﻿Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Vojtěch (administrator) on PC-VOJTA on 10-05-2015 13:14:26
Running from C:\Users\Vojtěch\Desktop
Loaded Profiles: Vojtěch (Available profiles: Vojtěch & lenic_000 & postgres)
Platform: Windows 8.1 Pro N (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-27] (Panda Security, S.L.)
HKU\S-1-5-21-100684261-1644508502-2125021975-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25700400 2015-04-28] (Google)
HKU\S-1-5-21-100684261-1644508502-2125021975-1001\...\Run: [BitTorrent Bleep] => C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bleep\Bleep.appref-ms
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-100684261-1644508502-2125021975-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-17] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-17] (Oracle Corporation)
BHO-x32: Octh Class -> {000123B4-9B42-4900-B3F7-F4B073EFC214} -> C:\Program Files (x86)\Orbitdownloader\orbitcth.dll [2013-09-11] (Orbitdownloader.com)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-17] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-17] (Oracle Corporation)
Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll [2013-09-11] ()
Tcpip\Parameters: [DhcpNameServer] 85.207.68.1 8.8.8.8
Tcpip\..\Interfaces\{F72ECEF9-5DCC-45BD-92B5-34B7261C3DCA}: [NameServer] 158.196.149.9,158.196.162.8

FireFox:
========
FF ProfilePath: C:\Users\Vojtěch\AppData\Roaming\Mozilla\Firefox\Profiles\axe6dw0v.default-1422374671251
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-17] (Oracle Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-100684261-1644508502-2125021975-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Extension: HTTPS-Everywhere - C:\Users\Vojtěch\AppData\Roaming\Mozilla\Firefox\Profiles\axe6dw0v.default-1422374671251\Extensions\https-everywhere@eff.org [2015-04-26]
FF Extension: Adblock Plus - C:\Users\Vojtěch\AppData\Roaming\Mozilla\Firefox\Profiles\axe6dw0v.default-1422374671251\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-03]
FF Extension: DownThemAll! - C:\Users\Vojtěch\AppData\Roaming\Mozilla\Firefox\Profiles\axe6dw0v.default-1422374671251\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-04-29]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-10]
CHR Extension: (Google Docs) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-10]
CHR Extension: (Google Drive) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-10]
CHR Extension: (YouTube) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-10]
CHR Extension: (Google Search) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-10]
CHR Extension: (Google Sheets) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-12-18]
CHR Extension: (Google Wallet) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-10]
CHR Extension: (Gmail) - C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-10]
CHR HKU\S-1-5-21-100684261-1644508502-2125021975-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-11-09] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2719928 2015-04-22] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] ()
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] ()
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-27] (Panda Security, S.L.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-21] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [File not signed]
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-27] (Panda Security, S.L.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-05-07] (Malwarebytes Corporation)
S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-29] (Microsoft Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2015-02-25] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-25] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-25] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-25] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-25] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-25] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-01-29] (Panda Security, S.L.)
