Pozustatky po LAN party

Zpráva

The_ERROR · #16 Příspěvek od **The_ERROR** » 18 pro 2016 21:52

Test na virustotal.com (nebzl tam xBAD, ale jen exe)

https://www.virustotal.com/cs/file/6735 ... 482093863/

Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-12-2016
Ran by Jana (18-12-2016 21:47:49) Run:2
Running from C:\Users\Jana\Desktop
Loaded Profiles: Jana (Available Profiles: Jana & jenik_000 & icewind)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
S2 Kerkcult; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S2 Kerkcult; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
RestoreQuarantine: C:\FRST\Quarantine\C\Program Files (x86)\QNAP
Folder: C:\Program Files(x86)\cv17zy31
C:\Program Files(x86)\cv17zy31
Folder: C:\Program Files(x86)\hc2uuo0o
C:\Program Files(x86)\hc2uuo0o
Folder: C:\Program Files(x86)\mjlssnii
C:\Program Files(x86)\mjlssnii
Folder: C:\Program Files(x86)\uubyk5rg
C:\Program Files(x86)\uubyk5rg
End
*****************

Processes closed successfully.
Restore point was successfully created.
Kerkcult => service removed successfully
Kerkcult => service not found.
RestoreQuarantine: C:\FRST\Quarantine\C\Program Files (x86)\QNAP=> Restoring from Quarantine completed.

========================= Folder: C:\Program Files(x86)\cv17zy31 ========================

not found.

====== End of Folder: ======

"C:\Program Files(x86)\cv17zy31" => not found.

========================= Folder: C:\Program Files(x86)\hc2uuo0o ========================

not found.

====== End of Folder: ======

"C:\Program Files(x86)\hc2uuo0o" => not found.

========================= Folder: C:\Program Files(x86)\mjlssnii ========================

not found.

====== End of Folder: ======

"C:\Program Files(x86)\mjlssnii" => not found.

========================= Folder: C:\Program Files(x86)\uubyk5rg ========================

not found.

====== End of Folder: ======

"C:\Program Files(x86)\uubyk5rg" => not found.

The system needed a reboot.

==== End of Fixlog 21:48:23 ====

#17 Příspěvek od **altrok** » 19 pro 2016 00:46

Musim se priznat, ze v pripade

Kód: Vybrat vše

Task: {AC972D71-0BB4-4B97-9159-B41C955BF1F3} - System32\Tasks\Anavopy Reports => C:\Program Files (x86)\Nqaywolution\ciwes.exe [2016-11-10] (Glarysoft Ltd)

si nejsem zcela jisty, o co se jedna. Soubor je sice podepsany a dle virustotalu cisty, ale zda se mi to zvlastni. Pouzivate/pouzival jste neco od Glarysoftu (v portfoliu produktu maji Malware Hunter apod.)?

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
Folder: C:\Program Files (x86)\cv17zy31
C:\Program Files (x86)\cv17zy31
Folder: C:\Program Files (x86)\hc2uuo0o
C:\Program Files (x86)\hc2uuo0o
Folder: C:\Program Files (x86)\mjlssnii
C:\Program Files (x86)\mjlssnii
Folder: C:\Program Files (x86)\uubyk5rg
C:\Program Files (x86)\uubyk5rg
End

The_ERROR · #18 Příspěvek od **The_ERROR** » 19 pro 2016 03:30

Jo, koukal jsem na to same. Taky jsem cekal rude zbarveny vysledek a tak jsem se dival o co se jedna. Kazdopadne 10.11. se pomerne shoduje prave s terminem Lanky (resp. instalaci SW (a malware) na ni), takze za me to byla soucast nejakeho malware, pac ja osobne zadny anti-malware behem toho neinstaloval, spis jen ten malware samotny.

Cele to zasandboxovat me napadlo uz moc pozde a kdo vi, jestli by se mi to i tak podarilo nejak udrzet na uzde....

Za me tedy jde spis o soucast malware, ktera se sice tvari legitime, ale vyzadana rozhodne neni a nebyla..

BTW, po fixu se nejak zdupal ucet a nejde se na nej znova prihlasit. Nicmene z toho dočasného (po prihlaseni do defaultu) jsou puvodni soubory ve starem (dokumenty, plocha atd.) videt.

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-12-2016
Ran by Jana (19-12-2016 03:16:35) Run:3
Running from C:\Users\Jana\Desktop
Loaded Profiles: Jana (Available Profiles: Jana & jenik_000 & icewind)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
Folder: C:\Program Files (x86)\cv17zy31
C:\Program Files (x86)\cv17zy31
Folder: C:\Program Files (x86)\hc2uuo0o
C:\Program Files (x86)\hc2uuo0o
Folder: C:\Program Files (x86)\mjlssnii
C:\Program Files (x86)\mjlssnii
Folder: C:\Program Files (x86)\uubyk5rg
C:\Program Files (x86)\uubyk5rg
End
*****************

Processes closed successfully.

========================= Folder: C:\Program Files (x86)\cv17zy31 ========================

2016-11-30 22:11 - 2016-11-30 22:14 - 0000000 ____D () C:\Program Files (x86)\cv17zy31\{60BE745B-D534-42D2-A932-48AC39E97CCC}
2016-11-30 22:11 - 2016-11-30 22:11 - 4361484 _____ () C:\Program Files (x86)\cv17zy31\{60BE745B-D534-42D2-A932-48AC39E97CCC}\pmwchuq8.kfc

====== End of Folder: ======

C:\Program Files (x86)\cv17zy31 => moved successfully

========================= Folder: C:\Program Files (x86)\hc2uuo0o ========================

2016-11-15 18:46 - 2016-11-15 18:46 - 0000000 ____D () C:\Program Files (x86)\hc2uuo0o\{CB865450-0A9F-4A22-9C0E-50637D463C68}
2016-11-15 18:46 - 2016-11-15 18:46 - 1264732 _____ () C:\Program Files (x86)\hc2uuo0o\{CB865450-0A9F-4A22-9C0E-50637D463C68}\tocfallx.pw9

====== End of Folder: ======

C:\Program Files (x86)\hc2uuo0o => moved successfully

========================= Folder: C:\Program Files (x86)\mjlssnii ========================

2016-12-07 22:57 - 2016-12-07 22:58 - 0000000 ____D () C:\Program Files (x86)\mjlssnii\{0DB01708-3139-43DA-80BE-89198A5FAE74}
2016-12-07 22:58 - 2016-12-07 22:58 - 9516772 _____ () C:\Program Files (x86)\mjlssnii\{0DB01708-3139-43DA-80BE-89198A5FAE74}\s186elvi.0y6

====== End of Folder: ======

C:\Program Files (x86)\mjlssnii => moved successfully

========================= Folder: C:\Program Files (x86)\uubyk5rg ========================

2016-11-15 20:54 - 2016-11-15 20:54 - 0000000 ____D () C:\Program Files (x86)\uubyk5rg\{F7A4E36D-7A11-468B-8FE8-FFCA4F24470A}
2016-11-15 20:54 - 2016-11-15 20:54 - 1264732 _____ () C:\Program Files (x86)\uubyk5rg\{F7A4E36D-7A11-468B-8FE8-FFCA4F24470A}\ticrnzae.5p8

====== End of Folder: ======

C:\Program Files (x86)\uubyk5rg => moved successfully

The system needed a reboot.

==== End of Fixlog 03:16:37 ====

#19 Příspěvek od **altrok** » 19 pro 2016 19:23

The_ERROR píše:BTW, po fixu se nejak zdupal ucet a nejde se na nej znova prihlasit. Nicmene z toho dočasného (po prihlaseni do defaultu) jsou puvodni soubory ve starem (dokumenty, plocha atd.) videt.

Tohle dost dobre nechapu. Popiste prosim problem detailneji.

Dale na virustotal otestujte soubory (mozna budou mit koncovku xBAD):
C:\FRST\Quarantine\C\Program Files (x86)\cv17zy31\{60BE745B-D534-42D2-A932-48AC39E97CCC}\pmwchuq8.kfc
C:\FRST\Quarantine\C\Program Files (x86)\hc2uuo0o\{CB865450-0A9F-4A22-9C0E-50637D463C68}\tocfallx.pw9
C:\FRST\Quarantine\C\Program Files (x86)\mjlssnii\{0DB01708-3139-43DA-80BE-89198A5FAE74}\s186elvi.0y6
C:\FRST\Quarantine\C\Program Files (x86)\uubyk5rg\{F7A4E36D-7A11-468B-8FE8-FFCA4F24470A}\ticrnzae.5p8

The_ERROR · #20 Příspěvek od **The_ERROR** » 19 pro 2016 21:00

No po posledním fixu a restartu, se po zadani uživatelského jmena a hesla objevi upozorneni, ze se k uctu nelze prihlasit a ze "většinou pomuze se znova odhlásit a přihasit" coz nezafungovalo a dvakrát posobe se to nepovedlo. Divne i je, ze se u ostatnich profilu zobrazuji obrazku u loginscreenu, ale u Janca profilu je jen modra obrazovka.... Je mozne, ze to primo nesouvisi s tim poslednim fixem, ale asi se tam neco nejak potkalo.

V pruzkumniku jsou ale soubory jako dokumenty, nebo stazene apd. normalne dostupne, takze nastesti to encryptovaci malware nevypada. Jen to prihlaseni proste z nejakeho duvodu nejde.

Viz foto: https://www.amazon.com/clouddrive/share ... _link_copy

https://www.virustotal.com/cs/file/4b5c ... 482177142/
https://www.virustotal.com/cs/file/4b9d ... 482177182/
https://www.virustotal.com/cs/file/1cd3 ... 482177209/
https://www.virustotal.com/cs/file/4b9d ... 482177182/

#21 Příspěvek od **altrok** » 19 pro 2016 21:25

Velice zvlastni. Jak vidite z vysledku testu, tak mazeme malware, ktereho si AdwCleaner ani MBAM nevsimli. Ani po restartu celeho PC se prihlasit nejde (sila nekolika restartu je hodne podcenovana)?

Jako prvni se k problemovemu uctu zkuste prihlasit v nouzovem rezimu a pak zase v normalnim.

