-13 14:14 - 2015-09-13 14:14 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Obsidium
2015-09-12 22:43 - 2015-09-12 22:45 - 00000000 ____D C:\Users\zdenda\AppData\Local\Seznam.cz
2015-09-12 22:43 - 2015-09-12 22:43 - 00001976 _____ C:\Users\zdenda\Desktop\Seznam.cz.lnk
2015-09-12 22:43 - 2015-09-12 22:43 - 00001956 _____ C:\Users\zdenda\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.lnk
2015-09-12 11:05 - 2015-09-12 11:05 - 00002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-09-12 11:04 - 2015-09-12 11:04 - 00929360 _____ (Google Inc.) C:\Users\zdenda\Desktop\GoogleEarthSetup.exe
2015-09-10 14:21 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-10 14:21 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-10 14:21 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-10 14:21 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-10 14:21 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-10 14:21 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-10 14:21 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-10 14:21 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-10 14:21 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-10 14:21 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-10 14:21 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-10 14:21 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-10 14:21 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-10 14:21 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-10 14:21 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-10 14:21 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-10 14:21 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-10 14:21 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-10 14:21 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-10 14:21 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-10 14:21 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-10 14:21 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-10 14:21 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-10 14:21 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-10 14:21 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-10 14:21 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-10 14:21 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-10 14:21 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-10 14:21 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-10 14:21 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-10 14:21 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-10 14:21 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-08 17:36 - 2015-09-08 17:36 - 00000000 ____D C:\Users\zdenda\Documents\Ulead VideoStudio
2015-09-08 17:33 - 2015-09-08 17:37 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Ulead Systems
2015-09-08 17:30 - 2015-09-08 17:30 - 00001914 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-09-08 17:30 - 2015-09-08 17:30 - 00000000 ____D C:\ProgramData\SmartSound Software Inc
2015-09-08 17:30 - 2015-09-08 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-09-08 17:30 - 2015-09-08 17:30 - 00000000 ____D C:\Program Files (x86)\SmartSound Software
2015-09-08 17:30 - 2015-09-08 17:30 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-09-08 17:29 - 2015-09-08 17:29 - 00000000 ____D C:\ProgramData\InterVideo
2015-09-08 17:28 - 2015-09-08 17:28 - 00002253 _____ C:\Users\Public\Desktop\Ulead VideoStudio 11.lnk
2015-09-08 17:28 - 2015-09-08 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio 11
2015-09-08 17:28 - 2007-03-06 11:58 - 00210456 _____ C:\WINDOWS\SysWOW64\IVIresizeW7.dll
2015-09-08 17:28 - 2007-03-06 11:58 - 00206360 _____ C:\WINDOWS\SysWOW64\IVIresizeA6.dll
2015-09-08 17:28 - 2007-03-06 11:58 - 00198168 _____ C:\WINDOWS\SysWOW64\IVIresizeP6.dll
2015-09-08 17:28 - 2007-03-06 11:58 - 00198168 _____ C:\WINDOWS\SysWOW64\IVIresizeM6.dll
2015-09-08 17:28 - 2007-03-06 11:58 - 00194072 _____ C:\WINDOWS\SysWOW64\IVIresizePX.dll
2015-09-08 17:28 - 2007-03-06 11:58 - 00026136 _____ C:\WINDOWS\SysWOW64\IVIresize.dll
2015-09-08 17:27 - 2015-09-08 17:33 - 00000000 ____D C:\ProgramData\Ulead Systems
2015-09-08 17:27 - 2015-09-08 17:27 - 00000000 ____D C:\Program Files (x86)\Ulead Systems
2015-09-08 17:20 - 2015-09-08 17:23 - 00000000 ____D C:\Users\zdenda\Desktop\Nová složka (2)
2015-09-08 16:33 - 2015-09-08 17:16 - 783898424 _____ C:\Users\zdenda\Desktop\Ulead-Video-Studio-v11-+-Keygen.rar
2015-09-08 16:21 - 2015-09-08 16:21 - 00001883 _____ C:\Users\zdenda\Desktop\Programy a funkce.lnk
2015-09-08 16:21 - 2015-09-08 16:21 - 00000405 _____ C:\Users\zdenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programy a funkce.lnk
2015-09-08 15:46 - 2015-09-08 16:07 - 00000000 ____D C:\Users\zdenda\Documents\Polda III
2015-09-08 15:45 - 2015-09-08 16:22 - 00000000 ____D C:\Program Files (x86)\Polda 3
2015-09-08 11:47 - 2015-09-08 11:47 - 00146072 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2015-09-08 11:47 - 2015-09-08 11:47 - 00117768 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys
2015-09-07 21:52 - 2015-09-07 21:52 - 00000000 ____D C:\Users\zdenda\Desktop\Nová složka
2015-09-07 21:51 - 2015-09-07 21:51 - 01908225 _____ C:\Users\zdenda\Desktop\VirtualDub-1.10.4.zip
2015-09-07 20:50 - 2015-09-07 20:50 - 00001845 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Art of Illusion.lnk
2015-09-07 20:50 - 2015-09-07 20:50 - 00001839 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Start Art of Illusion.lnk
2015-09-07 20:50 - 2015-09-07 20:50 - 00001833 _____ C:\Users\Public\Desktop\Start Art of Illusion.lnk
2015-09-07 20:50 - 2015-09-07 20:50 - 00000000 ____D C:\Users\zdenda\.artofillusion
2015-09-07 20:50 - 2015-09-07 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Art of Illusion
2015-09-07 20:50 - 2015-09-07 20:50 - 00000000 ____D C:\Program Files\ArtOfIllusion
2015-09-07 20:28 - 2015-09-07 20:28 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-07 20:28 - 2015-09-07 20:28 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Sun
2015-09-07 20:28 - 2015-09-07 20:28 - 00000000 ____D C:\Users\zdenda\.oracle_jre_usage
2015-09-07 20:28 - 2015-09-07 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-07 20:27 - 2015-09-07 20:49 - 00000000 ____D C:\ProgramData\Oracle
2015-09-07 20:27 - 2015-09-07 20:27 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-07 20:26 - 2015-09-07 20:26 - 06900074 _____ () C:\Users\zdenda\Desktop\ArtOfIllusion272-Windows.exe
2015-09-07 20:26 - 2015-09-07 20:26 - 00584288 _____ (Oracle Corporation) C:\Users\zdenda\Desktop\JavaSetup8u60.exe
2015-09-07 20:18 - 2015-09-07 20:22 - 00000000 ____D C:\ProgramData\TEMP
2015-09-07 20:09 - 2015-09-07 20:09 - 00000000 ____D C:\Users\Public\Documents\PhotoModeler
2015-09-07 20:03 - 2015-09-07 20:09 - 188887485 _____ C:\Users\zdenda\Desktop\PM6DemoSetup.exe
2015-09-07 19:54 - 2015-09-07 19:54 - 08211457 _____ (Delgine ) C:\Users\zdenda\Desktop\deledlitesetup.exe
2015-09-07 19:54 - 2015-09-07 19:54 - 00001003 _____ C:\Users\zdenda\Desktop\DeleD.lnk
2015-09-07 19:54 - 2015-09-07 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeleD LITE
2015-09-07 19:54 - 2015-09-07 19:54 - 00000000 ____D C:\Program Files (x86)\DeleD LITE
2015-09-07 19:50 - 2015-09-07 19:50 - 00000000 ____D C:\Users\zdenda\Documents\My Palettes
2015-09-07 19:49 - 2015-09-07 19:49 - 00000000 ____D C:\Users\zdenda\Documents\Corel
2015-09-07 18:52 - 2015-09-07 19:49 - 00000000 ____D C:\ProgramData\Protexis
2015-09-07 18:52 - 2015-09-07 18:52 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Corel
2015-09-07 18:51 - 2015-09-07 18:51 - 00000000 ____D C:\Users\zdenda\Desktop\kuchyň
2015-09-07 18:44 - 2015-09-07 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7
2015-09-07 18:44 - 2015-09-07 18:44 - 00000000 ____D C:\Users\Public\Documents\Corel
2015-09-07 18:43 - 2015-09-07 19:49 - 00000000 ____D C:\ProgramData\Corel
2015-09-07 18:43 - 2015-09-07 18:44 - 00000000 ____D C:\Program Files (x86)\Corel
2015-09-07 15:59 - 2015-09-07 15:59 - 00000000 ____D C:\Users\zdenda\eTeks
2015-09-07 15:58 - 2015-09-07 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2015-09-07 15:58 - 2015-09-07 15:58 - 00000000 ____D C:\Program Files\Sweet Home 3D
2015-09-07 14:34 - 2015-09-07 14:34 - 00001112 _____ C:\Users\zdenda\Desktop\Safari.exe – zástupce.lnk
2015-09-07 11:04 - 2015-09-07 11:42 - 00009152 _____ C:\Users\zdenda\Desktop\Hagia Sophia.xlsx
2015-09-07 10:46 - 2015-09-07 10:46 - 00000000 ___RD C:\Users\zdenda\3D Objects
2015-09-05 14:23 - 2015-09-05 14:23 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\AMD
2015-09-04 13:38 - 2015-09-08 17:30 - 00000000 ____D C:\ProgramData\Apple Computer
2015-09-04 13:38 - 2015-09-04 13:38 - 00002529 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2015-09-04 13:38 - 2015-09-04 13:38 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Apple Computer
2015-09-04 13:37 - 2015-09-04 13:37 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-04 13:37 - 2015-09-04 13:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-09-04 13:37 - 2015-09-04 13:37 - 00000000 ____D C:\ProgramData\Apple
2015-09-04 13:37 - 2015-09-04 13:37 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-04 13:35 - 2015-09-17 11:38 - 00003944 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1441366492
2015-09-04 13:35 - 2015-09-17 11:38 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-09-04 13:35 - 2015-09-04 13:35 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Opera Software
2015-09-04 13:35 - 2015-09-04 13:35 - 00000000 ____D C:\Users\zdenda\AppData\Local\Opera Software
2015-09-04 13:35 - 2015-09-04 13:34 - 00001204 _____ C:\Users\zdenda\Desktop\Opera.lnk
2015-09-04 13:34 - 2015-09-17 11:38 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-04 13:30 - 2015-09-15 21:16 - 00000000 ____D C:\Users\zdenda\Desktop\prohlížeče
2015-09-02 12:43 - 2015-09-02 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL
2015-09-02 12:43 - 2015-09-02 12:43 - 00000000 ____D C:\OpenSSL-Win64
2015-09-02 12:43 - 2015-07-09 19:21 - 00379392 _____ (The OpenSSL Project, http://www.openssl.org/) C:\WINDOWS\system32\ssleay32.dll
2015-09-02 12:43 - 2015-07-09 19:21 - 00379392 _____ (The OpenSSL Project, http://www.openssl.org/) C:\WINDOWS\system32\libssl32.dll
2015-09-02 12:43 - 2015-07-09 19:20 - 02077184 _____ (The OpenSSL Project, http://www.openssl.org/) C:\WINDOWS\system32\libeay32.dll
2015-09-02 12:43 - 2013-10-04 23:58 - 00963232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120.dll
2015-09-02 12:27 - 2015-09-02 12:43 - 00000000 ____D C:\totalcmd
2015-09-02 12:27 - 2015-09-02 12:31 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\GHISLER
2015-09-02 12:27 - 2015-09-02 12:27 - 06391640 _____ (Ghisler Software GmbH) C:\Users\zdenda\Downloads\tcmd852x32_64.exe
2015-09-02 12:27 - 2015-09-02 12:27 - 00000683 _____ C:\Users\zdenda\Desktop\Total Commander 64 bit.lnk
2015-09-02 12:27 - 2015-09-02 12:27 - 00000669 _____ C:\Users\zdenda\Desktop\Total Commander.lnk
2015-09-02 12:27 - 2015-09-02 12:27 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-09-01 12:56 - 2015-09-01 12:56 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\WinRAR
2015-09-01 12:51 - 2015-09-01 12:51 - 00001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2015-09-01 12:51 - 2015-09-01 12:51 - 00001036 _____ C:\Users\Public\Desktop\WinRAR.lnk
2015-09-01 12:51 - 2015-09-01 12:51 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-09-01 12:51 - 2015-09-01 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-09-01 12:51 - 2015-09-01 12:51 - 00000000 ____D C:\Program Files\WinRAR
2015-09-01 12:50 - 2015-09-01 12:50 - 02129208 _____ C:\Users\zdenda\Desktop\winrar-x64-521cz.exe
2015-08-29 18:22 - 2015-08-29 18:22 - 00003618 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-flanDellka-zdenda
2015-08-29 18:19 - 2015-08-29 18:19 - 00001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 13.lnk
2015-08-29 18:19 - 2015-08-29 18:19 - 00001039 _____ C:\Users\Public\Desktop\Adobe Photoshop Elements 13.lnk
2015-08-29 18:19 - 2015-08-29 18:19 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-29 18:06 - 2015-08-29 18:18 - 00000000 ____D C:\Program Files\Adobe
2015-08-29 18:03 - 2015-08-29 18:10 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-08-29 18:03 - 2013-09-03 12:01 - 00056336 ____N (Corel Corporation) C:\WINDOWS\system32\Drivers\PxHlpa64.sys
2015-08-29 18:03 - 2012-04-24 12:01 - 00011376 ____N (Corel Corporation) C:\WINDOWS\system32\Drivers\cdralw2k.sys
2015-08-29 18:03 - 2012-04-24 12:01 - 00010864 ____N (Corel Corporation) C:\WINDOWS\system32\Drivers\cdr4_xp.sys
2015-08-29 17:53 - 2015-08-29 17:53 - 00000000 ____D C:\Users\zdenda\Desktop\Adobe Photoshop Elements 13 (64 bit) [Uploaded by Damo33]
2015-08-29 11:28 - 2015-08-29 11:34 - 00000000 ____D C:\Users\zdenda\Desktop\30_1_21ML_00
2015-08-29 11:22 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 11:22 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-29 11:22 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-29 11:22 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 11:22 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 11:22 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-29 11:22 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-29 11:22 - 2015-08-20 07:09 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-08-29 11:22 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 11:22 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-29 11:22 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 11:22 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-29 11:22 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-29 11:22 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 11:22 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 11:22 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 11:22 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-29 11:22 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-29 11:22 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 11:22 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 11:22 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-29 11:22 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 11:22 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-29 11:22 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-29 11:22 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 11:22 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-29 11:22 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 11:22 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 11:22 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 11:22 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-29 11:22 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-29 11:22 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 11:22 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-29 11:22 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-29 11:22 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-29 11:22 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-29 11:22 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-29 11:22 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-29 11:22 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-29 11:22 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-29 11:22 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-29 11:22 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-28 11:14 - 2015-08-28 11:16 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Ulozto File Manager
2015-08-28 11:14 - 2015-08-28 11:14 - 00000000 ____D C:\Users\zdenda\Documents\Ulozto
2015-08-23 21:56 - 2015-08-23 22:05 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-08-23 21:55 - 2015-08-23 22:06 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-08-23 21:55 - 2015-08-23 21:55 - 00002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-08-23 21:55 - 2015-08-23 21:55 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-23 21:54 - 2015-08-29 19:07 - 00000000 ____D C:\ProgramData\Adobe
2015-08-23 21:04 - 2015-08-23 21:04 - 00000000 ____D C:\ProgramData\UniqueId
2015-08-23 20:56 - 2015-09-15 21:19 - 00000000 ____D C:\Users\zdenda\Desktop\knihy