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-10-11] (Oracle Corporation)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31936 2014-11-20] (VMware, Inc.)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2014-11-17] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-10 08:35 - 2015-05-10 08:35 - 00000000 ___SD () C:\Users\Vojtěch\Documents\My Shapes
2015-05-10 08:04 - 2015-05-10 08:04 - 00000000 ____D () C:\Windows\PCHEALTH
2015-05-10 08:02 - 2015-05-10 08:35 - 01623175 _____ () C:\Users\Vojtěch\Desktop\data.xlsx
2015-05-10 08:02 - 2015-05-10 08:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-10 08:02 - 2015-05-10 08:02 - 00000000 ____D () C:\Users\Vojtěch\AppData\Local\Microsoft Help
2015-05-10 08:02 - 2015-05-10 08:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-05-10 08:01 - 2015-05-10 08:01 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-05-10 07:53 - 2015-05-10 07:53 - 00000000 ____D () C:\Users\Vojtěch\Downloads\Visio Professional 2013 with SP1 32 and 64-Bit - DVD (English)
2015-05-10 07:42 - 2015-05-10 07:42 - 00000183 _____ () C:\Users\Vojtěch\Downloads\100381700627.sdx
2015-05-09 18:00 - 2015-05-09 18:51 - 00000000 ____D () C:\Users\lenic_000\Desktop\Zůstaň se mnou, If I Stay - 2014 cz tit. drama
2015-05-09 18:00 - 2014-11-10 01:30 - 851133134 _____ () C:\Users\lenic_000\Desktop\If I Stay 2014 [720p.BluRay] .mp4
2015-05-09 17:09 - 2015-05-09 17:22 - 849071273 _____ () C:\Users\lenic_000\Downloads\Zůstaň se mnou, If I Stay - 2014 cz tit. drama.rar
2015-05-08 15:35 - 2015-05-08 15:38 - 283376896 _____ (NVIDIA Corporation) C:\Users\lenic_000\Downloads\341.44-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-05-08 14:07 - 2015-01-29 19:21 - 00061712 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-05-08 11:43 - 2015-05-08 14:35 - 00000000 ____D () C:\Users\lenic_000\Documents\ccleaner
2015-05-08 11:32 - 2015-05-08 11:32 - 00002798 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-08 11:31 - 2015-05-08 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-08 11:31 - 2015-05-08 14:35 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-08 11:31 - 2015-05-08 11:31 - 00000834 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-08 11:29 - 2015-05-08 11:29 - 06484352 _____ (Piriform Ltd) C:\Users\lenic_000\Downloads\ccsetup505.exe
2015-05-08 11:26 - 2015-05-08 11:31 - 179146839 _____ () C:\Users\lenic_000\Downloads\modelio-open-201502191121-win32.win32.x86_64.zip
2015-05-08 11:22 - 2015-05-08 11:23 - 00650752 _____ () C:\Users\lenic_000\Downloads\MicrosoftFixit50229.msi
2015-05-07 17:49 - 2015-05-07 17:50 - 00294920 _____ () C:\Windows\Minidump\050715-29250-01.dmp
2015-05-07 17:13 - 2015-05-08 14:35 - 00000000 ____D () C:\Users\Vojtěch\AppData\Roaming\KDE
2015-05-07 17:12 - 2015-05-08 14:35 - 00000000 ____D () C:\ProgramData\KDE
2015-05-07 17:12 - 2015-05-07 17:12 - 02267648 _____ () C:\Users\Vojtěch\Downloads\kdewin-installer-gui-1.0.0.exe
2015-05-07 07:28 - 2015-05-07 07:28 - 00001243 _____ () C:\Users\Vojtěch\AppData\Local\recently-used.xbel
2015-05-07 07:27 - 2015-05-08 14:35 - 00000000 ____D () C:\Users\Vojtěch\.argouml
2015-05-07 07:27 - 2015-05-08 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArgoUML
2015-05-07 07:27 - 2015-05-07 07:27 - 00002270 _____ () C:\Users\postgres.pc-vojta\Desktop\ArgoUML.lnk
2015-05-07 07:27 - 2015-05-07 07:27 - 00002270 _____ () C:\Users\lenic_000\Desktop\ArgoUML.lnk
2015-05-07 07:22 - 2015-05-07 07:22 - 16530652 _____ () C:\Users\Vojtěch\Downloads\ArgoUML-0.34-setup.exe
2015-05-07 07:11 - 2015-05-08 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\diashapes