/e "enkryptovaci" malware v PC neni (teda pokud jste si ho do PC od zaslani posledniho FRST logu nezanesl)

The_ERROR · #22 Příspěvek od **The_ERROR** » 19 pro 2016 21:40

Zatim bych ten ucet neresil. Myslim, ze to je nejaky soubeh nahod. Je to pomerne casta zalezitost u W10.

https://support.microsoft.com/en-us/kb/947215
https://answers.microsoft.com/en-us/win ... c22e19dfe9
http://www.techbout.com/user-profile-ca ... s-10-9115/

zkusim to opravit tou kopii registru, nebo vytvorenim noveho profilu v nejhorsim pripade. Zatim bych asi dokoncil to cisteni...

Jinak restartoval jsem nekolikrat, zkousil login / logout - nepomohlo nic. Bude je rozbity ten default ucet, nebo ten originalni... Kazdopadne uctu je vicero (i s admin pravy), takze muzeme pokracovat a profil opravit nakonec.

#23 Příspěvek od **altrok** » 19 pro 2016 21:44

Elex (rodinu malwaru, kterou v PC mate) dobre detekuje ESET, proto prosim provedte sken pomoci ESET Online Scanneru - bohuzel jsem si jeste neaktualizoval navod a nektere kroky se mohou lisit.

Ulozte na plochu ESET Online Scanner kliknutim na esetsmartinstaller_csy.exe

ulozeny esetsmartinstaller_csy.exe dvojklikem spustte
zaskrtnete Ano, souhlasim s podminkami uziti a kliknete na Spustit
vyberte moznost Povolit detekci nechtenych aplikaci
rozkliknete moznost Rozsirene nastaveni a
- zruste zatrzitko u volby Odstranit nalezene infiltrace
- ponechte zatrhnutou moznost Pouzit technologii Anti-Stealth
kliknete na Kontrola, cimz se spusti az nekolikahodinovy sken
po dokonceni skenu kliknete na Seznam nalezenych infiltraci (v pripade zadneho nalezu log nevytvorite)
kliknete na Ulozit do textoveho souboru, log pojmenujte jako ESETlog a ulozte na plochu
obsah logu vlozte do pristi odpovedi
kliknete na << Zpet a zatrhnete moznost Odinstalovat
klikem na Dokoncit ESET Online Scanner zavrete.

The_ERROR · #24 Příspěvek od **The_ERROR** » 20 pro 2016 07:11

C:\AdwCleaner\quarantine\files\jfobqclbkbfizoagrjvxqnjkyqqgmdti\chrome\content\toolbar.js Win32/Toolbar.TNT2.I potenciálně nechtěná aplikace
C:\AdwCleaner\quarantine\files\twdwnvtzvbqxjawgjkeldkwovocfnfib\WinSAP.dll varianta infiltrace Win32/Adware.ELEX.BH aplikace
C:\FRST\Quarantine\C\Program Files (x86)\4ftjhxcf\{04D58522-9535-4231-A2C7-8B3CFEB1E30E}\weizaxaw.zu3 varianta infiltrace Win32/Adware.ELEX.BP aplikace
C:\FRST\Quarantine\C\Program Files (x86)\5aurv2oh\{F07008AF-FF4A-4EE6-994D-B657CA401443}\yszo689k.z3j varianta infiltrace Win32/Adware.ELEX.BO aplikace
C:\FRST\Quarantine\C\Program Files (x86)\cv17zy31\{60BE745B-D534-42D2-A932-48AC39E97CCC}\pmwchuq8.kfc varianta infiltrace Win32/Adware.ELEX.BP aplikace
C:\FRST\Quarantine\C\Program Files (x86)\hc2uuo0o\{CB865450-0A9F-4A22-9C0E-50637D463C68}\tocfallx.pw9 varianta infiltrace Win32/Adware.ELEX.AR aplikace
C:\FRST\Quarantine\C\Program Files (x86)\mit9zoaz\{5D84F4C6-0D90-48A9-9898-E56BEA1D2828}\m9kjzoy4.q1i varianta infiltrace Win32/Adware.ELEX.BP aplikace
C:\FRST\Quarantine\C\Program Files (x86)\mjlssnii\{0DB01708-3139-43DA-80BE-89198A5FAE74}\s186elvi.0y6 varianta infiltrace Win32/Adware.ELEX.BP aplikace
C:\FRST\Quarantine\C\Program Files (x86)\Nqaywolution\CrashReport.dll varianta infiltrace Win32/Adware.ELEX.AZ.gen aplikace
C:\FRST\Quarantine\C\Program Files (x86)\Nqaywolution\_ALLOWDEL_413e7bf\Archer.dll varianta infiltrace Win32/Adware.ELEX.BS aplikace
C:\FRST\Quarantine\C\Program Files (x86)\uubyk5rg\{F7A4E36D-7A11-468B-8FE8-FFCA4F24470A}\ticrnzae.5p8 varianta infiltrace Win32/Adware.ELEX.AR aplikace

#25 Příspěvek od **altrok** » 20 pro 2016 10:43

Vyborne, i podle ESETu mame veskery znamy malware v karantene. Poprosim o nove logy FRST.txt a Addition.txt.