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-21 14:07 - 2015-08-19 10:49 - 00000000 ____D C:\Users\zdenda\OneDrive
2015-09-21 14:07 - 2015-08-17 12:15 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-21 14:07 - 2015-08-16 22:12 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Skype
2015-09-21 13:59 - 2015-08-18 22:12 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-21 13:59 - 2015-08-17 10:41 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-21 13:59 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-21 13:58 - 2015-08-18 22:07 - 00035226 _____ C:\WINDOWS\PFRO.log
2015-09-21 13:58 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-21 13:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-21 13:57 - 2015-07-10 11:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-09-21 12:58 - 2015-08-17 10:41 - 00000982 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-21 10:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-20 23:12 - 2015-08-21 10:09 - 00000600 _____ C:\Users\zdenda\AppData\Roaming\winscp.rnd
2015-09-20 23:02 - 2015-08-20 15:03 - 00000000 ____D C:\Users\zdenda\Desktop\lovi-zs
2015-09-20 23:01 - 2015-08-17 12:00 - 00011622 _____ C:\Users\zdenda\Desktop\hesla.xlsx
2015-09-20 13:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-09-20 12:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-19 16:08 - 2015-08-19 10:45 - 00000000 ____D C:\Users\zdenda\AppData\Local\Comms
2015-09-18 10:16 - 2015-08-16 14:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-17 21:53 - 2015-08-17 10:41 - 00004040 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 21:53 - 2015-08-17 10:41 - 00003808 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-17 13:11 - 2015-08-16 14:39 - 00000000 ____D C:\Users\zdenda\AppData\Local\VirtualStore
2015-09-16 09:01 - 2015-08-16 14:39 - 00000000 ____D C:\Users\zdenda\AppData\Local\Packages
2015-09-16 08:58 - 2015-08-16 22:12 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-16 08:58 - 2015-08-16 22:12 - 00000000 ____D C:\ProgramData\Skype
2015-09-15 21:10 - 2015-08-18 22:16 - 00000000 ____D C:\Users\zdenda
2015-09-15 12:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-15 11:20 - 2015-08-17 10:41 - 00000000 ____D C:\Users\zdenda\AppData\Local\Google
2015-09-15 00:18 - 2015-08-17 11:44 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-14 14:22 - 2015-08-16 14:40 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Adobe
2015-09-14 14:21 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-14 14:20 - 2015-07-10 12:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-09-14 14:20 - 2015-07-10 12:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-09-14 14:20 - 2015-07-10 12:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-09-14 14:20 - 2015-07-10 12:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-09-14 14:01 - 2015-07-10 14:20 - 00014898 _____ C:\WINDOWS\setupact.log
2015-09-14 11:03 - 2015-08-21 10:37 - 00000000 ____D C:\Users\zdenda\Desktop\filmy
2015-09-13 15:00 - 2015-08-18 19:48 - 00000000 ____D C:\Users\zdenda\.FBReader
2015-09-12 11:05 - 2015-08-17 10:41 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-11 14:06 - 2015-08-18 22:24 - 01762290 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-11 14:06 - 2015-07-10 18:02 - 00746648 _____ C:\WINDOWS\system32\perfh005.dat
2015-09-11 14:06 - 2015-07-10 18:02 - 00149550 _____ C:\WINDOWS\system32\perfc005.dat
2015-09-11 14:04 - 2015-08-19 10:49 - 00002401 _____ C:\Users\zdenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-11 13:59 - 2015-07-10 14:20 - 00460656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-11 13:57 - 2015-07-10 18:05 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-11 13:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-10 18:46 - 2015-08-19 18:42 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-10 18:44 - 2013-08-22 15:25 - 00000167 _____ C:\WINDOWS\win.ini
2015-09-10 18:43 - 2015-08-16 17:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-07 21:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\System
2015-09-07 18:47 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-02 11:39 - 2015-08-18 22:26 - 00002332 _____ C:\Users\zdenda\Desktop\Google Chrome.lnk
2015-09-01 13:14 - 2015-08-19 17:22 - 00001965 _____ C:\Users\zdenda\Desktop\PSPad.lnk
2015-08-29 18:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-29 14:33 - 2015-02-14 14:04 - 00000000 ____D C:\Users\zdenda\Desktop\Karty
2015-08-28 11:49 - 2015-08-21 10:35 - 00000000 ___RD C:\Users\zdenda\Desktop\hudba
2015-08-27 17:36 - 2015-08-17 15:18 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\BSplayer
2015-08-26 18:37 - 2015-08-16 17:31 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-25 09:58 - 2015-08-20 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2015-08-23 20:57 - 2015-08-17 15:00 - 00001954 _____ C:\Users\zdenda\Desktop\FBReader.lnk
2015-08-23 20:57 - 2015-08-17 15:00 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FBReader for Windows
2015-08-23 11:11 - 2015-08-21 14:06 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Audacity