2015-05-07 07:11 - 2015-05-08 10:50 - 00000000 ____D () C:\Program Files (x86)\diashapes
2015-05-07 07:10 - 2015-05-07 07:10 - 00248448 _____ (Steffen Macke) C:\Users\Vojtěch\Downloads\diashapes-setup-0.2.2.exe
2015-05-07 07:01 - 2015-05-08 14:35 - 00000000 ____D () C:\Users\Vojtěch\UMLet
2015-05-07 07:00 - 2015-05-07 07:00 - 07766366 _____ () C:\Users\Vojtěch\Downloads\umlet_13.2.zip
2015-05-07 07:00 - 2015-05-07 07:00 - 00000000 ____D () C:\Users\Vojtěch\Downloads\umlet_13.2
2015-05-06 22:59 - 2015-05-08 14:15 - 00000000 ___RD () C:\Users\Vojtěch\OneDrive
2015-05-06 22:59 - 2015-05-06 23:00 - 00003100 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-100684261-1644508502-2125021975-1001
2015-05-06 22:59 - 2015-05-06 22:58 - 07210656 _____ (Microsoft Corporation) C:\Users\Vojtěch\Downloads\OneDriveSetup.exe
2015-05-06 22:58 - 2015-05-06 22:58 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-05-06 01:09 - 2015-05-06 01:09 - 07666403 _____ () C:\Users\Vojtěch\Desktop\tps.zip
2015-05-06 00:57 - 2015-05-06 00:58 - 00000000 ____D () C:\Users\Vojtěch\Desktop\tps
2015-05-05 20:53 - 2015-05-05 21:14 - 849071273 _____ () C:\Users\Vojtěch\Downloads\Zůstaň se mnou, If I Stay - 2014 cz tit. drama.rar
2015-05-04 08:02 - 2015-05-04 10:01 - 733063168 _____ () C:\Users\Vojtěch\Desktop\Priserky-SRO_KIM.CZ.avi
2015-04-29 17:41 - 2015-04-29 17:41 - 00000000 ____D () C:\Users\Vojtěch\AppData\Roaming\ProgSense
2015-04-29 17:41 - 2015-04-29 17:41 - 00000000 ____D () C:\Users\Vojtěch\AppData\Roaming\GrabPro
2015-04-29 17:40 - 2015-05-08 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit
2015-04-29 17:40 - 2015-05-08 14:35 - 00000000 ____D () C:\Program Files (x86)\Orbitdownloader
2015-04-29 17:40 - 2015-04-29 17:40 - 00001063 _____ () C:\Users\Vojtěch\Desktop\Orbit.lnk
2015-04-29 17:39 - 2015-05-08 14:35 - 00000000 ____D () C:\Users\Vojtěch\AppData\Roaming\Orbit
2015-04-29 17:39 - 2015-04-29 17:39 - 05528480 _____ (www.orbitdownloader.com ) C:\Users\Vojtěch\Downloads\OrbitSetup4.1.19.exe
2015-04-28 10:05 - 2015-04-28 10:16 - 911337596 _____ () C:\Users\Vojtěch\Desktop\Falešní poldové 2014 Cz tit..avi
2015-04-27 15:21 - 2015-04-27 15:43 - 1328481135 _____ () C:\Users\Vojtěch\Downloads\PVBPS.zip
2015-04-27 00:41 - 2015-04-27 00:41 - 01624086 _____ () C:\Users\Vojtěch\Documents\data.xlsx
2015-04-26 21:19 - 2015-04-26 21:47 - 03245180 _____ () C:\Users\Vojtěch\Desktop\ReportExport.csv
2015-04-26 20:54 - 2015-04-26 20:56 - 00000000 ____D () C:\Users\Vojtěch\Desktop\test
2015-04-26 18:31 - 2015-04-26 18:34 - 39359760 _____ () C:\Users\Vojtěch\Downloads\PokerTracker.3v3.00.4.rar
2015-04-26 18:27 - 2015-04-26 18:30 - 59220109 _____ () C:\Users\Vojtěch\Downloads\Poker-Tracker-4-v4.02.01.rar
2015-04-26 18:10 - 2015-05-10 08:20 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 4
2015-04-26 18:10 - 2015-05-08 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2015-04-26 18:10 - 2015-04-26 20:51 - 00000000 ____D () C:\Users\Vojtěch\AppData\Local\PokerTracker 4
2015-04-26 18:10 - 2015-04-26 18:10 - 00004868 _____ () C:\ProgramData\flwjycbm.bab
2015-04-26 18:10 - 2015-04-26 18:10 - 00001086 _____ () C:\Users\Vojtěch\Desktop\PokerTracker 4.lnk
2015-04-26 18:10 - 2015-04-26 18:10 - 00001086 _____ () C:\Users\postgres.pc-vojta\Desktop\PokerTracker 4.lnk
2015-04-26 18:10 - 2015-04-26 18:10 - 00001086 _____ () C:\Users\lenic_000\Desktop\PokerTracker 4.lnk
2015-04-26 18:10 - 2015-04-26 18:10 - 00000000 ____D () C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2015-04-26 18:07 - 2015-04-26 18:08 - 67385024 _____ () C:\Users\Vojtěch\Downloads\PT-Install-v4.13.2.exe