The_ERROR · #26 Příspěvek od **The_ERROR** » 20 pro 2016 17:03

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
Ran by jenik_000 (administrator) on JANICKA-NB (20-12-2016 16:58:53)
Running from C:\Users\TEMP.JANICKA-NB.003\Desktop
Loaded Profiles: jenik_000 & (Available Profiles: jenik_000)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\TEMP.JANICKA-NB.003\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2014-04-10] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2786768 2016-11-29] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26286704 2016-12-15] (Dropbox, Inc.)
HKU\S-1-5-21-2469873729-2041139067-3360814234-1001.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075043372\...\Run: [Spotify Web Helper] => C:\Users\Jana\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2023480 2016-10-17] (Spotify Ltd)
HKU\S-1-5-21-2469873729-2041139067-3360814234-1001.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075043372\...\Run: [Viber] => "C:\Users\Jana\AppData\Local\Viber\Viber.exe"
HKU\S-1-5-21-2469873729-2041139067-3360814234-1001.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075043372\...\Run: [BingSvc] => C:\Users\Jana\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2469873729-2041139067-3360814234-1001.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075043372\...\Run: [Amazon Drive] => C:\Users\Jana\AppData\Local\Amazon Drive\AmazonDrive.exe [4772536 2016-12-07] (Amazon.com Inc.)
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\Run: [Spotify Web Helper] => C:\Users\jenik_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-21] (Spotify Ltd)
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\Run: [cz.seznam.software.szndesktop] => C:\Users\jenik_000\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\Run: [cz.seznam.software.autoupdate] => C:\Users\jenik_000\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4557504 2016-10-06] (Disc Soft Ltd)
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\MountPoints2: {af43de5c-a80c-11e6-8297-f8a963e383e9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2469873729-2041139067-3360814234-1005.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075045404\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2016-12-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2016-12-15] (Dropbox, Inc.)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 5.1.lnk [2016-06-22]
ShortcutTarget: LibreOffice 5.1.lnk -> C:\Program Files (x86)\LibreOffice 5\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{0e8097dd-b3c3-4f49-a2f6-8268d24eb0cc}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{2c09197c-42dd-48da-8afb-c95f0aa547fc}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131233654441136591&GUID=A132779B-6CCD-4196-90A0-D0C3B4195A9D
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-2469873729-2041139067-3360814234-1005.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075045404\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131233654433003023&GUID=A132779B-6CCD-4196-90A0-D0C3B4195A9D
HKU\S-1-5-21-2469873729-2041139067-3360814234-1005.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075045404\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-10-11] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10] (Intel Security)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-16] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-06] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-11-01] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-03] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-06] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1468608 2016-10-06] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-11-29] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617352 2014-04-02] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [995800 2016-11-30] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-11-30] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-11-30] (McAfee, Inc.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 0012271482065413mcinstcleanup; C:\WINDOWS\TEMP\001227~1.EXE -cleanup -nolog [X]
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation)
S3 dbx; C:\WINDOWS\System32\DRIVERS\dbx.sys [75888 2016-11-23] (Dropbox, Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-11-10] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-11-10] (Disc Soft Ltd)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2016-12-18] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2016-12-20] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2016-12-20] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-24] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [61624 2015-08-21] (Synaptics Incorporated)
R3 VSTWinDriver6; C:\WINDOWS\system32\drivers\VSTwindrvr6.sys [252928 2015-12-15] (Jungo)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-20 17:00 - 2016-12-20 17:00 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\AppData\Roaming\Macromedia
2016-12-20 16:58 - 2016-12-20 16:59 - 00022635 _____ C:\Users\TEMP.JANICKA-NB.003\Desktop\FRST.txt
2016-12-20 16:58 - 2016-12-18 13:52 - 02420224 _____ (Farbar) C:\Users\TEMP.JANICKA-NB.003\Desktop\FRST64.exe
2016-12-20 16:58 - 2016-12-17 15:52 - 00112640 _____ (forum.viry.cz) C:\Users\TEMP.JANICKA-NB.003\Desktop\FRSTLauncher.exe
2016-12-20 16:57 - 2016-12-20 16:57 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\AppData\Local\MicrosoftEdge
2016-12-20 10:53 - 2016-12-20 10:53 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\AppData\Local\NetworkTiles
2016-12-20 07:56 - 2016-12-20 07:56 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\AppData\Local\clear.fi
2016-12-20 07:52 - 2016-12-20 07:53 - 00002477 _____ C:\Users\TEMP.JANICKA-NB.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-20 07:52 - 2016-12-20 07:53 - 00000000 ___RD C:\Users\TEMP.JANICKA-NB.003\OneDrive
2016-12-20 07:52 - 2016-12-20 07:52 - 00001337 _____ C:\Users\TEMP.JANICKA-NB.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Správce zvuku HD.lnk
2016-12-20 07:52 - 2016-12-20 07:52 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\PicStream
2016-12-20 07:52 - 2016-12-20 07:52 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\AppData\Roaming\Skype
2016-12-20 07:52 - 2016-12-20 07:52 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\AppData\Local\NVIDIA
2016-12-20 07:52 - 2016-12-20 07:52 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\AppData\Local\Dropbox
2016-12-20 07:52 - 2016-12-20 07:52 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\AppData\Local\AOP SDK
2016-12-20 07:51 - 2016-12-20 07:53 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003
2016-12-20 07:51 - 2016-12-20 07:52 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\AppData\Local\Packages
2016-12-20 07:51 - 2016-12-20 07:51 - 00000020 ___SH C:\Users\TEMP.JANICKA-NB.003\ntuser.ini
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 _SHDL C:\Users\TEMP.JANICKA-NB.003\Šablony
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 _SHDL C:\Users\TEMP.JANICKA-NB.003\Soubory cookie
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 _SHDL C:\Users\TEMP.JANICKA-NB.003\Poslední
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 _SHDL C:\Users\TEMP.JANICKA-NB.003\Okolní tiskárny
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 _SHDL C:\Users\TEMP.JANICKA-NB.003\Okolní síť
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 _SHDL C:\Users\TEMP.JANICKA-NB.003\Nabídka Start
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 _SHDL C:\Users\TEMP.JANICKA-NB.003\Dokumenty
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 _SHDL C:\Users\TEMP.JANICKA-NB.003\Documents\Obrázky
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 _SHDL C:\Users\TEMP.JANICKA-NB.003\Documents\Hudba
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 _SHDL C:\Users\TEMP.JANICKA-NB.003\Documents\Filmy
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 _SHDL C:\Users\TEMP.JANICKA-NB.003\Data aplikací
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 _SHDL C:\Users\TEMP.JANICKA-NB.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 _SHDL C:\Users\TEMP.JANICKA-NB.003\AppData\Local\Data aplikací
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\AppData\Roaming\Adobe
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\AppData\Local\VirtualStore
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\AppData\Local\TileDataLayer
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\AppData\Local\OEM
2016-12-20 07:51 - 2016-12-20 07:51 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.003\AppData\Local\ConnectedDevicesPlatform
2016-12-20 07:38 - 2016-12-20 07:38 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.002\AppData\Local\AOP SDK
2016-12-20 07:37 - 2016-12-20 07:49 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.002
2016-12-19 22:54 - 2016-12-19 22:54 - 00000588 _____ C:\Users\Jana\url.htm
2016-12-19 21:05 - 2016-12-19 21:05 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.001\AppData\Local\AOP SDK
2016-12-19 21:04 - 2016-12-19 21:06 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.001
2016-12-19 03:19 - 2016-12-19 21:02 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.000\AppData\Local\Packages
2016-12-19 03:19 - 2016-12-19 21:02 - 00000000 ____D C:\Users\TEMP.JANICKA-NB.000
2016-12-19 03:18 - 2016-12-19 03:18 - 00000000 ____D C:\Users\TEMP.JANICKA-NB\AppData\Local\AOP SDK
2016-12-19 03:17 - 2016-12-19 03:19 - 00000000 ____D C:\Users\TEMP.JANICKA-NB
2016-12-19 03:15 - 2016-12-19 03:15 - 00000574 _____ C:\Users\Jana\Desktop\note-forum.txt
2016-12-18 21:48 - 2016-12-18 21:48 - 00000000 ____D C:\Program Files (x86)\QNAP
2016-12-18 21:47 - 2016-12-19 03:16 - 00002575 _____ C:\Users\Jana\Desktop\Fixlog.txt
2016-12-18 16:28 - 2016-12-18 16:28 - 00028763 _____ C:\Users\Jana\Downloads\LP_13_step_test.odt
2016-12-18 16:18 - 2016-12-18 16:18 - 00024404 _____ C:\Users\Jana\Downloads\ZPV_-_biologie_-_krevni_tlak.odt
2016-12-18 16:03 - 2016-12-18 16:03 - 00898083 _____ C:\Users\Jana\Downloads\b6.pdf
2016-12-18 15:58 - 2016-12-18 15:58 - 00491962 _____ C:\Users\Jana\Downloads\b-7-4(1).pdf
2016-12-18 15:58 - 2016-12-18 15:58 - 00230014 _____ C:\Users\Jana\Downloads\b-7-4-p.pdf
2016-12-18 15:50 - 2016-12-18 15:50 - 00491962 _____ C:\Users\Jana\Downloads\b-7-4.pdf
2016-12-18 14:14 - 2016-12-18 14:14 - 00305097 _____ C:\Users\Jana\Desktop\Fixlog.zip
2016-12-18 13:55 - 2016-12-18 13:55 - 00000346 _____ C:\Users\Jana\Desktop\SearchReg.txt
2016-12-18 13:50 - 2016-12-18 13:50 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-17 22:02 - 2016-12-17 22:07 - 1055250790 _____ C:\Users\Jana\Downloads\Muzu-dal_2016-11-23.mp4
2016-12-17 20:08 - 2016-12-17 20:11 - 840620918 _____ C:\Users\Jana\Downloads\Můžu-dál-Barrandov-1.-díl-Oldřich-Navrátil-31.8.2016 (1).mp4
2016-12-17 19:15 - 2016-12-19 21:09 - 00003278 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-17 16:04 - 2016-12-17 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-17 16:00 - 2016-12-17 16:01 - 00067453 _____ C:\Users\Jana\Desktop\Addition.txt
2016-12-17 15:59 - 2016-12-17 16:01 - 00090653 _____ C:\Users\Jana\Desktop\FRST.txt
2016-12-17 15:55 - 2016-12-20 16:58 - 00000000 ____D C:\FRST
2016-12-17 15:51 - 2016-12-17 15:52 - 00112640 _____ (forum.viry.cz) C:\Users\Jana\Desktop\FRSTLauncher.exe
2016-12-17 15:50 - 2016-12-18 13:52 - 02420224 _____ (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2016-12-17 11:45 - 2016-11-24 19:42 - 00015305 _____ C:\Users\Jana\Documents\untitled_3.odt
2016-12-17 11:45 - 2016-11-23 22:42 - 00011658 _____ C:\Users\Jana\Documents\untitled_0.odt
2016-12-17 11:45 - 2016-10-09 00:28 - 00515744 _____ C:\Users\Jana\Documents\untitled_0.odg
2016-12-17 11:45 - 2016-10-09 00:28 - 00151644 _____ C:\Users\Jana\Documents\disertačka_1.verze.docx_1.odt
2016-12-17 11:45 - 2016-10-09 00:28 - 00072296 _____ C:\Users\Jana\Documents\Priloha%204_minutovy%20SCENAR_Badatelsky%20orientovaná%20výuka%20prakticky%20při%20práci%20s%20nadnými%20dětmi%20-%20základní%20koncepce.docx_0.odt
2016-12-17 11:45 - 2016-10-09 00:28 - 00020779 _____ C:\Users\Jana\Documents\Vejce%20kombinace_Sešit1.xlsx_1.ods
2016-12-17 11:45 - 2016-10-09 00:28 - 00019930 _____ C:\Users\Jana\Documents\untitled_1.odt
2016-12-17 11:45 - 2016-10-09 00:28 - 00016977 _____ C:\Users\Jana\Documents\FORMACE1%20-%20kopie.odg_1.odg
2016-12-17 11:42 - 2016-12-17 11:42 - 00001531 _____ C:\Users\Jana\Desktop\results2.txt
2016-12-17 00:42 - 2016-12-17 00:42 - 00218792 _____ C:\Users\Jana\Desktop\results.txt
2016-12-16 18:11 - 2016-12-18 14:10 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2016-12-16 18:10 - 2016-12-20 07:50 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-16 18:10 - 2016-12-20 07:50 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-12-16 18:10 - 2016-12-17 11:43 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2016-12-16 18:10 - 2016-12-17 11:43 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2016-12-16 18:10 - 2016-12-16 18:10 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-16 18:10 - 2016-12-16 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-16 18:10 - 2016-12-16 18:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-16 18:10 - 2016-12-16 18:10 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-16 18:10 - 2016-11-29 06:27 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2016-12-16 18:09 - 2016-12-16 18:09 - 51969976 _____ (Malwarebytes ) C:\Users\Jana\Downloads\mb3-setup-consumer-3.0.4.1269.exe
2016-12-16 16:42 - 2016-12-16 16:42 - 00001573 _____ C:\Users\Jana\Desktop\firefox – zástupce.lnk
2016-12-16 16:04 - 2016-12-16 16:12 - 00000000 ____D C:\AdwCleaner
2016-12-16 16:03 - 2016-12-16 16:04 - 03977168 _____ C:\Users\Jana\Downloads\adwcleaner_6.041.exe
2016-12-16 16:00 - 2016-12-16 16:00 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Cipughtvedidom
2016-12-16 15:58 - 2016-12-16 15:58 - 00000000 ____D C:\Program Files\McAfee
2016-12-15 22:17 - 2016-12-15 22:24 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2016-12-15 20:02 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-15 20:02 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-15 20:02 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-15 20:02 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-15 20:02 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-15 20:02 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-15 20:02 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-15 20:02 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-15 20:02 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-15 20:02 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-15 20:02 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-15 20:02 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-15 20:02 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-15 20:02 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-15 20:02 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-15 20:02 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-15 20:02 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-15 20:02 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-15 20:02 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-15 20:02 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-15 20:02 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-15 20:02 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-15 20:02 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-15 20:02 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-15 20:02 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-15 20:02 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-15 20:02 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-15 20:02 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-15 20:02 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-15 20:02 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-15 20:02 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-15 20:02 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-15 20:02 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-15 20:02 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-15 20:02 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-15 20:02 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-15 20:02 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-15 20:02 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-15 20:02 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-15 20:02 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-15 20:02 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-15 20:02 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-15 20:02 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-15 20:02 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-15 20:02 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-15 20:02 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-15 20:02 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-15 20:02 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-15 20:02 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-15 20:02 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-15 20:02 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-15 20:02 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-15 20:02 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-15 20:02 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-15 20:02 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-15 20:02 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-15 20:02 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-15 20:02 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-15 20:02 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-15 20:02 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-15 20:02 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-15 20:02 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-15 20:02 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-15 20:02 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-15 20:02 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-15 20:02 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-15 20:02 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-15 20:02 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-15 20:02 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-15 20:02 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-15 20:02 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-15 20:02 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-15 20:02 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-15 20:02 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-15 20:02 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-15 20:02 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-15 20:02 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-15 20:02 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-15 20:02 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-15 20:02 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-15 20:02 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-15 20:02 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-15 20:02 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-15 20:02 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-15 20:02 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-15 20:02 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-15 20:02 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-15 20:02 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-15 20:02 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-15 20:02 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-15 20:02 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-15 20:02 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-15 20:02 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-15 20:02 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-15 20:02 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-15 20:02 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-15 20:02 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-15 20:02 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-15 20:02 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-15 20:02 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-15 20:02 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-15 20:02 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-15 20:02 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-15 20:02 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-15 20:02 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-15 20:02 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-15 20:02 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-15 20:02 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-15 20:02 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-15 20:02 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-15 20:02 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-15 20:02 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-15 20:02 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-10 12:22 - 2016-12-12 06:10 - 00000000 ____D C:\Users\Jana\AppData\Local\Amazon Drive
2016-12-10 12:22 - 2016-12-10 12:22 - 00001259 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Drive.lnk
2016-12-10 12:22 - 2016-12-10 12:22 - 00001247 _____ C:\Users\Jana\Desktop\Amazon Drive.lnk
2016-12-10 08:26 - 2016-12-10 08:29 - 860885064 _____ C:\Users\Jana\Downloads\Můžu-dál-Barrandov-6.-díl-Dagmar-Pecková-5.10.2016(1).mp4