==================== Files in the root of some directories =======

2015-08-21 10:09 - 2015-09-20 23:12 - 0000600 _____ () C:\Users\zdenda\AppData\Roaming\winscp.rnd
2015-08-18 22:12 - 2015-08-18 22:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-12 23:22

==================== End of FRST.txt ============================
Zdeněk Flanderka
mám notebook DELL
OS: Win 10 Home
Procesor: Intel Core i5-4200U 1,60GHz 2,30 GHz
RAM: 8,00 GB (použitelné 7,89 GB)
Typ systému: 64bit, procesor pro platformu x64
Rozlišení: 1600x900 (doporučeno)
Nahoru
Zdeněk Flanderka
nováček
Příspěvky: 47
Registrován: září 15
Pohlaví: Muž
Stav:
Offline

Re: automatické rovnání ikon

Příspěvekod Zdeněk Flanderka » 21 zář 2015 14:18

frst část 1
----------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by zdenda (administrator) on FLANDELLKA (21-09-2015 14:10:54)
Running from C:\Users\zdenda\Downloads
Loaded Profiles: zdenda (Available Profiles: zdenda)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files\AutoHotkey\AutoHotkey.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [396688 2015-07-18] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408 2013-03-05] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557984 2014-08-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [UVS11 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [341488 2007-03-03] (InterVideo Digital Technology Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2292692883-487480938-3015334422-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-2292692883-487480938-3015334422-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\test.ahk.ahk [2015-08-20] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\XAMPP Control Panel.lnk [2015-08-20]
ShortcutTarget: XAMPP Control Panel.lnk -> C:\xampp\xampp-control.exe ()
Startup: C:\Users\zdenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2015-09-14]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b6673560-0908-4de2-b30e-47e0d5be3142}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2292692883-487480938-3015334422-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotm ... ?ocid=iehp
SearchScopes: HKU\S-1-5-21-2292692883-487480938-3015334422-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-07] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-07] (Oracle Corporation)
Zdeněk Flanderka
mám notebook DELL
OS: Win 10 Home
Procesor: Intel Core i5-4200U 1,60GHz 2,30 GHz
RAM: 8,00 GB (použitelné 7,89 GB)
Typ systému: 64bit, procesor pro platformu x64
Rozlišení: 1600x900 (doporučeno)
Nahoru
Zdeněk Flanderka
nováček
Příspěvky: 47
Registrován: září 15
Pohlaví: Muž
Stav:
Offline

Re: automatické rovnání ikon

Příspěvekod Zdeněk Flanderka » 21 zář 2015 14:21

frst část 2
----------

FireFox:
========
FF ProfilePath: C:\Users\zdenda\AppData\Roaming\Mozilla\Firefox\Profiles\tdyeim5r.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-11] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-11] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2292692883-487480938-3015334422-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\zdenda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File