2015-04-26 15:38 - 2015-05-08 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Holdem Manager 2
2015-04-26 15:38 - 2015-05-08 14:35 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2015-04-26 15:38 - 2015-04-26 16:23 - 00001100 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2015-04-26 15:38 - 2015-04-26 15:38 - 00019076 _____ () C:\Users\Vojtěch\Downloads\install.log
2015-04-26 15:24 - 2015-05-08 15:21 - 00000000 ____D () C:\Users\postgres.pc-vojta
2015-04-26 15:24 - 2015-05-08 14:35 - 00000000 ___RD () C:\Users\postgres.pc-vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-26 15:24 - 2015-05-08 14:35 - 00000000 ___RD () C:\Users\postgres.pc-vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-26 15:24 - 2015-05-08 14:35 - 00000000 ___RD () C:\Users\postgres.pc-vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-26 15:24 - 2015-05-08 14:35 - 00000000 ____D () C:\Users\postgres.pc-vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-26 15:24 - 2015-04-26 15:24 - 00000020 ___SH () C:\Users\postgres.pc-vojta\ntuser.ini
2015-04-26 15:24 - 2015-04-26 15:24 - 00000000 _SHDL () C:\Users\postgres.pc-vojta\Šablony
2015-04-26 15:24 - 2015-04-26 15:24 - 00000000 _SHDL () C:\Users\postgres.pc-vojta\Soubory cookie
2015-04-26 15:24 - 2015-04-26 15:24 - 00000000 _SHDL () C:\Users\postgres.pc-vojta\Poslední
2015-04-26 15:24 - 2015-04-26 15:24 - 00000000 _SHDL () C:\Users\postgres.pc-vojta\Okolní tiskárny
2015-04-26 15:24 - 2015-04-26 15:24 - 00000000 _SHDL () C:\Users\postgres.pc-vojta\Okolní síť
2015-04-26 15:24 - 2015-04-26 15:24 - 00000000 _SHDL () C:\Users\postgres.pc-vojta\Nabídka Start
2015-04-26 15:24 - 2015-04-26 15:24 - 00000000 _SHDL () C:\Users\postgres.pc-vojta\Dokumenty
2015-04-26 15:24 - 2015-04-26 15:24 - 00000000 _SHDL () C:\Users\postgres.pc-vojta\Documents\Obrázky
2015-04-26 15:24 - 2015-04-26 15:24 - 00000000 _SHDL () C:\Users\postgres.pc-vojta\Documents\Hudba
2015-04-26 15:24 - 2015-04-26 15:24 - 00000000 _SHDL () C:\Users\postgres.pc-vojta\Documents\Filmy
2015-04-26 15:24 - 2015-04-26 15:24 - 00000000 _SHDL () C:\Users\postgres.pc-vojta\Data aplikací
2015-04-26 15:24 - 2015-04-26 15:24 - 00000000 _SHDL () C:\Users\postgres.pc-vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-04-26 15:24 - 2015-04-26 15:24 - 00000000 _SHDL () C:\Users\postgres.pc-vojta\AppData\Local\Data aplikací
2015-04-26 15:24 - 2015-01-28 18:08 - 00000000 ____D () C:\Users\postgres.pc-vojta\AppData\Local\Google
2015-04-26 15:24 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\postgres.pc-vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-04-26 15:24 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\postgres.pc-vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-04-26 15:23 - 2015-05-08 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.4
2015-04-26 15:22 - 2015-05-08 14:35 - 00000000 ____D () C:\postgreSQL
2015-04-26 15:21 - 2015-04-26 15:21 - 00000000 ____D () C:\PostgreSQL-prev-2015-27-Mar-17-26-46
2015-04-26 14:39 - 2015-04-26 14:41 - 115441881 _____ () C:\Users\Vojtěch\Downloads\8311_HoldemManager2Setup.exe
2015-04-26 14:32 - 2015-04-26 14:32 - 14679376 _____ (EnterpriseDB) C:\Users\Vojtěch\edb_pgagent.exe
2015-04-26 14:27 - 2015-04-26 14:27 - 00000000 ____D () C:\Program Files\PostgreSQL
2015-04-26 14:18 - 2015-04-26 14:19 - 60948248 _____ (PostgreSQL Global Development Group) C:\Users\Vojtěch\Downloads\postgresql-9.4.1-3-windows-x64.exe
2015-04-26 14:13 - 2015-04-26 17:25 - 00000436 _____ () C:\Users\Vojtěch\Documents\pgadmin.log
2015-04-26 14:11 - 2015-04-26 18:39 - 00000000 ____D () C:\Users\Vojtěch\AppData\Roaming\postgresql