2016-12-10 08:04 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-10 08:04 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-10 08:04 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-10 08:04 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-10 08:04 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-10 08:04 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-10 08:04 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-10 08:04 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-10 08:04 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-10 08:04 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-10 08:04 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-10 08:04 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-10 08:04 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-10 08:04 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-10 08:04 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-10 08:04 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-10 08:04 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-10 08:04 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-10 08:04 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-10 08:04 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-10 08:04 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 08:04 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-10 08:04 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-10 08:04 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-10 08:04 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-10 08:04 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-10 08:04 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-10 08:04 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-10 08:04 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-10 08:04 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-10 08:04 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-10 08:04 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-10 08:04 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-10 08:04 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-10 08:04 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-10 08:03 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-10 08:03 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-10 08:03 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-10 08:03 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-10 08:03 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-10 08:03 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-10 08:03 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-10 08:03 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-10 08:03 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-10 08:03 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-10 08:03 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-10 08:03 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-10 08:03 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-10 08:03 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-10 08:03 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-10 08:03 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-10 08:03 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-10 08:03 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-10 08:03 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-10 08:03 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-10 08:03 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-10 08:03 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-10 08:03 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-10 08:03 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-10 08:03 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-10 08:03 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-10 08:03 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-10 08:03 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-10 08:03 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-10 08:03 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-10 08:03 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 08:03 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-10 08:03 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-10 08:03 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-10 08:03 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-10 08:03 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-10 08:03 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-10 08:03 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-10 08:03 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-10 08:03 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-10 08:03 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-10 08:03 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-10 08:03 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-10 08:03 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-10 08:03 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-10 08:03 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-10 08:03 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-10 08:03 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-10 08:03 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-10 08:03 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-10 08:03 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-10 08:03 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-10 08:03 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-10 08:03 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-10 08:03 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-10 08:03 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-10 08:03 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-10 08:03 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-10 08:03 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-10 08:03 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-10 08:03 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-10 08:03 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-10 07:58 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-10 07:58 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-10 07:58 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-10 07:58 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-10 07:58 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-10 07:58 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-10 07:58 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-10 07:57 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-10 07:57 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-10 07:57 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-10 07:57 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-10 07:57 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-10 07:57 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-10 07:57 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-10 07:57 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-10 07:57 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-10 07:57 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-10 07:57 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-10 07:57 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-10 07:57 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-10 07:57 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-10 07:57 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-10 07:57 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-10 07:57 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-10 07:57 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-10 07:57 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-10 07:57 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-10 07:57 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-10 07:57 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-10 07:57 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-10 07:57 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-10 07:57 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-10 07:57 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-10 07:57 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-10 07:57 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-10 07:57 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-10 07:57 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-10 07:57 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-10 07:57 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-10 07:57 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-10 07:57 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-10 07:57 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 07:57 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-10 07:57 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-10 07:57 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-10 07:57 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-10 07:57 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-10 07:57 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-10 07:57 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-10 07:57 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-10 07:57 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-10 07:57 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-10 07:57 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-10 07:57 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-10 07:57 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-10 07:57 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-10 07:57 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-10 07:57 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-10 07:57 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-10 07:57 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-10 07:57 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-10 07:57 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 07:57 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-10 07:57 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-10 07:57 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-10 07:57 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-10 07:57 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-10 07:57 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-10 07:57 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-10 07:57 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-10 07:57 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-10 07:57 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-10 07:57 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-10 07:57 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-10 07:57 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-10 07:57 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-10 07:57 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-10 07:57 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-10 07:57 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-10 07:57 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-10 07:57 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-10 07:57 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-10 07:57 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-10 07:57 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-10 07:57 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-10 07:57 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-10 07:57 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-10 07:57 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-10 07:57 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-10 07:57 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-10 07:57 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-10 07:57 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-10 07:57 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-10 07:57 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-10 07:57 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-10 07:57 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-10 07:57 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-10 07:57 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-10 07:57 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-10 07:57 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-10 07:57 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-10 07:57 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-10 07:57 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-10 07:57 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-10 07:57 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-10 07:57 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-10 07:57 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-10 07:57 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-10 07:57 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-10 07:57 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-10 07:57 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-10 07:57 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-10 07:56 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-10 07:56 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-10 07:56 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-10 07:56 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-10 07:56 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-10 07:56 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-10 07:56 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-10 07:56 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-10 07:56 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-10 07:56 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-10 07:56 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-10 07:56 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-10 07:56 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-10 07:56 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-10 07:56 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-10 07:56 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-10 07:56 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-10 07:56 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-10 07:56 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-10 07:56 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-10 07:56 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-10 07:56 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-10 07:56 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-10 07:56 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-10 07:56 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-10 07:56 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-10 07:56 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-10 07:56 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-10 07:56 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-10 07:56 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-10 07:56 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-10 07:56 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-10 07:56 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-10 07:56 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-10 07:56 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-10 07:56 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-10 07:56 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-10 07:56 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-10 07:56 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-10 07:56 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-10 07:56 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-10 07:56 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-10 07:56 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-10 07:56 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-10 07:56 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-10 07:56 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-10 07:56 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-10 07:56 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-10 07:56 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-10 07:56 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-10 07:56 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-10 07:56 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-10 07:56 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-10 07:56 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-10 07:56 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-10 07:56 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-10 07:55 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-10 07:55 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-10 07:55 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-10 07:55 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-12-06 01:52 - 2016-12-06 01:52 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-12-06 01:52 - 2016-12-06 01:52 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-12-06 01:52 - 2016-12-06 01:52 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-12-06 01:52 - 2016-12-06 01:52 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-12-05 20:35 - 2016-12-05 20:36 - 11272975 _____ C:\Users\Jana\Downloads\Můj film1(1).mp4
2016-12-05 20:30 - 2016-12-05 20:31 - 08272901 _____ C:\Users\Jana\Downloads\Téma č3.pptx
2016-12-05 20:30 - 2016-12-05 20:30 - 11272975 _____ C:\Users\Jana\Downloads\Můj film1.mp4
2016-12-01 17:36 - 2016-12-01 17:41 - 860885064 _____ C:\Users\Jana\Downloads\Můžu-dál-Barrandov-6.-díl-Dagmar-Pecková-5.10.2016.mp4
2016-12-01 17:36 - 2016-12-01 17:41 - 840620918 _____ C:\Users\Jana\Downloads\Můžu-dál-Barrandov-1.-díl-Oldřich-Navrátil-31.8.2016.mp4
2016-11-27 22:51 - 2016-12-10 12:28 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-27 22:51 - 2016-12-10 12:18 - 786827792 _____ C:\WINDOWS\MEMORY.DMP
2016-11-26 17:57 - 2016-12-17 19:15 - 00000000 ___HD C:\OneDriveTemp
2016-11-23 02:11 - 2016-11-23 02:11 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys
2016-11-22 18:35 - 2016-11-22 18:35 - 00000000 ____D C:\Program Files (x86)\athy4qig
2016-11-22 18:34 - 2016-11-22 18:39 - 847844538 _____ C:\Users\Jana\Downloads\Můžu-dál-Barrandov-11.-díl-Kristián-Kodet-9.11.2016.mp4
2016-11-22 18:34 - 2016-11-22 18:38 - 832712016 _____ C:\Users\Jana\Downloads\Můžu-dál-Barrandov-10.-díl-Ladislav-Frej-2.11.2016.mp4
2016-11-21 22:35 - 2016-11-26 18:16 - 00000000 ____D C:\Users\jenik_000\AppData\LocalLow\Mozilla
2016-11-21 22:30 - 2016-12-16 16:12 - 00000000 ____D C:\WINDOWS\system32\log
2016-11-21 22:24 - 2016-12-16 07:34 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-11-21 22:24 - 2016-12-15 19:48 - 00000000 _____ C:\Users\Public\Documents\temp.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-20 13:15 - 2016-08-13 11:28 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-20 08:54 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-20 08:14 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-20 07:51 - 2016-08-13 11:33 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-20 07:51 - 2015-02-06 07:36 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-20 07:51 - 2015-02-05 23:39 - 00000000 __SHD C:\Users\jenik_000\IntelGraphicsProfiles
2016-12-20 07:49 - 2016-08-13 11:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-20 07:49 - 2016-07-16 07:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2016-12-20 07:36 - 2015-02-05 23:36 - 00000000 __SHD C:\Users\icewind\IntelGraphicsProfiles
2016-12-19 22:54 - 2016-08-13 11:38 - 00000000 ____D C:\Users\Jana
2016-12-19 21:21 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-19 21:20 - 2015-02-06 22:31 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-19 21:07 - 2015-02-05 16:45 - 00000000 __SHD C:\Users\Jana\IntelGraphicsProfiles
2016-12-19 03:16 - 2015-02-05 17:16 - 00000000 ___RD C:\Users\Jana\OneDrive
2016-12-18 19:48 - 2016-11-17 10:49 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\Mozilla
2016-12-18 14:07 - 2016-09-25 18:54 - 00000000 ____D C:\Program Files\TrueKey
2016-12-18 14:05 - 2016-06-12 21:27 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\Temp
2016-12-18 13:50 - 2016-09-25 19:06 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2016-12-17 23:08 - 2016-09-25 19:08 - 00000000 ____D C:\Users\Jana\AppData\Local\tkdata
2016-12-17 19:15 - 2016-02-21 15:56 - 00002432 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-17 17:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-17 16:04 - 2016-08-03 20:28 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-17 11:43 - 2016-11-15 20:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-17 11:43 - 2015-02-05 17:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-17 01:06 - 2014-08-19 06:01 - 00001830 _____ C:\Users\Public\Desktop\Dropbox.lnk
2016-12-16 16:16 - 2014-07-14 18:58 - 00000000 ____D C:\ProgramData\McAfee
2016-12-16 16:12 - 2015-02-05 17:18 - 00000848 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-16 15:57 - 2015-08-08 11:45 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Seznam.cz
2016-12-16 15:57 - 2015-08-08 11:45 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2016-12-16 06:25 - 2016-07-16 23:25 - 00860962 _____ C:\WINDOWS\system32\perfh005.dat
2016-12-16 06:25 - 2016-07-16 23:25 - 00205576 _____ C:\WINDOWS\system32\perfc005.dat
2016-12-16 06:25 - 2016-02-21 00:42 - 02243440 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-16 06:24 - 2016-11-11 20:55 - 00000000 ___HD C:\1
2016-12-16 06:24 - 2016-11-10 20:41 - 00000000 ____D C:\Counter-Strike 1.6
2016-12-16 03:51 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-16 03:16 - 2016-11-11 20:55 - 00000000 ___HD C:\Program Files1
2016-12-16 03:16 - 2016-11-11 20:55 - 00000000 ___HD C:\Program Files (x86)1
2016-12-16 03:16 - 2016-11-11 20:55 - 00000000 ___HD C:\Counter-Strike 1.61
2016-12-16 03:12 - 2016-08-13 11:28 - 00412232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-16 03:12 - 2015-02-23 14:30 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-16 03:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-16 01:22 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-16 01:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-16 01:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-16 00:57 - 2015-02-05 17:59 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-15 19:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-12-12 20:07 - 2015-07-24 11:59 - 00000000 ____D C:\Users\Jana\Desktop\STC
2016-12-12 18:59 - 2016-11-15 18:46 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 22:21 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-11 22:17 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-11 22:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-11 22:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-11 22:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-11 22:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-11 22:17 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-11 22:17 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-11 22:17 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-11 22:17 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-10 13:33 - 2016-06-18 14:05 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Amazon Cloud Drive
2016-12-09 22:59 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-11-29 18:49 - 2016-08-13 11:38 - 00000000 ____D C:\Users\jenik_000
2016-11-27 02:33 - 2016-08-03 20:31 - 00000000 ___RD C:\Users\jenik_000\Dropbox
2016-11-26 18:02 - 2016-07-21 17:39 - 00000000 ____D C:\Users\jenik_000\AppData\Roaming\Seznam.cz
2016-11-26 18:00 - 2015-02-05 22:31 - 00000000 ____D C:\ProgramData\Avira
2016-11-26 18:00 - 2014-08-19 05:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-26 17:57 - 2015-02-26 22:40 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-26 17:57 - 2015-02-05 23:41 - 00000000 ___RD C:\Users\jenik_000\OneDrive
2016-11-26 17:54 - 2016-08-08 19:27 - 00000000 ____D C:\Users\Jana\Desktop\Talentovaní
2016-11-26 15:56 - 2016-08-13 11:57 - 00003996 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-11-26 15:56 - 2016-08-13 11:57 - 00003764 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-11-23 22:02 - 2015-02-05 16:45 - 00000000 ____D C:\Users\Jana\AppData\Local\Packages