Chrome:
=======
CHR Profile: C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-17]
CHR Extension: (Dokumenty Google) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-17]
CHR Extension: (Disk Google) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-17]
CHR Extension: (YouTube) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-17]
CHR Extension: (Vyhledávání Google) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-17]
CHR Extension: (Tabulky Google) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-17]
CHR Extension: (Gmail) - C:\Users\zdenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-17]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-11] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-06-24] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [231520 2015-07-14] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-11] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-03-05] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-09-08] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-21 14:10 - 2015-09-21 14:11 - 00015040 _____ C:\Users\zdenda\Downloads\FRST.txt
2015-09-21 14:06 - 2015-09-21 14:10 - 00000000 ____D C:\FRST
2015-09-21 14:05 - 2015-09-21 14:06 - 02191360 _____ (Farbar) C:\Users\zdenda\Downloads\FRST64.exe
2015-09-21 13:59 - 2015-09-21 13:59 - 00016148 _____ C:\WINDOWS\system32\FLANDELLKA_zdenda_HistoryPrediction.bin
2015-09-21 13:56 - 2015-09-21 13:35 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-09-21 13:43 - 2015-09-21 13:59 - 00006683 _____ C:\zoek-results.log
2015-09-21 13:35 - 2015-09-21 13:54 - 00000000 ____D C:\zoek_backup
2015-09-21 13:34 - 2015-09-21 13:34 - 01308672 _____ C:\Users\zdenda\Desktop\zoek.exe
2015-09-21 13:16 - 2015-09-21 13:16 - 22748744 _____ C:\Users\zdenda\Desktop\RogueKillerX64.exe
2015-09-21 13:08 - 2015-09-21 13:08 - 00000000 ____D C:\Users\zdenda\AppData\Local\CrashDumps
2015-09-20 13:36 - 2015-09-21 13:16 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-09-20 13:36 - 2015-09-20 13:36 - 00000000 ____D C:\ProgramData\RogueKiller
2015-09-20 13:23 - 2015-09-20 13:23 - 00000000 ____D C:\Users\zdenda\AppData\Local\Canon_INC
2015-09-19 17:31 - 2015-09-19 17:31 - 00001146 _____ C:\Users\zdenda\Desktop\JRT.txt
2015-09-19 17:26 - 2015-09-19 17:27 - 01798976 _____ (Malwarebytes) C:\Users\zdenda\Desktop\JRT.exe
2015-09-19 17:09 - 2015-09-19 17:09 - 00002913 _____ C:\Users\zdenda\Desktop\mal.txt
2015-09-19 16:19 - 2015-09-20 12:56 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-19 16:19 - 2015-09-19 16:19 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-19 16:19 - 2015-09-19 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-19 16:19 - 2015-09-19 16:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-19 16:19 - 2015-09-19 16:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-19 16:19 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-19 16:19 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-19 16:19 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-18 20:59 - 2015-09-18 20:59 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\zdenda\Desktop\mbam-setup-2.1.8.1057.exe
2015-09-18 20:53 - 2015-09-20 12:50 - 00000000 ____D C:\AdwCleaner
2015-09-18 20:52 - 2015-09-18 20:52 - 01662976 _____ C:\Users\zdenda\Desktop\AdwCleaner.exe
2015-09-18 20:50 - 2015-09-18 20:50 - 00000000 ____D C:\Users\zdenda\AppData\Local\CEF
2015-09-18 20:49 - 2015-09-21 10:32 - 00000000 ____D C:\Users\zdenda\AppData\Local\Adobe
2015-09-18 20:42 - 2015-09-18 20:42 - 00448512 _____ (OldTimer Tools) C:\Users\zdenda\Desktop\TFC.exe
2015-09-18 17:47 - 2015-09-18 17:47 - 00050688 _____ (Atribune.org) C:\Users\zdenda\Desktop\ATF-Cleaner.exe
2015-09-18 15:16 - 2015-09-18 15:16 - 00011089 _____ C:\Users\zdenda\Desktop\hijackthis.log
2015-09-18 15:09 - 2015-09-18 15:10 - 00388608 _____ (Trend Micro Inc.) C:\Users\zdenda\Desktop\HijackThis.exe
2015-09-17 13:12 - 2015-09-17 13:14 - 00019164 _____ C:\Users\zdenda\Documents\ikony.dst
2015-09-17 13:10 - 2015-09-17 13:10 - 00000000 ____D C:\Users\zdenda\Desktop\Nová složka (3)
2015-09-17 13:09 - 2015-09-17 13:09 - 02432384 _____ C:\Users\zdenda\Desktop\DragStrip---Parádní-panel-s-přetahováním-a-plno-funkcemi.zip
2015-09-16 11:34 - 2015-09-16 11:35 - 96996227 _____ C:\Users\zdenda\Desktop\chrome-win32.zip
2015-09-16 09:11 - 2015-09-16 09:11 - 00111371 _____ C:\Users\zdenda\Desktop\DesktopOK_Unicode.zip
2015-09-16 08:58 - 2015-09-16 08:58 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-16 08:58 - 2015-09-16 08:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-15 17:14 - 2015-09-15 20:44 - 00000000 ____D C:\Users\zdenda\VirtualBox VMs
2015-09-15 17:13 - 2015-09-15 20:44 - 00000000 ____D C:\Users\zdenda\.VirtualBox
2015-09-15 17:13 - 2015-09-15 17:13 - 00001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-09-15 17:13 - 2015-09-15 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-09-15 17:13 - 2015-09-08 11:48 - 00964392 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2015-09-15 17:13 - 2015-09-08 11:47 - 00138904 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2015-09-15 17:12 - 2015-09-15 17:12 - 00000000 ____D C:\Program Files\Oracle
2015-09-15 17:09 - 2015-09-15 17:11 - 116662984 _____ (Oracle Corporation) C:\Users\zdenda\Desktop\VirtualBox-5.0.4-102546-Win.exe
2015-09-15 15:11 - 2015-09-15 15:20 - 00249856 ____N (Microsoft Corporation) C:\WINDOWS\Setup1.exe
2015-09-15 15:11 - 2015-09-15 15:20 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE
2015-09-15 10:53 - 2015-09-15 10:53 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\.mono
2015-09-15 10:38 - 2015-09-15 10:53 - 00000000 ____D C:\Users\zdenda\Desktop\Kerbal.Space.Program.v1.0.4.861
2015-09-14 14:21 - 2015-09-14 14:21 - 00000000 ____D C:\Users\zdenda\Documents\Adobe
2015-09-14 13:56 - 2015-09-14 13:56 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Canon_Inc_IC
2015-09-14 13:55 - 2015-09-14 13:56 - 00000000 ____D C:\Users\zdenda\Desktop\ovládání foto
2015-09-14 13:46 - 2015-09-14 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-09-14 13:46 - 2015-09-14 13:48 - 00000000 ____D C:\Program Files (x86)\Canon
2015-09-14 13:46 - 2015-09-14 13:46 - 00000000 ____D C:\Program Files\Canon
2015-09-14 13:39 - 2015-09-14 13:39 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\canon
2015-09-14 13:39 - 2015-09-14 13:39 - 00000000 ____D C:\ProgramData\Canon_Inc_IC
2015-09-13 16:04 - 2015-09-13 16:04 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Downloaded Installations
2015-09-13 15:20 - 2015-09-13 15:29 - 00000000 ____D C:\Users\zdenda\Documents\Knihovna Calibre
2015-09-13 14:35 - 2015-09-13 14:36 - 00000000 ____D C:\Users\zdenda\.cr3
2015-09-13 14:22 - 2015-09-13 14:22 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\PDM
2015-09-13 14:14 - 2015-09-13 14:16 - 00000000 ____D C:\ProgramData\AllMyBooks
2015-09-13 14:14 - 2015-09-13 14:14 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Obsidium
2015-09-12 22:43 - 2015-09-12 22:45 - 00000000 ____D C:\Users\zdenda\AppData\Local\Seznam.cz
2015-09-12 22:43 - 2015-09-12 22:43 - 00001976 _____ C:\Users\zdenda\Desktop\Seznam.cz.lnk
2015-09-12 22:43 - 2015-09-12 22:43 - 00001956 _____ C:\Users\zdenda\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.lnk
2015-09-12 11:05 - 2015-09-12 11:05 - 00002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-09-12 11:04 - 2015-09-12 11:04 - 00929360 _____ (Google Inc.) C:\Users\zdenda\Desktop\GoogleEarthSetup.exe
2015-09-10 14:21 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-10 14:21 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-10 14:21 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-10 14:21 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-10 14:21 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-10 14:21 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-10 14:21 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-10 14:21 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-10 14:21 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-10 14:21 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-10 14:21 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-10 14:21 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-10 14:21 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-10 14:21 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-10 14:21 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-10 14:21 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-10 14:21 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-10 14:21 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-10 14:21 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-10 14:21 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-10 14:21 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-10 14:21 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-10 14:21 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-10 14:21 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-10 14:21 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-10 14:21 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-10 14:21 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-10 14:21 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-10 14:21 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-10 14:21 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-10 14:21 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-10 14:21 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-08 17:36 - 2015-09-08 17:36 - 00000000 ____D C:\Users\zdenda\Documents\Ulead VideoStudio
2015-09-08 17:33 - 2015-09-08 17:37 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Ulead Systems
2015-09-08 17:30 - 2015-09-08 17:30 - 00001914 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-09-08 17:30 - 2015-09-08 17:30 - 00000000 ____D C:\ProgramData\SmartSound Software Inc
2015-09-08 17:30 - 2015-09-08 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-09-08 17:30 - 2015-09-08 17:30 - 00000000 ____D C:\Program Files (x86)\SmartSound Software
2015-09-08 17:30 - 2015-09-08 17:30 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-09-08 17:29 - 2015-09-08 17:29 - 00000000 ____D C:\ProgramData\InterVideo
2015-09-08 17:28 - 2015-09-08 17:28 - 00002253 _____ C:\Users\Public\Desktop\Ulead VideoStudio 11.lnk
2015-09-08 17:28 - 2015-09-08 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio 11
2015-09-08 17:28 - 2007-03-06 11:58 - 00210456 _____ C:\WINDOWS\SysWOW64\IVIresizeW7.dll
2015-09-08 17:28 - 2007-03-06 11:58 - 00206360 _____ C:\WINDOWS\SysWOW64\IVIresizeA6.dll
2015-09-08 17:28 - 2007-03-06 11:58 - 00198168 _____ C:\WINDOWS\SysWOW64\IVIresizeP6.dll
2015-09-08 17:28 - 2007-03-06 11:58 - 00198168 _____ C:\WINDOWS\SysWOW64\IVIresizeM6.dll
2015-09-08 17:28 - 2007-03-06 11:58 - 00194072 _____ C:\WINDOWS\SysWOW64\IVIresizePX.dll
2015-09-08 17:28 - 2007-03-06 11:58 - 00026136 _____ C:\WINDOWS\SysWOW64\IVIresize.dll
2015-09-08 17:27 - 2015-09-08 17:33 - 00000000 ____D C:\ProgramData\Ulead Systems
2015-09-08 17:27 - 2015-09-08 17:27 - 00000000 ____D C:\Program Files (x86)\Ulead Systems
2015-09-08 17:20 - 2015-09-08 17:23 - 00000000 ____D C:\Users\zdenda\Desktop\Nová složka (2)
2015-09-08 16:33 - 2015-09-08 17:16 - 783898424 _____ C:\Users\zdenda\Desktop\Ulead-Video-Studio-v11-+-Keygen.rar
2015-09-08 16:21 - 2015-09-08 16:21 - 00001883 _____ C:\Users\zdenda\Desktop\Programy a funkce.lnk
2015-09-08 16:21 - 2015-09-08 16:21 - 00000405 _____ C:\Users\zdenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programy a funkce.lnk
2015-09-08 15:46 - 2015-09-08 16:07 - 00000000 ____D C:\Users\zdenda\Documents\Polda III
2015-09-08 15:45 - 2015-09-08 16:22 - 00000000 ____D C:\Program Files (x86)\Polda 3
2015-09-08 11:47 - 2015-09-08 11:47 - 00146072 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2015-09-08 11:47 - 2015-09-08 11:47 - 00117768 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys
2015-09-07 21:52 - 2015-09-07 21:52 - 00000000 ____D C:\Users\zdenda\Desktop\Nová složka
2015-09-07 21:51 - 2015-09-07 21:51 - 01908225 _____ C:\Users\zdenda\Desktop\VirtualDub-1.10.4.zip
2015-09-07 20:50 - 2015-09-07 20:50 - 00001845 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Art of Illusion.lnk
2015-09-07 20:50 - 2015-09-07 20:50 - 00001839 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Start Art of Illusion.lnk
2015-09-07 20:50 - 2015-09-07 20:50 - 00001833 _____ C:\Users\Public\Desktop\Start Art of Illusion.lnk
2015-09-07 20:50 - 2015-09-07 20:50 - 00000000 ____D C:\Users\zdenda\.artofillusion
2015-09-07 20:50 - 2015-09-07 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Art of Illusion
2015-09-07 20:50 - 2015-09-07 20:50 - 00000000 ____D C:\Program Files\ArtOfIllusion
2015-09-07 20:28 - 2015-09-07 20:28 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-07 20:28 - 2015-09-07 20:28 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Sun
2015-09-07 20:28 - 2015-09-07 20:28 - 00000000 ____D C:\Users\zdenda\.oracle_jre_usage
2015-09-07 20:28 - 2015-09-07 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-07 20:27 - 2015-09-07 20:49 - 00000000 ____D C:\ProgramData\Oracle
2015-09-07 20:27 - 2015-09-07 20:27 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-07 20:26 - 2015-09-07 20:26 - 06900074 _____ () C:\Users\zdenda\Desktop\ArtOfIllusion272-Windows.exe
2015-09-07 20:26 - 2015-09-07 20:26 - 00584288 _____ (Oracle Corporation) C:\Users\zdenda\Desktop\JavaSetup8u60.exe
2015-09-07 20:18 - 2015-09-07 20:22 - 00000000 ____D C:\ProgramData\TEMP
2015-09-07 20:09 - 2015-09-07 20:09 - 00000000 ____D C:\Users\Public\Documents\PhotoModeler
2015-09-07 20:03 - 2015-09-07 20:09 - 188887485 _____ C:\Users\zdenda\Desktop\PM6DemoSetup.exe
2015-09-07 19:54 - 2015-09-07 19:54 - 08211457 _____ (Delgine ) C:\Users\zdenda\Desktop\deledlitesetup.exe
2015-09-07 19:54 - 2015-09-07 19:54 - 00001003 _____ C:\Users\zdenda\Desktop\DeleD.lnk
2015-09-07 19:54 - 2015-09-07 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeleD LITE
2015-09-07 19:54 - 2015-09-07 19:54 - 00000000 ____D C:\Program Files (x86)\DeleD LITE
2015-09-07 19:50 - 2015-09-07 19:50 - 00000000 ____D C:\Users\zdenda\Documents\My Palettes
2015-09-07 19:49 - 2015-09-07 19:49 - 00000000 ____D C:\Users\zdenda\Documents\Corel
2015-09-07 18:52 - 2015-09-07 19:49 - 00000000 ____D C:\ProgramData\Protexis
2015-09-07 18:52 - 2015-09-07 18:52 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Corel
2015-09-07 18:51 - 2015-09-07 18:51 - 00000000 ____D C:\Users\zdenda\Desktop\kuchyň
2015-09-07 18:44 - 2015-09-07 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7
2015-09-07 18:44 - 2015-09-07 18:44 - 00000000 ____D C:\Users\Public\Documents\Corel
2015-09-07 18:43 - 2015-09-07 19:49 - 00000000 ____D C:\ProgramData\Corel
2015-09-07 18:43 - 2015-09-07 18:44 - 00000000 ____D C:\Program Files (x86)\Corel
2015-09-07 15:59 - 2015-09-07 15:59 - 00000000 ____D C:\Users\zdenda\eTeks
2015-09-07 15:58 - 2015-09-07 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2015-09-07 15:58 - 2015-09-07 15:58 - 00000000 ____D C:\Program Files\Sweet Home 3D
2015-09-07 14:34 - 2015-09-07 14:34 - 00001112 _____ C:\Users\zdenda\Desktop\Safari.exe – zástupce.lnk
2015-09-07 11:04 - 2015-09-07 11:42 - 00009152 _____ C:\Users\zdenda\Desktop\Hagia Sophia.xlsx
2015-09-07 10:46 - 2015-09-07 10:46 - 00000000 ___RD C:\Users\zdenda\3D Objects
2015-09-05 14:23 - 2015-09-05 14:23 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\AMD
2015-09-04 13:38 - 2015-09-08 17:30 - 00000000 ____D C:\ProgramData\Apple Computer
2015-09-04 13:38 - 2015-09-04 13:38 - 00002529 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2015-09-04 13:38 - 2015-09-04 13:38 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Apple Computer
2015-09-04 13:37 - 2015-09-04 13:37 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-04 13:37 - 2015-09-04 13:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-09-04 13:37 - 2015-09-04 13:37 - 00000000 ____D C:\ProgramData\Apple
2015-09-04 13:37 - 2015-09-04 13:37 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-04 13:35 - 2015-09-17 11:38 - 00003944 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1441366492
2015-09-04 13:35 - 2015-09-17 11:38 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-09-04 13:35 - 2015-09-04 13:35 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Opera Software
2015-09-04 13:35 - 2015-09-04 13:35 - 00000000 ____D C:\Users\zdenda\AppData\Local\Opera Software
2015-09-04 13:35 - 2015-09-04 13:34 - 00001204 _____ C:\Users\zdenda\Desktop\Opera.lnk
2015-09-04 13:34 - 2015-09-17 11:38 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-04 13:30 - 2015-09-15 21:16 - 00000000 ____D C:\Users\zdenda\Desktop\prohlížeče
2015-09-02 12:43 - 2015-09-02 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL
2015-09-02 12:43 - 2015-09-02 12:43 - 00000000 ____D C:\OpenSSL-Win64
2015-09-02 12:43 - 2015-07-09 19:21 - 00379392 _____ (The OpenSSL Project, http://www.openssl.org/) C:\WINDOWS\system32\ssleay32.dll
2015-09-02 12:43 - 2015-07-09 19:21 - 00379392 _____ (The OpenSSL Project, http://www.openssl.org/) C:\WINDOWS\system32\libssl32.dll
2015-09-02 12:43 - 2015-07-09 19:20 - 02077184 _____ (The OpenSSL Project, http://www.openssl.org/) C:\WINDOWS\system32\libeay32.dll
2015-09-02 12:43 - 2013-10-04 23:58 - 00963232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120.dll
2015-09-02 12:27 - 2015-09-02 12:43 - 00000000 ____D C:\totalcmd
2015-09-02 12:27 - 2015-09-02 12:31 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\GHISLER
2015-09-02 12:27 - 2015-09-02 12:27 - 06391640 _____ (Ghisler Software GmbH) C:\Users\zdenda\Downloads\tcmd852x32_64.exe
2015-09-02 12:27 - 2015-09-02 12:27 - 00000683 _____ C:\Users\zdenda\Desktop\Total Commander 64 bit.lnk
2015-09-02 12:27 - 2015-09-02 12:27 - 00000669 _____ C:\Users\zdenda\Desktop\Total Commander.lnk
2015-09-02 12:27 - 2015-09-02 12:27 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-09-01 12:56 - 2015-09-01 12:56 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\WinRAR
2015-09-01 12:51 - 2015-09-01 12:51 - 00001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2015-09-01 12:51 - 2015-09-01 12:51 - 00001036 _____ C:\Users\Public\Desktop\WinRAR.lnk
2015-09-01 12:51 - 2015-09-01 12:51 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-09-01 12:51 - 2015-09-01 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-09-01 12:51 - 2015-09-01 12:51 - 00000000 ____D C:\Program Files\WinRAR
2015-09-01 12:50 - 2015-09-01 12:50 - 02129208 _____ C:\Users\zdenda\Desktop\winrar-x64-521cz.exe
2015-08-29 18:22 - 2015-08-29 18:22 - 00003618 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-flanDellka-zdenda
2015-08-29 18:19 - 2015-08-29 18:19 - 00001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 13.lnk
2015-08-29 18:19 - 2015-08-29 18:19 - 00001039 _____ C:\Users\Public\Desktop\Adobe Photoshop Elements 13.lnk
2015-08-29 18:19 - 2015-08-29 18:19 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-29 18:06 - 2015-08-29 18:18 - 00000000 ____D C:\Program Files\Adobe
2015-08-29 18:03 - 2015-08-29 18:10 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-08-29 18:03 - 2013-09-03 12:01 - 00056336 ____N (Corel Corporation) C:\WINDOWS\system32\Drivers\PxHlpa64.sys
2015-08-29 18:03 - 2012-04-24 12:01 - 00011376 ____N (Corel Corporation) C:\WINDOWS\system32\Drivers\cdralw2k.sys
2015-08-29 18:03 - 2012-04-24 12:01 - 00010864 ____N (Corel Corporation) C:\WINDOWS\system32\Drivers\cdr4_xp.sys
2015-08-29 17:53 - 2015-08-29 17:53 - 00000000 ____D C:\Users\zdenda\Desktop\Adobe Photoshop Elements 13 (64 bit) [Uploaded by Damo33]
2015-08-29 11:28 - 2015-08-29 11:34 - 00000000 ____D C:\Users\zdenda\Desktop\30_1_21ML_00
2015-08-29 11:22 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 11:22 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-29 11:22 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-29 11:22 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 11:22 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 11:22 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-29 11:22 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-29 11:22 - 2015-08-20 07:09 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-08-29 11:22 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 11:22 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-29 11:22 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 11:22 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-29 11:22 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-29 11:22 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 11:22 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 11:22 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 11:22 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-29 11:22 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-29 11:22 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 11:22 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 11:22 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-29 11:22 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 11:22 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-29 11:22 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-29 11:22 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 11:22 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-29 11:22 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 11:22 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 11:22 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 11:22 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-29 11:22 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-29 11:22 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 11:22 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-29 11:22 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-29 11:22 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-29 11:22 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-29 11:22 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-29 11:22 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-29 11:22 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-29 11:22 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-29 11:22 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-29 11:22 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-28 11:14 - 2015-08-28 11:16 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Ulozto File Manager
2015-08-28 11:14 - 2015-08-28 11:14 - 00000000 ____D C:\Users\zdenda\Documents\Ulozto
2015-08-23 21:56 - 2015-08-23 22:05 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-08-23 21:55 - 2015-08-23 22:06 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-08-23 21:55 - 2015-08-23 21:55 - 00002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-08-23 21:55 - 2015-08-23 21:55 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-23 21:54 - 2015-08-29 19:07 - 00000000 ____D C:\ProgramData\Adobe
2015-08-23 21:04 - 2015-08-23 21:04 - 00000000 ____D C:\ProgramData\UniqueId
2015-08-23 20:56 - 2015-09-15 21:19 - 00000000 ____D C:\Users\zdenda\Desktop\knihy