2015-04-26 14:08 - 2015-05-08 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pgAdmin III 1.20
2015-04-26 14:08 - 2015-04-26 14:08 - 00000000 ____D () C:\Program Files (x86)\pgAdmin III
2015-04-26 14:06 - 2015-04-26 14:06 - 12564154 _____ () C:\Users\Vojtěch\Downloads\pgadmin3-1.20.0.zip
2015-04-26 13:13 - 2015-04-26 13:13 - 00000000 ____D () C:\Users\Vojtěch\AppData\Roaming\SitNGoWizard
2015-04-26 13:07 - 2015-05-08 14:35 - 00000000 ____D () C:\Users\Vojtěch\AppData\Local\Hold'em_Manager
2015-04-26 12:59 - 2015-04-26 12:59 - 00000000 ____D () C:\Users\Vojtěch\AppData\Roaming\HEM Data
2015-04-26 12:59 - 2015-04-26 12:59 - 00000000 ____D () C:\HM2Archive
2015-04-26 12:55 - 2015-05-08 14:35 - 00000000 ____D () C:\Users\Vojtěch\AppData\Roaming\HoldemManager
2015-04-26 12:55 - 2015-05-08 14:35 - 00000000 ____D () C:\ProgramData\XHEO INC
2015-04-26 12:45 - 2015-05-08 14:35 - 00000000 ___RD () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-26 12:45 - 2015-05-08 14:35 - 00000000 ___RD () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-26 12:45 - 2015-05-08 14:35 - 00000000 ___RD () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-26 12:45 - 2015-05-08 14:35 - 00000000 ____D () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-26 12:45 - 2015-05-08 14:35 - 00000000 ____D () C:\Users\postgres
2015-04-26 12:45 - 2015-04-26 12:45 - 00000020 ___SH () C:\Users\postgres\ntuser.ini
2015-04-26 12:45 - 2015-04-26 12:45 - 00000000 _SHDL () C:\Users\postgres\Šablony
2015-04-26 12:45 - 2015-04-26 12:45 - 00000000 _SHDL () C:\Users\postgres\Soubory cookie
2015-04-26 12:45 - 2015-04-26 12:45 - 00000000 _SHDL () C:\Users\postgres\Poslední
2015-04-26 12:45 - 2015-04-26 12:45 - 00000000 _SHDL () C:\Users\postgres\Okolní tiskárny
2015-04-26 12:45 - 2015-04-26 12:45 - 00000000 _SHDL () C:\Users\postgres\Okolní síť
2015-04-26 12:45 - 2015-04-26 12:45 - 00000000 _SHDL () C:\Users\postgres\Nabídka Start
2015-04-26 12:45 - 2015-04-26 12:45 - 00000000 _SHDL () C:\Users\postgres\Dokumenty
2015-04-26 12:45 - 2015-04-26 12:45 - 00000000 _SHDL () C:\Users\postgres\Documents\Obrázky
2015-04-26 12:45 - 2015-04-26 12:45 - 00000000 _SHDL () C:\Users\postgres\Documents\Hudba
2015-04-26 12:45 - 2015-04-26 12:45 - 00000000 _SHDL () C:\Users\postgres\Documents\Filmy
2015-04-26 12:45 - 2015-04-26 12:45 - 00000000 _SHDL () C:\Users\postgres\Data aplikací
2015-04-26 12:45 - 2015-04-26 12:45 - 00000000 _SHDL () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-04-26 12:45 - 2015-04-26 12:45 - 00000000 _SHDL () C:\Users\postgres\AppData\Local\Data aplikací
2015-04-26 12:45 - 2015-01-28 18:08 - 00000000 ____D () C:\Users\postgres\AppData\Local\Google
2015-04-26 12:45 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-04-26 12:45 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-04-26 12:41 - 2015-05-08 14:35 - 00000000 ____D () C:\Program Files (x86)\PSQLINSTALL
2015-04-26 08:05 - 2015-05-08 14:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-21 06:50 - 2015-04-21 06:50 - 00012375 _____ () C:\Users\Vojtěch\Downloads\testy_dvouvyberove.xlsx
2015-04-20 20:44 - 2015-04-20 20:44 - 00013672 _____ () C:\Users\Vojtěch\Downloads\testy_jednovyberove.xlsx
2015-04-19 10:15 - 2015-04-19 10:15 - 00400628 _____ () C:\Users\Vojtěch\Downloads\Google hacking.pptx