==================== Files in the root of some directories =======

2016-11-11 20:55 - 2016-11-12 00:57 - 0000020 ____H () C:\Program Files\local64spl.dll.ini
2016-11-11 20:55 - 2016-11-12 00:57 - 0000020 ____H () C:\Program Files (x86)\local64spl.dll.ini
2016-08-13 11:32 - 2016-08-13 11:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\TEMP.JANICKA-NB.003\Desktop" je 2 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

==================== End Of Log ==============================

The_ERROR · #27 Příspěvek od **The_ERROR** » 20 pro 2016 17:04

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2016
Ran by jenik_000 (20-12-2016 17:00:26)
Running from C:\Users\TEMP.JANICKA-NB.003\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-13 11:11:12)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2469873729-2041139067-3360814234-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2469873729-2041139067-3360814234-503 - Limited - Disabled)
Guest (S-1-5-21-2469873729-2041139067-3360814234-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2469873729-2041139067-3360814234-1003 - Limited - Enabled)
icewind (S-1-5-21-2469873729-2041139067-3360814234-1005 - Administrator - Enabled)
Jana (S-1-5-21-2469873729-2041139067-3360814234-1001 - Administrator - Enabled)
jenik_000 (S-1-5-21-2469873729-2041139067-3360814234-1004 - Administrator - Enabled) => C:\Users\TEMP.JANICKA-NB.003