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-21 14:07 - 2015-08-19 10:49 - 00000000 ____D C:\Users\zdenda\OneDrive
2015-09-21 14:07 - 2015-08-17 12:15 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-21 14:07 - 2015-08-16 22:12 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Skype
2015-09-21 13:59 - 2015-08-18 22:12 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-21 13:59 - 2015-08-17 10:41 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-21 13:59 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-21 13:58 - 2015-08-18 22:07 - 00035226 _____ C:\WINDOWS\PFRO.log
2015-09-21 13:58 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-21 13:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-21 13:57 - 2015-07-10 11:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-09-21 12:58 - 2015-08-17 10:41 - 00000982 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-21 10:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-20 23:12 - 2015-08-21 10:09 - 00000600 _____ C:\Users\zdenda\AppData\Roaming\winscp.rnd
2015-09-20 23:02 - 2015-08-20 15:03 - 00000000 ____D C:\Users\zdenda\Desktop\lovi-zs
2015-09-20 23:01 - 2015-08-17 12:00 - 00011622 _____ C:\Users\zdenda\Desktop\hesla.xlsx
2015-09-20 13:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-09-20 12:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-19 16:08 - 2015-08-19 10:45 - 00000000 ____D C:\Users\zdenda\AppData\Local\Comms
2015-09-18 10:16 - 2015-08-16 14:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-17 21:53 - 2015-08-17 10:41 - 00004040 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 21:53 - 2015-08-17 10:41 - 00003808 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-17 13:11 - 2015-08-16 14:39 - 00000000 ____D C:\Users\zdenda\AppData\Local\VirtualStore
2015-09-16 09:01 - 2015-08-16 14:39 - 00000000 ____D C:\Users\zdenda\AppData\Local\Packages
2015-09-16 08:58 - 2015-08-16 22:12 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-16 08:58 - 2015-08-16 22:12 - 00000000 ____D C:\ProgramData\Skype
2015-09-15 21:10 - 2015-08-18 22:16 - 00000000 ____D C:\Users\zdenda
2015-09-15 12:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-15 11:20 - 2015-08-17 10:41 - 00000000 ____D C:\Users\zdenda\AppData\Local\Google
2015-09-15 00:18 - 2015-08-17 11:44 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-09-14 14:22 - 2015-08-16 14:40 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Adobe
2015-09-14 14:21 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-14 14:20 - 2015-07-10 12:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-09-14 14:20 - 2015-07-10 12:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-09-14 14:20 - 2015-07-10 12:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-09-14 14:20 - 2015-07-10 12:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-09-14 14:20 - 2015-07-10 12:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-09-14 14:01 - 2015-07-10 14:20 - 00014898 _____ C:\WINDOWS\setupact.log
2015-09-14 11:03 - 2015-08-21 10:37 - 00000000 ____D C:\Users\zdenda\Desktop\filmy
2015-09-13 15:00 - 2015-08-18 19:48 - 00000000 ____D C:\Users\zdenda\.FBReader
2015-09-12 11:05 - 2015-08-17 10:41 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-11 14:06 - 2015-08-18 22:24 - 01762290 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-11 14:06 - 2015-07-10 18:02 - 00746648 _____ C:\WINDOWS\system32\perfh005.dat
2015-09-11 14:06 - 2015-07-10 18:02 - 00149550 _____ C:\WINDOWS\system32\perfc005.dat
2015-09-11 14:04 - 2015-08-19 10:49 - 00002401 _____ C:\Users\zdenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-11 13:59 - 2015-07-10 14:20 - 00460656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-11 13:57 - 2015-07-10 18:05 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-11 13:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-10 18:46 - 2015-08-19 18:42 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-10 18:44 - 2013-08-22 15:25 - 00000167 _____ C:\WINDOWS\win.ini
2015-09-10 18:43 - 2015-08-16 17:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-07 21:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\System
2015-09-07 18:47 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-02 11:39 - 2015-08-18 22:26 - 00002332 _____ C:\Users\zdenda\Desktop\Google Chrome.lnk
2015-09-01 13:14 - 2015-08-19 17:22 - 00001965 _____ C:\Users\zdenda\Desktop\PSPad.lnk
2015-08-29 18:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-29 14:33 - 2015-02-14 14:04 - 00000000 ____D C:\Users\zdenda\Desktop\Karty
2015-08-28 11:49 - 2015-08-21 10:35 - 00000000 ___RD C:\Users\zdenda\Desktop\hudba
2015-08-27 17:36 - 2015-08-17 15:18 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\BSplayer
2015-08-26 18:37 - 2015-08-16 17:31 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-25 09:58 - 2015-08-20 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2015-08-23 20:57 - 2015-08-17 15:00 - 00001954 _____ C:\Users\zdenda\Desktop\FBReader.lnk
2015-08-23 20:57 - 2015-08-17 15:00 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FBReader for Windows
2015-08-23 11:11 - 2015-08-21 14:06 - 00000000 ____D C:\Users\zdenda\AppData\Roaming\Audacity