2015-04-15 03:34 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 03:34 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 03:34 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-15 03:34 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 03:34 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-15 03:34 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 03:34 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 03:34 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 03:34 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-15 03:34 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-15 03:34 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-15 03:34 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-15 03:34 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-15 03:34 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-15 03:34 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 03:34 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 03:34 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 03:34 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 03:34 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 03:34 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 03:34 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 03:34 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 03:34 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 03:34 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-15 03:34 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 03:34 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 03:34 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 03:34 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 03:34 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-15 03:34 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 03:34 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 03:34 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 03:34 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 03:34 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 03:34 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 03:34 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 03:34 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 03:34 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 03:34 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-15 03:33 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 03:33 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 03:33 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 03:33 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 03:33 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 03:33 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 03:33 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 03:33 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-15 03:33 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-15 03:33 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-15 03:33 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 03:33 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 03:33 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 23:21 - 2015-04-14 23:21 - 00001257 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-04-14 23:21 - 2015-04-14 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-04-14 23:18 - 2015-04-14 23:21 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-04-14 23:18 - 2015-04-14 23:18 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-04-14 23:15 - 2015-04-14 23:23 - 00000000 ____D () C:\Users\Vojtěch\AppData\Roaming\DVDVideoSoft
2015-04-14 23:14 - 2015-04-14 23:15 - 03310280 _____ (DVDVideoSoft Ltd. ) C:\Users\Vojtěch\Downloads\FreeStudio.exe
2015-04-14 10:41 - 2015-05-10 12:58 - 00004982 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PC-VOJTA-Vojtěch pc-vojta
2015-04-14 08:06 - 2015-04-14 08:06 - 111197384 _____ (Oracle Corporation) C:\Users\Vojtěch\Downloads\VirtualBox-4.3.24-98716-Win.exe