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
AaaaaAAaaaAAAaaAAAAaAAAAA!!! for the Awesome (HKLM-x32\...\Steam App 15560) (Version: - Dejobaan Games, LLC)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3012 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Age of Empires II (HKLM-x32\...\Age of Empires II_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Aliens versus Predator 2: Primal Hunt (HKLM-x32\...\{103B6835-DCA0-413F-A99E-ECAD6622726E}) (Version: - )
Aliens vs. Predator 2 (HKLM-x32\...\{3EF79591-BF16-4CF8-8FF0-D8AD968228B1}) (Version: - )
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon Drive (HKU\S-1-5-21-2469873729-2041139067-3360814234-1001.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075043372\...\Amazon Drive) (Version: 4.0.4.81 - Amazon.com, Inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
Balíček ovladače systému Windows - Ocean Optics, Inc. (WinUSB) OceanOpticsUSBDevice (07/15/2010 1.2.0) (HKLM\...\29DE0EDA6D3934C320738A786038F6A659246EE2) (Version: 07/15/2010 1.2.0 - Ocean Optics, Inc.)
Balíček ovladače systému Windows - Ocean Optics, Inc. (WinUSB) OceanOpticsUSBDevice (07/15/2010 1.2.0) (HKLM\...\5C2CA2E78E0549DAD5A8D092CC9B1280E6918AF0) (Version: 07/15/2010 1.2.0 - Ocean Optics, Inc.)
Balíček ovladače systému Windows - Ocean Optics, Inc. (WinUSB) OceanOpticsUSBDevice (07/15/2010 1.2.0) (HKLM\...\87289D5FED0A52C9CF1632E5C312356FF0CE502B) (Version: 07/15/2010 1.2.0 - Ocean Optics, Inc.)
Balíček ovladače systému Windows - Ocean Optics, Inc. (WinUSB) OceanOpticsUSBDevice (07/15/2010 1.2.0) (HKLM\...\9EB1D222C06E311A5B97457292EC1BACC8BD3E1C) (Version: 07/15/2010 1.2.0 - Ocean Optics, Inc.)
Balíček ovladače systému Windows - Ocean Optics, Inc. (WinUSB) OceanOpticsUSBDevice (07/15/2010 1.2.0) (HKLM\...\A5E55D4D1E9B0296BDF8BE93E5FA539478E93E3A) (Version: 07/15/2010 1.2.0 - Ocean Optics, Inc.)
Balíček ovladače systému Windows - Ocean Optics, Inc. (WinUSB) OceanOpticsUSBDevice (07/15/2010 1.2.0) (HKLM\...\E99E4F0F1A2992FB6BA9E272A967C402C47329C9) (Version: 07/15/2010 1.2.0 - Ocean Optics, Inc.)
Balíček ovladače systému Windows - PASCO Scientific (WinUSB) Pasco Interface (08/14/2008 1.0.0.0) (HKLM\...\AD4AD0F184940E4712E96652A58ADDC47894E622) (Version: 08/14/2008 1.0.0.0 - PASCO Scientific)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.234 - Broadcom Corporation)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0196 - Disc Soft Ltd)
DEFCON (HKLM-x32\...\Steam App 1520) (Version: - Introversion Software)
Deus Ex: Human Revolution - Director's Cut (HKLM\...\Steam App 238010) (Version: - Eidos Montreal)
Dropbox (HKLM-x32\...\Dropbox) (Version: 17.3.25 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.61.1 - Dropbox, Inc.) Hidden
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
EPSON BX635FWD Series Printer Uninstall (HKLM\...\EPSON BX635FWD Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.6.0 - Seiko Epson Corporation)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Fish Fillets (HKLM-x32\...\Fish Fillets) (Version: - )
Foxit PhantomPDF (HKLM-x32\...\{F74C595C-BEF2-4AF9-9C4E-68F3CD509C4D}) (Version: 6.0.120.609 - Foxit Corporation)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Hidden & Dangerous 2 (HKLM-x32\...\InstallShield_{83437081-8186-4F63-BD39-4BE8A691E055}) (Version: 1.02.0006 - Název společnosti:)
Hidden & Dangerous 2 (x32 Version: 1.02.0006 - Název společnosti:) Hidden
Hidden & Dangerous 2 Sabre Squadron (HKLM-x32\...\InstallShield_{E2222809-FDED-4C7E-8F25-2337A8F39F03}) (Version: 1.00.0000 - Illusion Softworks)
Hidden & Dangerous 2 Sabre Squadron (x32 Version: 1.00.0000 - Illusion Softworks) Hidden
Host App Service (HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\Pokki) (Version: 0.269.7.611 - Pokki)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.11.110.1 - Intel Security)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
ioquake3 (HKLM-x32\...\ioquake3) (Version: - )
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
Left 4 Dead Standalone Patch (HKLM-x32\...\L4DSP) (Version: 1.21b - exglade)
LibreOffice 5.1.3.2 (HKLM-x32\...\{5F7475A1-6240-4753-BE3E-61499621EC42}) (Version: 5.1.3.2 - The Document Foundation)
Logger Lite 1.8.1 (HKLM-x32\...\{B88D3C58-7FE2-43D8-E9A6-65E7067740AA}) (Version: 3.21.88 - Vernier Software & Technology)
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes verze 3.0.4.1269 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.4.1269 - Malwarebytes)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 15.0.4885.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2469873729-2041139067-3360814234-1001.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075043372\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2469873729-2041139067-3360814234-1004\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 cs)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Mumble 1.2.10 (HKLM-x32\...\{24A2B2AA-3E68-4618-80E0-D5568B03CDD7}) (Version: 1.2.10 - Thorvald Natvig)
nGlide 1.05 (HKLM-x32\...\nGlide) (Version: 1.05 - Zeus Software)
NVIDIA Graphics Driver 333.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Ocean Optics USB Drivers (HKLM-x32\...\OOUsbDrivers) (Version: 1.1.0.0 - PASCO scientific)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1041 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden
PASCO Capstone (HKLM-x32\...\{CDBAFE0F-7F3F-4F1B-840D-8C18B15A5EF5}) (Version: 1.3.2.1 - PASCO scientific)
Pasco USB Driver (HKLM-x32\...\PascoUSBDriver) (Version: 1.3.0.0 - PASCO scientific)
PascoCommonFiles (HKLM-x32\...\PascoCommonFiles) (Version: 2.24.2 - PASCO scientific)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\Pokki_Start_Menu) (Version: 0.269.7.611 - Pokki)
Pokki Start Menu (HKU\S-1-5-21-2469873729-2041139067-3360814234-1005.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075045404\...\Pokki) (Version: 0.269.2.471 - Pokki)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
QNAP Qfinder Pro (HKLM-x32\...\QNAP_FINDER) (Version: 5.3.0.0523 - QNAP Systems, Inc.)
Quake III Arena (HKLM-x32\...\ioquake3-q3a) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21250 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.30.328.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7235 - Realtek Semiconductor Corp.)
Red Faction (HKLM\...\{7e107628-efe7-4953-bbbb-d3710979bd01}.sdb) (Version: - )
Red Faction (HKLM-x32\...\GOGPACKREDFACTION_is1) (Version: 2.0.0.7 - GOG.com)
Seznam Software (HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SPARKvue (HKLM-x32\...\{9229117F-6387-4E98-B990-B9FA3733A338}) (Version: 2.3.0.12 - Název společnosti:)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Unreal (HKLM-x32\...\{8FDBE1E8-2922-4750-9E4B-6B28CA67DBBB}) (Version: - )
Unreal Tournament 2004 verze 3369 (HKLM-x32\...\Unreal Tournament 2004_is1) (Version: 3369 - Epic Games)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9350 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
Worms Armageddon (HKLM-x32\...\Worms Armageddon) (Version: - )
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07E969EF-3369-460E-9991-B52FFAC67C13} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {0BCBF06B-0D69-417C-939F-8E697F538292} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {125C8937-2097-403E-AFB8-6AB97C3806CC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-11-01] (Microsoft Corporation)
Task: {2EB62A6B-50DB-4353-B358-C5032CC59D64} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {42B23C65-479A-4D2A-8BB8-0614AB04CFE0} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {48053B22-22D8-4F81-AF6A-EED7922F9EB2} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {4A834CE5-2C2B-423E-9145-8DA7D2C176AB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-03] (Dropbox, Inc.)
Task: {557995D1-7778-49AD-839D-2F5C9F35258E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {5CD28BF1-B488-4B4A-A059-B909FDF62279} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {781EE737-251D-498D-AB5C-4EECDDC75D52} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-16] (Adobe Systems Incorporated)
Task: {89191F6D-4790-42DF-92FF-3EE99F5C57CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {8AF1B505-FC9C-4090-A2F9-D06029125D86} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {90E6A9A0-760F-4A0B-9C1D-1F95FB4D2185} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {AB13E9F7-7C22-44C4-B075-3E3E8B4206D8} - System32\Tasks\{DA791CA3-415A-4014-A72C-7B71101F94A3} => Firefox.exe hxxp://ui.skype.com/ui/0/7.7.0.103/cs/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {B04314E9-75C8-4E7F-BB84-5B99A7C2CB7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {CB6E3EBC-D032-45B6-B70B-E9D0335CA8BB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-03] (Dropbox, Inc.)
Task: {D0CF95BD-3608-4C8D-93CA-414B47E8083E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-12-16] (Microsoft Corporation)
Task: {D603094B-0572-42CE-90B3-86EF3B562E7F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {ED94FE04-5C1C-4824-99A9-4AE999B63942} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 20:02 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-13 11:33 - 2015-07-13 18:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-06 22:31 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-12-16 18:10 - 2016-11-29 06:27 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-15 20:02 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-20 07:52 - 2016-12-20 07:52 - 01678560 _____ () C:\Users\TEMP.JANICKA-NB.003\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2015-09-30 20:39 - 2015-09-30 20:39 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-17 11:47 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-15 20:02 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-08 22:43 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-08 22:43 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-08 22:43 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-08 22:43 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-08 22:43 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-16 18:10 - 2016-11-08 09:46 - 00693248 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-08-13 11:42 - 2016-08-13 11:42 - 00015616 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-12-19 21:16 - 2014-12-19 21:16 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-12-19 21:10 - 2014-12-19 21:10 - 00277096 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-08-03 20:29 - 2016-12-08 02:00 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-12-17 16:04 - 2016-12-08 02:00 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-12-17 16:04 - 2016-12-08 02:01 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-12-17 16:04 - 2016-12-08 02:00 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-08-03 20:29 - 2016-12-08 02:04 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-08-03 20:29 - 2016-12-08 02:00 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-08-03 20:29 - 2016-12-08 02:04 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-03 20:29 - 2016-12-08 02:00 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-08-03 20:29 - 2016-12-15 22:54 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-08-03 20:29 - 2016-12-08 02:00 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-08-03 20:29 - 2016-12-08 02:01 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-08-03 20:29 - 2016-12-15 22:54 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-12-17 16:04 - 2016-12-08 02:00 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-12-17 16:04 - 2016-12-08 02:04 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-08-03 20:29 - 2016-12-08 02:04 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-08-03 20:29 - 2016-12-15 22:54 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-08-03 20:29 - 2016-12-08 02:04 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-03 20:29 - 2016-12-15 22:54 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-08-03 20:29 - 2016-12-08 02:04 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-08-03 20:29 - 2016-12-08 02:04 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-08-03 20:29 - 2016-12-08 02:04 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-08-03 20:29 - 2016-12-08 02:04 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-08-03 20:29 - 2016-12-08 02:04 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-08-03 20:29 - 2016-12-08 02:04 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-08-03 20:29 - 2016-12-08 02:04 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-03 20:29 - 2016-12-08 02:02 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-08-03 20:29 - 2016-12-08 02:04 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-08-03 20:29 - 2016-12-15 22:54 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-08-03 20:29 - 2016-12-15 22:54 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-08-03 20:29 - 2016-12-15 22:54 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-08-03 20:29 - 2016-12-15 22:54 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-08-03 20:29 - 2016-12-08 02:04 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-08-03 20:29 - 2016-12-15 22:54 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-12-17 16:04 - 2016-12-15 22:54 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-12-17 16:04 - 2016-12-08 01:57 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-12-17 16:04 - 2016-12-15 22:54 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-12-17 16:04 - 2016-12-06 01:52 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-12-17 16:04 - 2016-12-15 22:54 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-08-03 20:29 - 2016-12-08 02:01 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-08-03 20:29 - 2016-12-15 22:54 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-12-17 16:04 - 2016-12-08 02:08 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-12-17 16:04 - 2016-12-08 02:08 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-12-17 16:04 - 2016-12-15 22:54 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 00171320 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-12-17 16:04 - 2016-12-15 22:54 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-08-03 20:29 - 2016-12-08 02:04 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-03 20:29 - 2016-12-15 22:54 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-08-03 20:29 - 2016-12-15 22:54 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-12-20 07:52 - 2016-12-20 07:52 - 01244376 _____ () C:\Users\TEMP.JANICKA-NB.003\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2016-12-18 14:03 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2469873729-2041139067-3360814234-1001.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075043372\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2469873729-2041139067-3360814234-1005.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075045404\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "QfinderPro"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-2469873729-2041139067-3360814234-1001.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075043372\...\StartupApproved\Run: => "Amazon Drive"