==================== Files in the root of some directories =======

2015-08-21 10:09 - 2015-09-20 23:12 - 0000600 _____ () C:\Users\zdenda\AppData\Roaming\winscp.rnd
2015-08-18 22:12 - 2015-08-18 22:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-12 23:22

==================== End of FRST.txt ============================
Zdeněk Flanderka
mám notebook DELL
OS: Win 10 Home
Procesor: Intel Core i5-4200U 1,60GHz 2,30 GHz
RAM: 8,00 GB (použitelné 7,89 GB)
Typ systému: 64bit, procesor pro platformu x64
Rozlišení: 1600x900 (doporučeno)
Nahoru
Zdeněk Flanderka
nováček
Příspěvky: 47
Registrován: září 15
Pohlaví: Muž
Stav:
Offline

Re: automatické rovnání ikon

Příspěvekod Zdeněk Flanderka » 21 zář 2015 14:22

Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by zdenda (2015-09-21 14:12:04)
Running from C:\Users\zdenda\Downloads
Windows 10 Home (X64) (2015-08-19 08:43:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2292692883-487480938-3015334422-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2292692883-487480938-3015334422-503 - Limited - Disabled)
Guest (S-1-5-21-2292692883-487480938-3015334422-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2292692883-487480938-3015334422-1004 - Limited - Enabled)
Jan (S-1-5-21-2292692883-487480938-3015334422-1005 - Limited - Enabled)
zdenda (S-1-5-21-2292692883-487480938-3015334422-1001 - Administrator - Enabled) => C:\Users\zdenda

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Disabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games)
AMD Catalyst Install Manager (HKLM\...\{40497F68-4E40-7578-7288-E38074390E79}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{313c06de-4aa7-4a1f-930a-f10f80380426}) (Version: 17.14.0 - Intel Corporation)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AutoHotkey 1.1.22.04 (HKLM-x32\...\AutoHotkey) (Version: 1.1.22.04 - Lexikos)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.2.10.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 0.9.0.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.2.10.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.15.10.0 - Canon Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B865FDD4-E96E-4166-BB69-6E8C207E3E29}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x32 Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (HKLM-x32\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.0.0.491 - Corel Corporation)
CorelDRAW Graphics Suite X7 (x32 Version: 17.0 - Corel Corporation) Hidden
DeleD 3D Editor 1.81 LITE (HKLM-x32\...\DeleD 3D Editor_is1) (Version: 1.81 - Delgine)
Dell System Detect (HKU\S-1-5-21-2292692883-487480938-3015334422-1001\...\73f463568823ebbe) (Version: 6.5.0.6 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.3.13.5 - Synaptics Incorporated)
ESET Smart Security (HKLM\...\{4D8E383E-0AB7-482D-9327-BB92D53312B4}) (Version: 8.0.319.1 - ESET, spol s r. o.)
FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version: - )
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3220 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
InterVideo DeviceService (HKLM-x32\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 cs)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2 - Mozilla)
OpenSSL 1.0.2d Light (64-bit) (HKLM\...\OpenSSL Light (64-bit)_is1) (Version: - OpenSSL Win64 Installer Team)
Opera Stable 32.0.1948.25 (HKLM-x32\...\Opera 32.0.1948.25) (Version: 32.0.1948.25 - Opera Software)
Oracle VM VirtualBox 5.0.4 (HKLM\...\{FC191F32-1A67-4231-91D0-0059A57C99A8}) (Version: 5.0.4 - Oracle Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PowerXpressHybrid (x32 Version: 1.00.0000 - Název společnosti:) Hidden
Prohlížeč Seznam.cz (HKU\S-1-5-21-2292692883-487480938-3015334422-1001\...\Seznam Browser) (Version: - Seznam.cz a.s.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.8.2500 - Jan Fiala)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime (HKLM-x32\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39039 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
SmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.5.0 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (x32 Version: 3.0.5.0 - SmartSound Software Inc) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sweet Home 3D version 5.0 (HKLM\...\Sweet Home 3D_is1) (Version: 5.0 - eTeks)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52 - Ghisler Software GmbH)
Ulead VideoStudio 11 (HKLM-x32\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)
VideoStudio (x32 Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinSCP 5.7.5 (HKLM-x32\...\winscp3_is1) (Version: 5.7.5 - Martin Prikryl)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.11-1 - Bitnami)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