2015-04-13 22:23 - 2015-04-13 22:23 - 05008269 _____ () C:\Users\Vojtěch\Downloads\PVBPS - Protokoly a prezentace ze cvičení - 13.04.2015.7z

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-10 13:14 - 2015-03-06 22:06 - 00020269 _____ () C:\Users\Vojtěch\Desktop\FRST.txt
2015-05-10 13:14 - 2015-03-04 23:19 - 00000000 ____D () C:\FRST
2015-05-10 13:10 - 2015-03-10 19:32 - 00000000 ____D () C:\Users\Vojtěch\Desktop\FRST-OlderVersion
2015-05-10 13:10 - 2015-03-04 23:18 - 02102784 _____ (Farbar) C:\Users\Vojtěch\Desktop\FRST64.exe
2015-05-10 13:07 - 2014-11-08 18:40 - 01711287 _____ () C:\Windows\WindowsUpdate.log
2015-05-10 12:55 - 2014-11-09 12:29 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-10 12:15 - 2014-11-08 18:56 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-100684261-1644508502-2125021975-1001
2015-05-10 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-10 08:04 - 2015-01-13 23:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-05-10 08:04 - 2015-01-13 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-10 08:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-10 07:53 - 2014-11-08 19:24 - 00087923 _____ () C:\Users\Vojtěch\Downloads\SecureDownloadManager.log
2015-05-10 07:29 - 2014-12-05 21:02 - 00000000 ___DO () C:\Users\lenic_000\OneDrive
2015-05-10 07:26 - 2014-11-08 18:52 - 00000000 ___DO () C:\Users\Vojtěch\SkyDrive
2015-05-10 06:35 - 2015-01-14 20:36 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C2632A8B-DF86-4A25-AF28-36D7F525AB30}
2015-05-09 21:55 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-09 21:31 - 2014-12-12 21:50 - 00000000 ____D () C:\Users\lenic_000\AppData\Roaming\vlc
2015-05-09 18:51 - 2015-03-21 11:37 - 00222720 ___SH () C:\Users\lenic_000\Desktop\Thumbs.db
2015-05-09 17:01 - 2015-03-06 16:38 - 01741312 ___SH () C:\Users\lenic_000\Downloads\Thumbs.db
2015-05-08 22:59 - 2014-12-05 20:50 - 00000000 ____D () C:\Users\lenic_000
2015-05-08 22:01 - 2014-12-05 21:05 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-100684261-1644508502-2125021975-1002
2015-05-08 21:17 - 2015-03-18 16:49 - 00000000 ____D () C:\Users\lenic_000\AppData\Local\HTC MediaHub
2015-05-08 21:17 - 2014-12-14 21:09 - 00000000 ____D () C:\ProgramData\VMware
2015-05-08 21:17 - 2014-11-08 19:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-08 21:17 - 2013-08-22 16:45 - 00014312 _____ () C:\Windows\setupact.log
2015-05-08 21:17 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-08 15:29 - 2015-03-17 21:58 - 00000000 ____D () C:\Users\Vojtěch\AppData\Local\HTC MediaHub
2015-05-08 15:21 - 2014-11-08 18:48 - 00000000 ____D () C:\Users\Vojtěch
2015-05-08 14:35 - 2014-11-10 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-08 14:35 - 2014-11-09 17:58 - 00000000 ___RD () C:\Users\Vojtěch\Disk Google
2015-05-08 14:35 - 2014-11-09 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-05-08 14:35 - 2014-11-09 01:18 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-08 14:35 - 2014-11-08 21:32 - 00000000 ____D () C:\Users\Vojtěch\AppData\Roaming\vlc
2015-05-08 14:35 - 2014-11-08 19:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-08 14:34 - 2015-04-04 10:22 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-08 14:34 - 2014-11-09 01:33 - 00000000 ____D () C:\Windows\Minidump
2015-05-08 14:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\registration
2015-05-08 12:12 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-05-08 11:06 - 2014-11-08 18:25 - 00000000 _____ () C:\Recovery.txt
2015-05-08 10:55 - 2014-11-08 18:26 - 00020004 _____ () C:\Windows\PFRO.log
2015-05-07 17:49 - 2014-11-09 01:33 - 478566535 _____ () C:\Windows\MEMORY.DMP