HKU\S-1-5-21-2469873729-2041139067-3360814234-1001.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075043372\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-2469873729-2041139067-3360814234-1001.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075043372\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-2469873729-2041139067-3360814234-1001.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075043372\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-2469873729-2041139067-3360814234-1001.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075043372\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{4997B7C6-7511-4361-9322-5F8B84543ECB}] => C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{AA686DD8-FB78-493C-8FB2-07806C192227}] => C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{2966FB4D-C583-476B-89B4-A4AFEAC95935}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{9FF38AA7-CACB-4AC7-9C99-9D62CE6F3D42}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E4B9B43C-777D-4CA1-A65E-1D5309812CA0}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{54696D35-F54F-4834-85AB-F09F826D37CC}] => C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{2D23CA2A-4374-450B-A6DF-3B595C7349D4}] => C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{63D5A99C-C809-4336-AFD9-25A4ADAFACB8}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{A51AD66B-783E-4367-B1A2-D56FBB9E2E9C}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{60F8EC51-F2BB-4B8F-AD19-3591E73DC27F}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe
FirewallRules: [{9556D4A6-678E-4974-9CC1-912FE305A591}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{51758EB2-B4B4-4D03-92C2-0DB3C1124D43}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{765C2021-4DDB-40F8-86A1-2B20A8BD2920}] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{A49FD0A9-C035-406A-BCD1-2BD35AD8036B}] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{9424BC0C-F9E1-4DCB-9D4F-975C8F5C59F1}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{8B9E7DE6-789C-4941-B89C-2E1F50492177}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{60CD0429-10DF-4360-8829-BE915955D4B1}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4B380107-93DD-45B2-9706-E3A0925088CC}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{30EAC626-EA24-4A94-869B-BDA079A00B6E}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0F00F2C9-60C4-44C8-8D90-96C5EDFBDBDE}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F5810A82-A3DD-4953-B1B6-DD1E13D8AAB9}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{915F394B-FCC3-4979-9CC0-8A8B2228D802}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{57135DE7-19F5-4826-B249-CC5E1A57CE0E}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{994EDEA0-7E8D-4703-9DB4-26B7F6860389}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{2F064F93-CFCB-41A9-B213-80014FDF4F7E}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D8FB1AD5-165D-4C3B-A580-3790C967D604}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{73D1C275-3B3E-4EA7-B0B0-EBAD6A010254}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{F4E5937B-AB09-449C-96D0-ACCFBED646B9}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{ABB5B4AE-187F-4C15-81CE-C484AF6273D5}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{58967D79-147C-4D62-B303-E8D0A8EF0ECC}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{633CC22F-965F-4C48-874D-7F54455691D1}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{3B58DD30-2406-4AF1-9711-402509547DCA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{64172282-8DA4-4128-B373-F0EC4C44557D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F9534C06-1EFE-4CCA-9CBA-3F5F6FFFB88A}] => C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{1FF27D70-DC6D-474E-901D-BBA75D06CA77}] => C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{3287062C-B2B8-4B5A-826F-FB0486189379}] => C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{4CF2FE42-A43C-4FBC-B9BB-34EDFD35268E}] => C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{B571DE6D-31EE-4D18-9B2F-21101FE42DC7}] => C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{DB4FC223-DC10-4862-B5A8-433828C10334}] => C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{5376D733-9C3E-4285-802C-0E55978A96A8}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{92D7F471-9E40-4926-876C-9520FFC35A3D}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{720C6A65-FE16-4B56-BAE9-9C4DE5F128CC}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E01702DA-393B-4875-B5F9-C7D5D7A4650E}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{5302B786-238F-420F-B15B-E2C58C34166C}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{E9F17131-8B7C-45A0-9946-B95976A2A051}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{1F209DBD-3277-4CB1-98C8-86DD1FEE4808}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{DAF482B4-0590-4D23-B64A-EF0CB9683417}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{9532C56D-EC38-4B2E-9919-E33378979334}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4AF693AC-F99A-43EC-8653-956E814138F4}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{ACBA459D-65A6-41BF-BF94-47D0098396E3}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FFD386DD-E3BE-4E32-A02C-8459C2949FFA}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A2859D85-87B5-44B5-A341-FD77B6062512}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{89E8A008-E536-49D2-A705-A48F1E70502E}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{51637CEF-8195-4C08-8253-C9AE1B597C98}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{63EDCB89-E1CB-4A94-9519-0A36B6A4AE72}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{D829F00E-0684-497E-A981-AB28F65F64F3}C:\users\jana\appdata\roaming\spotify\spotify.exe] => C:\users\jana\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{EAA3046E-C500-448F-B93B-0519318A6ED2}C:\users\jana\appdata\roaming\spotify\spotify.exe] => C:\users\jana\appdata\roaming\spotify\spotify.exe
FirewallRules: [{644C8578-95FE-435E-ADF6-2B2B57DD405E}] => C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{AD413BB3-013F-4300-A2B2-26A98237BB7F}] => C:\Users\Jana\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{6D178D89-182A-4679-9F66-1850E7E87A76}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3C68F803-385B-41EA-9DE5-70C8F9E87A6E}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A6C7E89A-AD15-4F04-B06F-8FDD0B1CA903}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{00EB0496-BCC3-4CA7-80DE-48BFAD881D9F}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A9C277BC-62FF-4D2D-A2BE-755D5643B367}] => C:\Program Files (x86)\Steam\steamapps\common\Defcon\defcon.exe
FirewallRules: [{8838B1DB-4C8A-4616-9AA9-E26DCE3F62B4}] => C:\Program Files (x86)\Steam\steamapps\common\Defcon\defcon.exe
FirewallRules: [{CA46C273-3945-44E2-8AB3-A03C69347306}] => C:\Program Files (x86)\Steam\steamapps\common\Awesome\Awesome.exe
FirewallRules: [{66039BC6-4CDA-4FB7-BED7-50BA6B8E7B28}] => C:\Program Files (x86)\Steam\steamapps\common\Awesome\Awesome.exe
FirewallRules: [{3300F6A2-98BE-4028-8238-7F63803F0D52}] => C:\Program Files (x86)\Steam\steamapps\common\Awesome\Awesome_DirectToRift.exe
FirewallRules: [{D38D59A5-75D5-485A-BEED-BED7B5CAFED9}] => C:\Program Files (x86)\Steam\steamapps\common\Awesome\Awesome_DirectToRift.exe
FirewallRules: [{B4B3B290-16CB-4A8E-AC95-3F4683EB236D}] => C:\Program Files (x86)\Steam\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{00E9D4DE-D0E9-4285-BFBD-CAFB83C97C09}] => C:\Program Files (x86)\Steam\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [TCP Query User{4556C258-4420-4BB8-A251-E8E658EA24CF}C:\program files (x86)\pasco scientific\capstone\capstone.exe] => C:\program files (x86)\pasco scientific\capstone\capstone.exe
FirewallRules: [UDP Query User{63855AD9-61AE-43C1-AC6E-D8AC7425CAD4}C:\program files (x86)\pasco scientific\capstone\capstone.exe] => C:\program files (x86)\pasco scientific\capstone\capstone.exe
FirewallRules: [TCP Query User{77965532-264C-4059-9173-EF214EE95393}C:\program files (x86)\spotify\spotify.exe] => C:\program files (x86)\spotify\spotify.exe
FirewallRules: [UDP Query User{F57DE800-C9C8-4A6E-AC88-246CA0081F01}C:\program files (x86)\spotify\spotify.exe] => C:\program files (x86)\spotify\spotify.exe
FirewallRules: [TCP Query User{8B04BA23-DAE9-48DF-A0AB-9B7F9126C6CF}C:\users\jenik_000\appdata\roaming\spotify\spotify.exe] => C:\users\jenik_000\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{27BB58BF-6CD1-46FB-9426-9E30E59F301E}C:\users\jenik_000\appdata\roaming\spotify\spotify.exe] => C:\users\jenik_000\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{602C72E7-6E9B-475F-94A3-B77F942A8C5C}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8BAF6723-11F7-448C-96D2-B250E2A144F5}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{9A263075-6F9A-4176-86F3-0E716E76A09D}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D5898ADF-DD6F-4A2E-BAE1-6F720F8CDCCF}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5142F680-B9B6-403E-8ADE-D5785458632C}] => C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{B213D21F-E935-4B83-8C80-1EE20A194E3F}] => C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [TCP Query User{1FF7D3BB-447C-477D-87B3-B42B5CD4BE35}C:\program files (x86)\pasco scientific\sparkvue\sparkvue.exe] => C:\program files (x86)\pasco scientific\sparkvue\sparkvue.exe
FirewallRules: [UDP Query User{9A3A7E5F-5F41-4933-BDDF-686E27C6EC60}C:\program files (x86)\pasco scientific\sparkvue\sparkvue.exe] => C:\program files (x86)\pasco scientific\sparkvue\sparkvue.exe
FirewallRules: [{18F407B4-3CE2-4C19-99D5-D416D76F24AC}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{15B7CCAC-7329-46A2-855D-C135A760747F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{AC6B09AF-AB94-49F1-9597-DD42581BE0A0}C:\program files (x86)\r.g. mechanics\age of empires ii\age2_x1\age2_x1.exe] => C:\program files (x86)\r.g. mechanics\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{17F3503D-7D5E-4E39-ACAC-4B3306426B92}C:\program files (x86)\r.g. mechanics\age of empires ii\age2_x1\age2_x1.exe] => C:\program files (x86)\r.g. mechanics\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{D9C4CFE3-8051-4DF9-BE8A-17E3697356CE}C:\program files (x86)\r.g. mechanics\age of empires ii\empires2.exe] => C:\program files (x86)\r.g. mechanics\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{9A73541E-240A-4F9F-9983-240F09FEC492}C:\program files (x86)\r.g. mechanics\age of empires ii\empires2.exe] => C:\program files (x86)\r.g. mechanics\age of empires ii\empires2.exe
FirewallRules: [TCP Query User{B5A9D786-76F7-4349-ACE7-3276A86E73B1}C:\counter-strike 1.6\hl.exe] => C:\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{753D7C38-3960-4823-A69E-31A7032870E5}C:\counter-strike 1.6\hl.exe] => C:\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{91067F17-1813-45C0-B50F-136F99646A6D}C:\program files (x86)\r.g. mechanics\age of empires ii\age2_x1\age2_x1.exe] => C:\program files (x86)\r.g. mechanics\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{0E830437-01F3-4959-BA8E-BE8AB6E45B83}C:\program files (x86)\r.g. mechanics\age of empires ii\age2_x1\age2_x1.exe] => C:\program files (x86)\r.g. mechanics\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{EB9B184D-C7C4-4AFF-9A23-16E2591C3662}C:\users\jenik_000\downloads\all-in-one\games\nfs 3\nfs3.exe] => C:\users\jenik_000\downloads\all-in-one\games\nfs 3\nfs3.exe
FirewallRules: [UDP Query User{9DA65515-B1EC-443B-8D03-63EA95E99C90}C:\users\jenik_000\downloads\all-in-one\games\nfs 3\nfs3.exe] => C:\users\jenik_000\downloads\all-in-one\games\nfs 3\nfs3.exe
FirewallRules: [TCP Query User{4C6BCD94-534E-47C5-9AA2-14424F98A18B}C:\windows\syswow64\dplaysvr.exe] => C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{45EB2FB2-C215-4800-AFA5-47976A3EF7DB}C:\windows\syswow64\dplaysvr.exe] => C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{AB98772A-FA2B-4BAC-B6F4-0BE4CE084046}C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2_sabresquadron.exe] => C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2_sabresquadron.exe
FirewallRules: [UDP Query User{0A17471D-23A5-4A9F-82A3-3351AC8D04CC}C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2_sabresquadron.exe] => C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2_sabresquadron.exe
FirewallRules: [TCP Query User{02E111C0-71B2-4574-921A-AA8E7AC27135}C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2ds_sabresquadron.exe] => C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2ds_sabresquadron.exe
FirewallRules: [UDP Query User{B2844C23-3A0E-4860-B382-BBC73D6841FC}C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2ds_sabresquadron.exe] => C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2ds_sabresquadron.exe
FirewallRules: [TCP Query User{90B467EB-EDEF-452E-BD4A-9F4009E9B241}C:\windows\syswow64\dpnsvr.exe] => C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{3B42F120-A606-45A6-B507-10F63EBB7F14}C:\windows\syswow64\dpnsvr.exe] => C:\windows\syswow64\dpnsvr.exe
FirewallRules: [TCP Query User{1BF25762-3BF7-408B-AF6E-43337D924270}C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2_sabresquadron.exe] => C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2_sabresquadron.exe
FirewallRules: [UDP Query User{43160505-0182-496A-BCDC-584CB7E7787A}C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2_sabresquadron.exe] => C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2_sabresquadron.exe
FirewallRules: [TCP Query User{18DA5828-37AF-4742-AD6B-D7E078A51EA7}C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2.exe] => C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2.exe
FirewallRules: [UDP Query User{B1CB4D95-B964-4116-BB5D-00021EC2A7B4}C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2.exe] => C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2.exe
FirewallRules: [{0A286394-BBC9-4513-8805-3CDEF628B621}] => C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2.exe
FirewallRules: [{69B60DBE-B793-45FD-A56F-8F95EF5BB086}] => C:\program files (x86)\illusion softworks\hidden & dangerous 2\hd2.exe
FirewallRules: [TCP Query User{73590DF0-3685-4B9C-8050-214F9FA31218}C:\counter-strike 1.6\hl.exe] => C:\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{279AB41E-9AC4-47E8-BE0F-5239B46F79E4}C:\counter-strike 1.6\hl.exe] => C:\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{FD6FB36C-7289-4FF2-8B2D-87117C128C7E}C:\users\jenik_000\downloads\all-in-one\games\left 4 dead\1 left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe] => C:\users\jenik_000\downloads\all-in-one\games\left 4 dead\1 left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe
FirewallRules: [UDP Query User{717CAA65-FF5E-4170-AF6F-452215A32506}C:\users\jenik_000\downloads\all-in-one\games\left 4 dead\1 left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe] => C:\users\jenik_000\downloads\all-in-one\games\left 4 dead\1 left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe
FirewallRules: [TCP Query User{B0F6B207-06CC-449A-8767-59F5CD5639BC}C:\program files (x86)\ioquake3\ioquake3.x86.exe] => C:\program files (x86)\ioquake3\ioquake3.x86.exe
FirewallRules: [UDP Query User{D2780DCD-75F4-41EA-9C58-0070E2C08498}C:\program files (x86)\ioquake3\ioquake3.x86.exe] => C:\program files (x86)\ioquake3\ioquake3.x86.exe
FirewallRules: [TCP Query User{68A1D984-1EE6-4718-BF47-C205269BBB6F}C:\program files (x86)\unreal tournament 2004\system\ut2004.exe] => C:\program files (x86)\unreal tournament 2004\system\ut2004.exe
FirewallRules: [UDP Query User{30308E3A-4821-48E1-A9B5-50CC4E6961E0}C:\program files (x86)\unreal tournament 2004\system\ut2004.exe] => C:\program files (x86)\unreal tournament 2004\system\ut2004.exe
FirewallRules: [TCP Query User{02500CF9-C60A-46F6-9212-C648E718FB25}C:\users\jenik_000\downloads\empire-earth-cz\empire earth cz\empire earth.exe] => C:\users\jenik_000\downloads\empire-earth-cz\empire earth cz\empire earth.exe
FirewallRules: [UDP Query User{59FAA6AD-1FC2-49FE-8780-24921085DE77}C:\users\jenik_000\downloads\empire-earth-cz\empire earth cz\empire earth.exe] => C:\users\jenik_000\downloads\empire-earth-cz\empire earth cz\empire earth.exe
FirewallRules: [{6113B41A-B167-4BAF-A007-1DD044A1939E}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