04-09-2015 13:37:13 Installed Safari
07-09-2015 18:46:34 Microsoft Visual Studio Tools for Applications 2012
13-09-2015 15:18:31 Installed calibre
15-09-2015 11:16:40 Odebráno: WinZip 19.5
17-09-2015 13:11:07 Installed DragStrip 3.8
19-09-2015 17:28:20 JRT Pre-Junkware Removal
21-09-2015 13:43:05 zoek.exe restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-09-21 13:43 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0719D0FB-03A3-46A8-B170-9EE84F835621} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1870C671-2B38-4114-826C-E803B84F482D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-17] (Google Inc.)
Task: {3E0C6698-5C6F-4C48-8C3F-132614166CF6} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-03-05] (Synaptics Incorporated)
Task: {6261F61F-9916-49C0-BE1A-321EDAF01E58} - System32\Tasks\AdobeAAMUpdater-1.0-flanDellka-zdenda => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27] (Adobe Systems Incorporated)
Task: {6BECC91E-CEB4-40F1-A569-CD4C144B79FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6C57EDA5-314D-426A-BCEB-A5B25ABBC97A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {74AC73A5-9420-4E85-B07A-46831F4E4468} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8CBF1329-33C0-4212-B586-05EED7DE6D27} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {920C4E64-5CA0-4257-976B-BE7B593A80BD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {935C688E-6103-4230-A2B5-D11D165A0AD0} - System32\Tasks\Opera scheduled Autoupdate 1441366492 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-11] (Opera Software)
Task: {B01B6495-A6CE-4BA1-9CCB-DEC68A4EB9BA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B4395255-A076-4B4A-BEAC-330FBB9660A3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B6F0B46D-C396-4370-B75B-384B77E731C5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D9A6FC72-AEA9-4175-B590-E63D2473A992} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DB6B4E25-ED94-44A9-BBF0-14F4256CDFB5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E248E5D9-FAEA-4ABA-9D47-73777EB0189D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E259AE5E-3013-4BE6-8B92-BCF84CF21E08} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {E3AB06D4-9536-4EA6-84FB-986DB03F3829} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-17] (Google Inc.)
Task: {EDD2EBC1-ACA7-43CC-8AA8-DD6B819D4178} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-10 13:00 - 2015-07-10 13:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-18 22:53 - 2015-08-18 22:53 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 12:54 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-29 11:22 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 11:22 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-18 00:35 - 2015-07-18 00:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-18 22:54 - 2015-08-18 22:54 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:05 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-19 12:54 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-18 22:54 - 2015-08-18 22:54 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:05 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-20 14:31 - 2015-08-19 05:12 - 00919552 _____ () C:\Program Files\AutoHotkey\AutoHotkey.exe
2015-08-16 15:21 - 2013-12-11 07:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:A85D770C

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2292692883-487480938-3015334422-1001\...\dell.com -> dell.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2292692883-487480938-3015334422-1001\Control Panel\Desktop\\Wallpaper -> c:\users\zdenda\desktop\shelby gt500.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6F289F33-4FB9-4DB2-9B8A-E62B3520D168}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{9907FE42-CCA8-4840-9187-54A00480D81E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{125269B2-FBF8-444E-8BAE-2F83E87B20D9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7DA7EC20-4C11-4337-932A-8E035A9DACFF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2AC6C63C-4FA3-4405-AA4C-74BF9BCFC4CD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D7C2B475-BC25-415F-AA08-80C8B1BF96BE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{621AFEA6-4B80-47E7-BCC8-C262676052BF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3C37C13C-CC59-4BDD-BC75-980F3F0AC779}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{795295A4-4609-4791-AC69-3F16D9E9C9CC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{624D4FCD-E76F-4BBB-AA5F-D02B1E74F569}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8A1941A5-F128-43F1-8648-F924B2146B2A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5EBD1C31-232E-452E-942C-5557F45E6917}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{D52C2E8B-F889-4B8A-A44E-E2643F0720BB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{E2DC9380-965D-4D51-AE28-E44C0F93F271}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{F380940E-EED2-47D7-AEB3-C8AD03FF2CA4}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{523CDA3F-73CB-4799-A0C3-9E7BCEB30C86}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{E0E04642-4C0C-453A-9728-CB856CD702DC}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{1AB63765-EE33-44D3-B3DC-1DD5CA866983}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{8662868E-EDDA-4F3F-9777-E69BDAA63F21}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{5262033D-F40A-4D4E-B2C3-D06599FCD2C1}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X7\Programs\CorelDrw.exe
FirewallRules: [{C9F07929-E578-4261-A41E-AC3C64292482}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X7\Programs\CorelPP.exe
FirewallRules: [{47CA444D-D31E-4858-B975-8B10570952FC}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
FirewallRules: [{F7601816-1A33-4E0E-BF59-6FE8DA53B8A2}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
FirewallRules: [{5D183C47-A619-4D16-A2A2-B7BF753CF21A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2015 01:43:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (09/21/2015 11:39:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: flanDellka)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (09/21/2015 10:30:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: flanDellka)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (09/20/2015 11:17:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: flanDellka)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (09/20/2015 01:23:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: flanDellka)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (09/20/2015 12:43:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: flanDellka)
Description: Aplikaci Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (09/20/2015 12:42:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utilman.exe, verze: 10.0.10240.16384, časové razítko: 0x559f3b24
Název chybujícího modulu: DUI70.dll, verze: 10.0.10240.16384, časové razítko: 0x559f3956
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003d2a1
ID chybujícího procesu: 0xcd8
Čas spuštění chybující aplikace: 0xutilman.exe0
Cesta k chybující aplikaci: utilman.exe1
Cesta k chybujícímu modulu: utilman.exe2
ID zprávy: utilman.exe3
Úplný název chybujícího balíčku: utilman.exe4
ID aplikace související s chybujícím balíčkem: utilman.exe5

Error: (09/20/2015 12:41:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: flanDellka)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (09/20/2015 12:40:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SystemSettingsBroker.exe, verze: 10.0.10240.16384, časové razítko: 0x559f39c2
Název chybujícího modulu: NetworkMobileSettings.dll, verze: 10.0.10240.16461, časové razítko: 0x55d2dad2
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000b7ac0
ID chybujícího procesu: 0xa5c
Čas spuštění chybující aplikace: 0xSystemSettingsBroker.exe0
Cesta k chybující aplikaci: SystemSettingsBroker.exe1
Cesta k chybujícímu modulu: SystemSettingsBroker.exe2
ID zprávy: SystemSettingsBroker.exe3
Úplný název chybujícího balíčku: SystemSettingsBroker.exe4
ID aplikace související s chybujícím balíčkem: SystemSettingsBroker.exe5

Error: (09/20/2015 12:39:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: flanDellka)
Description: Aplikaci Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (09/21/2015 02:02:00 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (09/21/2015 01:57:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/21/2015 01:57:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/21/2015 01:57:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/21/2015 01:57:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/21/2015 01:53:52 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/21/2015 01:53:52 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/21/2015 01:53:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/21/2015 01:53:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/21/2015 01:53:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


CodeIntegrity:
===================================
Date: 2015-09-12 23:38:07.087
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-12 23:38:02.630
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 17%
Total physical RAM: 8080.36 MB
Available physical RAM: 6629.7 MB
Total Virtual: 9360.36 MB
Available Virtual: 7966.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.73 GB) (Free:866.5 GB) NTFS
Drive d: (CanonEOS301W) (CDROM) (Total:0.34 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 18D4D729)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================
Zdeněk Flanderka
mám notebook DELL
OS: Win 10 Home
Procesor: Intel Core i5-4200U 1,60GHz 2,30 GHz
RAM: 8,00 GB (použitelné 7,89 GB)
Typ systému: 64bit, procesor pro platformu x64
Rozlišení: 1600x900 (doporučeno)
Nahoru
Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: automatické rovnání ikon

Příspěvekod jerabina » 21 zář 2015 20:17

Co ty různé cracky?? Víš jaké je to bezpečnostní riziko?

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému.