2015-05-07 14:30 - 2015-03-06 22:22 - 00116224 ___SH () C:\Users\Vojtěch\Desktop\Thumbs.db
2015-05-07 12:49 - 2014-11-08 18:52 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8ADC7B6C-C553-45CF-9903-E39E2D709EC6}
2015-05-07 07:12 - 2014-11-09 19:23 - 00000000 ____D () C:\Users\Vojtěch\Downloads\Vojta
2015-05-07 06:15 - 2015-01-25 02:05 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-07 00:14 - 2014-11-08 18:48 - 00000000 ____D () C:\Users\Vojtěch\AppData\Local\Packages
2015-05-06 00:13 - 2014-11-09 17:58 - 00002058 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2015-05-06 00:13 - 2014-11-09 17:58 - 00002056 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2015-05-06 00:13 - 2014-11-09 17:58 - 00002046 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2015-05-05 08:44 - 2015-01-13 23:31 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-04 09:06 - 2014-11-10 19:44 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-29 09:59 - 2014-11-09 12:21 - 00000000 ____D () C:\Users\Vojtěch\Documents\Visual Studio 2013
2015-04-27 21:22 - 2015-03-31 21:41 - 00020992 ___SH () C:\Users\Vojtěch\Downloads\Thumbs.db
2015-04-26 20:49 - 2014-11-09 01:04 - 00000000 ____D () C:\Users\Vojtěch\.VirtualBox
2015-04-26 19:09 - 2014-12-02 19:40 - 00000000 ____D () C:\Users\Vojtěch\virtual
2015-04-26 12:39 - 2014-11-08 18:42 - 01943106 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-26 12:39 - 2013-08-23 00:05 - 00803648 _____ () C:\Windows\system32\perfh005.dat
2015-04-26 12:39 - 2013-08-23 00:05 - 00184704 _____ () C:\Windows\system32\perfc005.dat
2015-04-26 10:06 - 2014-12-02 14:11 - 00000000 ____D () C:\Users\Vojtěch\Downloads\freerapid
2015-04-21 20:31 - 2015-02-07 21:12 - 00002246 ____H () C:\Users\lenic_000\Documents\Default.rdp
2015-04-21 16:23 - 2015-03-07 00:15 - 00000000 ____D () C:\Users\lenic_000\Documents\Visual Studio 2013
2015-04-19 21:46 - 2014-11-10 18:23 - 00000000 ____D () C:\Users\Vojtěch\VirtualBox VMs
2015-04-18 09:49 - 2015-02-16 13:34 - 00001000 _____ () C:\Users\Vojtěch\Desktop\Sweet Home 3D.lnk
2015-04-16 21:11 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-04-16 19:26 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 23:48 - 2014-12-10 09:56 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 23:48 - 2014-11-13 23:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 23:48 - 2014-11-10 11:51 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 23:42 - 2014-11-10 11:51 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 23:42 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-14 23:19 - 2014-11-08 19:27 - 00000000 ____D () C:\Users\Vojtěch\AppData\Roaming\Skype
2015-04-14 18:57 - 2014-11-09 12:29 - 00003802 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 01:24 - 2015-03-16 09:16 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2015-03-16 09:16 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-10 07:29 - 2013-08-22 16:44 - 00678960 _____ () C:\Windows\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2015-03-11 18:57 - 2015-03-17 20:07 - 0000600 _____ () C:\Users\Vojtěch\AppData\Local\PUTTY.RND
2015-05-07 07:28 - 2015-05-07 07:28 - 0001243 _____ () C:\Users\Vojtěch\AppData\Local\recently-used.xbel
2015-04-26 18:10 - 2015-04-26 18:10 - 0004868 _____ () C:\ProgramData\flwjycbm.bab

Files to move or delete:
====================
C:\Users\Vojtěch\edb_pgagent.exe


Some content of TEMP:
====================
C:\Users\lenic_000\AppData\Local\Temp\shutdown1430054296.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 09:07

==================== End Of Log ============================