16-12-2016 00:56:21 Windows Update
16-12-2016 00:58:06 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================

#28 Příspěvek od **altrok** » 21 pro 2016 20:45

Po restartu dejte vedet, jak se PC chova.

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
cmd: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost"
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\MountPoints2: {af43de5c-a80c-11e6-8297-f8a963e383e9} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\Run: [cz.seznam.software.szndesktop] => C:\Users\jenik_000\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\Run: [cz.seznam.software.autoupdate] => C:\Users\jenik_000\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4557504 2016-10-06] (Disc Soft Ltd)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-02] (NVIDIA Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
S2 0012271482065413mcinstcleanup; C:\WINDOWS\TEMP\001227~1.EXE -cleanup -nolog [X]
Folder: C:\Users\Jana\AppData\Roaming\Cipughtvedidom
2016-12-16 16:00 - 2016-12-16 16:00 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Cipughtvedidom
Folder: C:\Program Files (x86)\athy4qig
2016-11-22 18:35 - 2016-11-22 18:35 - 00000000 ____D C:\Program Files (x86)\athy4qig
2016-11-26 18:00 - 2015-02-05 22:31 - 00000000 ____D C:\ProgramData\Avira
CMD: dir "C:\Windows\System32\Tasks"
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
EmptyTemp:
End

The_ERROR · #29 Příspěvek od **The_ERROR** » 22 pro 2016 23:24

Cau,

FARST bezel několik hodin a nic, tak jsem ho killnul a zkusil znova a porad nic ani po několika hodinách. Není tam nejaka chybička?

Aktualni log co je....

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Jana (22-12-2016 21:48:27) Run:5
Running from C:\Users\Jana\Desktop
Loaded Profiles: Jana (Available Profiles: Jana & icewind)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
cmd: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost"
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\MountPoints2: {af43de5c-a80c-11e6-8297-f8a963e383e9} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\Run: [cz.seznam.software.szndesktop] => C:\Users\jenik_000\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\Run: [cz.seznam.software.autoupdate] => C:\Users\jenik_000\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4557504 2016-10-06] (Disc Soft Ltd)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-02] (NVIDIA Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S2 0012271482065413mcinstcleanup; C:\WINDOWS\TEMP\001227~1.EXE -cleanup -nolog [X]
Folder: C:\Users\Jana\AppData\Roaming\Cipughtvedidom
2016-12-16 16:00 - 2016-12-16 16:00 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Cipughtvedidom
Folder: C:\Program Files (x86)\athy4qig
2016-11-22 18:35 - 2016-11-22 18:35 - 00000000 ____D C:\Program Files (x86)\athy4qig
2016-11-26 18:00 - 2015-02-05 22:31 - 00000000 ____D C:\ProgramData\Avira
CMD: dir "C:\Windows\System32\Tasks"
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.

========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost" =========

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost
netsvcs REG_MULTI_SZ CertPropSvc\0SCPolicySvc\0lanmanserver\0gpsvc\0iphlpsvc\0msiscsi\0schedule\0winmgmt\0SessionEnv\0FastUserSwitchingCompatibility\0Ias\0Irmon\0Nla\0Ntmssvc\0NWCWorkstation\0Nwsapagent\0Rasauto\0Rasman\0Remoteaccess\0SENS\0Sharedaccess\0SRService\0Tapisrv\0Wmi\0WmdmPmSp\0wuauserv\0BITS\0ShellHWDetection\0LogonHours\0PCAudit\0helpsvc\0uploadmgr\0UserManager\0NetSetupSvc
LocalSystemNetworkRestricted REG_MULTI_SZ ScDeviceEnum\0WiaRpc\0dot3svc\0Netman\0WPDBusEnum\0NcbService\0wlansvc\0DeviceAssociationService\0AudioEndpointBuilder
LocalService REG_MULTI_SZ netprofm\0WebClient\0WinHttpAutoProxySvc
imgsvc REG_MULTI_SZ StiSvc
LocalServiceNoNetwork REG_MULTI_SZ PLA
smphost REG_MULTI_SZ smphost
rpcss REG_MULTI_SZ RpcSs
LocalServiceNetworkRestricted REG_MULTI_SZ wscsvc\0LmHosts\0AudioSrv\0DHCP
appmodel REG_MULTI_SZ StateRepository
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV\0upnphost\0SCardSvr\0QWAVE\0wcncsvc\0BthHFSrv
DcomLaunch REG_MULTI_SZ PlugPlay\0DeviceInstall\0DcomLaunch
NetworkService REG_MULTI_SZ CryptSvc\0WECSVC\0DHCP\0TermService\0Tapisrv\0WinRM\0DNSCache
smbsvcs REG_MULTI_SZ lanmanserver
Kerkcult REG_MULTI_SZ Kerkcult

HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost\appmodel
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost\LocalService
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceAndNoImpersonation
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceNetworkRestricted
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost\LocalServiceNoNetwork
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost\LocalSystemNetworkRestricted
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost\netsvcs
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost\NetworkService
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost\NetworkServiceRemoteDesktopHyperVAgent
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost\NetworkServiceRemoteDesktopPublishing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost\termsvcs

========= End of CMD: =========

HKU\S-1-5-21-2469873729-2041139067-3360814234-1004.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-12202016075044263\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{637FE20B-9A5B-4F51-B1BE-D10045625B40} => key not found.
HKCR\CLSID\{637FE20B-9A5B-4F51-B1BE-D10045625B40} => key not found.

#30 Příspěvek od **altrok** » 23 pro 2016 13:24

Jak fix bezi vic jak 15 minut, tak je neco spatne (a to uz musi byt hodne zapleveleny stroj). Chybka tam neni, jen se nekomu neco nelibi (systemu, haveti, ...).

Popremyslim nahlas. Potencialni problemy dle meho muzou byt tady

S2 0012271482065413mcinstcleanup; C:\WINDOWS\TEMP\001227~1.EXE -cleanup -nolog [X]
2016-12-16 16:00 - 2016-12-16 16:00 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Cipughtvedidom
2016-11-22 18:35 - 2016-11-22 18:35 - 00000000 ____D C:\Program Files (x86)\athy4qig
2016-11-26 18:00 - 2015-02-05 22:31 - 00000000 ____D C:\ProgramData\Avira

Zbytek jsou naprosto banalni operace, kde by nemel nastat sebemensi problem (drive jeste "EmptyTemp:"). Vyzkousejte tyto 4 radky z fixlistu odebrat, pripadne jeste vyhodte EmptyTemp: a dejte vedet.

VIRY.CZ

Pozustatky po LAN party

Re: Pozustatky po LAN party

Re: Pozustatky po LAN party

Re: Pozustatky po LAN party

Re: Pozustatky po LAN party

Re: Pozustatky po LAN party

Re: Pozustatky po LAN party

Re: Pozustatky po LAN party

Re: Pozustatky po LAN party

Re: Pozustatky po LAN party

Re: Pozustatky po LAN party

Re: Pozustatky po LAN party

Re: Pozustatky po LAN party

Re: Pozustatky po LAN party

Re: Pozustatky po LAN party

Re: Pozustatky po LAN party