Toto otestuj na Virustotal
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\test.ahk.ahk
C:\Windows\System32\drivers\wfpcapture.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557984 2014-08-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2292692883-487480938-3015334422-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-2292692883-487480938-3015334422-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)

HKU\S-1-5-21-2292692883-487480938-3015334422-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotm ... ?ocid=iehp

FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2292692883-487480938-3015334422-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\zdenda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File

C:\ProgramData\RogueKiller
C:\ProgramData\DP45977C.lfl

Task: {0719D0FB-03A3-46A8-B170-9EE84F835621} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1870C671-2B38-4114-826C-E803B84F482D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-17] (Google Inc.)
Task: {6261F61F-9916-49C0-BE1A-321EDAF01E58} - System32\Tasks\AdobeAAMUpdater-1.0-flanDellka-zdenda => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27] (Adobe Systems Incorporated)
Task: {6BECC91E-CEB4-40F1-A569-CD4C144B79FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {74AC73A5-9420-4E85-B07A-46831F4E4468} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8CBF1329-33C0-4212-B586-05EED7DE6D27} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {920C4E64-5CA0-4257-976B-BE7B593A80BD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B01B6495-A6CE-4BA1-9CCB-DEC68A4EB9BA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B4395255-A076-4B4A-BEAC-330FBB9660A3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B6F0B46D-C396-4370-B75B-384B77E731C5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D9A6FC72-AEA9-4175-B590-E63D2473A992} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DB6B4E25-ED94-44A9-BBF0-14F4256CDFB5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E248E5D9-FAEA-4ABA-9D47-73777EB0189D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E259AE5E-3013-4BE6-8B92-BCF84CF21E08} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {E3AB06D4-9536-4EA6-84FB-986DB03F3829} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-17] (Google Inc.)
Task: {EDD2EBC1-ACA7-43CC-8AA8-DD6B819D4178} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

AlternateDataStreams: C:\ProgramData\TEMP:A85D770C

IE trusted site: HKU\S-1-5-21-2292692883-487480938-3015334422-1001\...\dell.com -> dell.com

EmptyTemp:
End


(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Nahoru
Zdeněk Flanderka
nováček
Příspěvky: 47
Registrován: září 15
Pohlaví: Muž
Stav:
Offline

Re: automatické rovnání ikon

Příspěvekod Zdeněk Flanderka » 21 zář 2015 22:22

cracky jsou riziko, to vim,
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\test.ahk.ahk" to je kvůli tomu, že mi na klávesnici na obrazovce normálně nefungovaly písmena "ď", "ť" a "ň". S timhle to funguje.
a ten C:\Windows\System32\drivers\wfpcapture.sys vůbec nevidim
Přílohy
sys.JPG
Zdeněk Flanderka
mám notebook DELL
OS: Win 10 Home
Procesor: Intel Core i5-4200U 1,60GHz 2,30 GHz
RAM: 8,00 GB (použitelné 7,89 GB)
Typ systému: 64bit, procesor pro platformu x64
Rozlišení: 1600x900 (doporučeno)
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: automatické rovnání ikon

Příspěvekod jaro3 » 22 zář 2015 09:31

Udělej ten script a pak napiš , co problémy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Zdeněk Flanderka
nováček
Příspěvky: 47
Registrován: září 15
Pohlaví: Muž
Stav:
Offline

Re: automatické rovnání ikon

Příspěvekod Zdeněk Flanderka » 22 zář 2015 12:05

Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by zdenda (2015-09-22 11:48:42) Run:1
Running from C:\Users\zdenda\Desktop
Loaded Profiles: zdenda (Available Profiles: zdenda)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557984 2014-08-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2292692883-487480938-3015334422-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-2292692883-487480938-3015334422-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)

HKU\S-1-5-21-2292692883-487480938-3015334422-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotm ... ?ocid=iehp

FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2292692883-487480938-3015334422-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\zdenda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File

C:\ProgramData\RogueKiller
C:\ProgramData\DP45977C.lfl

Task: {0719D0FB-03A3-46A8-B170-9EE84F835621} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1870C671-2B38-4114-826C-E803B84F482D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-17] (Google Inc.)
Task: {6261F61F-9916-49C0-BE1A-321EDAF01E58} - System32\Tasks\AdobeAAMUpdater-1.0-flanDellka-zdenda => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27] (Adobe Systems Incorporated)
Task: {6BECC91E-CEB4-40F1-A569-CD4C144B79FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {74AC73A5-9420-4E85-B07A-46831F4E4468} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8CBF1329-33C0-4212-B586-05EED7DE6D27} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {920C4E64-5CA0-4257-976B-BE7B593A80BD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B01B6495-A6CE-4BA1-9CCB-DEC68A4EB9BA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B4395255-A076-4B4A-BEAC-330FBB9660A3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B6F0B46D-C396-4370-B75B-384B77E731C5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D9A6FC72-AEA9-4175-B590-E63D2473A992} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DB6B4E25-ED94-44A9-BBF0-14F4256CDFB5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E248E5D9-FAEA-4ABA-9D47-73777EB0189D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E259AE5E-3013-4BE6-8B92-BCF84CF21E08} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {E3AB06D4-9536-4EA6-84FB-986DB03F3829} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-17] (Google Inc.)
Task: {EDD2EBC1-ACA7-43CC-8AA8-DD6B819D4178} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

AlternateDataStreams: C:\ProgramData\TEMP:A85D770C

IE trusted site: HKU\S-1-5-21-2292692883-487480938-3015334422-1001\...\dell.com -> dell.com

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => key removed successfully
HKU\S-1-5-21-2292692883-487480938-3015334422-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value removed successfully
HKU\S-1-5-21-2292692883-487480938-3015334422-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKU\S-1-5-21-2292692883-487480938-3015334422-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value removed successfully
Firefox "newtab" removed successfully
Firefox "homepage" removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll => not found.
"HKU\S-1-5-21-2292692883-487480938-3015334422-1001\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0" => key removed successfully
C:\Users\zdenda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => not found.
C:\ProgramData\RogueKiller => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0719D0FB-03A3-46A8-B170-9EE84F835621}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0719D0FB-03A3-46A8-B170-9EE84F835621}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1870C671-2B38-4114-826C-E803B84F482D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1870C671-2B38-4114-826C-E803B84F482D}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6261F61F-9916-49C0-BE1A-321EDAF01E58}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6261F61F-9916-49C0-BE1A-321EDAF01E58}" => key removed successfully
C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-flanDellka-zdenda => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-flanDellka-zdenda" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BECC91E-CEB4-40F1-A569-CD4C144B79FA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BECC91E-CEB4-40F1-A569-CD4C144B79FA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74AC73A5-9420-4E85-B07A-46831F4E4468}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74AC73A5-9420-4E85-B07A-46831F4E4468}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8CBF1329-33C0-4212-B586-05EED7DE6D27}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CBF1329-33C0-4212-B586-05EED7DE6D27}" => key removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{920C4E64-5CA0-4257-976B-BE7B593A80BD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{920C4E64-5CA0-4257-976B-BE7B593A80BD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B01B6495-A6CE-4BA1-9CCB-DEC68A4EB9BA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B01B6495-A6CE-4BA1-9CCB-DEC68A4EB9BA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4395255-A076-4B4A-BEAC-330FBB9660A3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4395255-A076-4B4A-BEAC-330FBB9660A3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6F0B46D-C396-4370-B75B-384B77E731C5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6F0B46D-C396-4370-B75B-384B77E731C5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9A6FC72-AEA9-4175-B590-E63D2473A992}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9A6FC72-AEA9-4175-B590-E63D2473A992}" => key removed successfully
C:\WINDOWS\System32\Tasks\Apple\AppleSoftwareUpdate => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB6B4E25-ED94-44A9-BBF0-14F4256CDFB5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB6B4E25-ED94-44A9-BBF0-14F4256CDFB5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E248E5D9-FAEA-4ABA-9D47-73777EB0189D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E248E5D9-FAEA-4ABA-9D47-73777EB0189D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E259AE5E-3013-4BE6-8B92-BCF84CF21E08}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E259AE5E-3013-4BE6-8B92-BCF84CF21E08}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3AB06D4-9536-4EA6-84FB-986DB03F3829}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3AB06D4-9536-4EA6-84FB-986DB03F3829}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EDD2EBC1-ACA7-43CC-8AA8-DD6B819D4178}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDD2EBC1-ACA7-43CC-8AA8-DD6B819D4178}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => moved successfully
C:\ProgramData\TEMP => ":A85D770C" ADS removed successfully.
"HKU\S-1-5-21-2292692883-487480938-3015334422-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\dell.com" => key removed successfully
EmptyTemp: => 656 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 11:48:56 ====
-------
jerabina píše, abych na Virustotal otestoval soubor wfpcapture.sys, ale ten tady nemam, tak co s tím mam dělat?
Zdeněk Flanderka
mám notebook DELL
OS: Win 10 Home
Procesor: Intel Core i5-4200U 1,60GHz 2,30 GHz
RAM: 8,00 GB (použitelné 7,89 GB)
Typ systému: 64bit, procesor pro platformu x64
Rozlišení: 1600x900 (doporučeno)
Nahoru
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: automatické rovnání ikon

Příspěvekod Orcus » 22 zář 2015 15:54

Zobraz si skryté soubory + složky a poté ho vykopíruj na plochu. Pak by měl jít uploadnout na VT. ;-)
Láska hřeje, ale uhlí je uhlí. :fire:


Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 68 hostů