Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-06-2016 01
Ran by Ondřej (administrator) on BUDDHA (13-06-2016 12:22:19)
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej (Available Profiles: Ondřej)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
(Flux Software LLC) C:\Users\Ondřej\AppData\Local\FluxSoftware\Flux\flux.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
() C:\ProgramData\BOINC\projects\einstein.phys.uwm.edu\einstein_O1AS20-100F_1.04_windows_x86_64__X64O1F.exe
() C:\ProgramData\BOINC\projects\einstein.phys.uwm.edu\einstein_O1AS20-100F_1.04_windows_x86_64__X64O1F.exe
() C:\ProgramData\BOINC\projects\einstein.phys.uwm.edu\einstein_O1AS20-100F_1.04_windows_x86_64__X64O1F.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\ProgramData\BOINC\projects\einstein.phys.uwm.edu\einstein_O1AS20-100F_1.04_windows_x86_64__X64O1F.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\eOPPFrame.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(forum.viry.cz) C:\Users\Ondřej\Desktop\FRST-OlderVersion\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2015-03-08] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [69416 2015-12-17] (Space Sciences Laboratory)
HKLM\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [8746792 2015-12-17] (Space Sciences Laboratory)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc.)
HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2015-01-28] (ABBYY Production LLC.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Live! Central 3] => C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe [461312 2015-06-28] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23972712 2016-05-31] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318248 2016-01-08] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-10] (Valve Corporation)
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23496872 2016-05-17] (Google)
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\...\Run: [GoogleChromeAutoLaunch_C5DCB8103DA91A03D527BC2B560B3572] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe [2692608 2015-05-19] (i-Funbox.com)
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\...\Run: [f.lux] => C:\Users\Ondřej\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1572648 2016-01-08] (Samsung)
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1021736 2016-01-08] (Samsung)
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1021736 2016-01-08] (Samsung)
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\...\MountPoints2: {dde6dd85-abe1-11e4-8258-14dae9f3f79e} - "I:\LaunchCGS.exe"
HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\boinc.scr [1159464 2015-12-17] (Space Sciences Laboratory)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logo Calibration Loader.lnk [2016-04-17]
ShortcutTarget: Logo Calibration Loader.lnk -> C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ProfileReminder.lnk [2016-04-17]
ShortcutTarget: ProfileReminder.lnk -> C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-01-24]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk [2015-06-30]
ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2015-12-21]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (No File)
Startup: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-06-10]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{C88D4F33-E220-4E01-80F8-7A2B37A5D218}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-26] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-06] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-06-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-06] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\fcr6fnsc.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-26] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2460079471-3318468289-1988247580-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-07-31] ()
FF SearchPlugin: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\fcr6fnsc.default\searchplugins\abz-slovnik-ceskych-synonym.xml [2015-12-02]
FF Extension: Clearly - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\fcr6fnsc.default\extensions\
readable@evernote.com.xpi [2015-05-29]
FF Extension: YouTube™ Enhancer Plus - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\fcr6fnsc.default\extensions\
firefoxaddon@youtubeenhancer.com.xpi [2016-05-27]
FF Extension: Youtube Downloader - 4K Download - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\fcr6fnsc.default\extensions\
paulsaintuzb@gmail.com [2016-06-06]
FF Extension: Disconnect - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\fcr6fnsc.default\Extensions\
2.0@disconnect.me.xpi [2016-04-28]
FF Extension: Push to Kindle - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\fcr6fnsc.default\Extensions\
jid0-GokC6R49cBZciOKniufAR4QKFWc@jetpack.xpi [2016-04-28]
FF Extension: Translate This! - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\fcr6fnsc.default\Extensions\
jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2015-11-08]
FF Extension: Lightbeam - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\fcr6fnsc.default\Extensions\
jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-12-04]
FF Extension: Send to Kindle for Mozilla Firefox - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\fcr6fnsc.default\Extensions\
sendtokindle@amazon.com.xpi [2016-04-13]
FF Extension: TweakTube - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\fcr6fnsc.default\Extensions\{15e67a59-bd3d-49ae-90dd-b3d3fd14c2ed}.xpi [2016-04-28]
FF Extension: NoScript - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\fcr6fnsc.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-08]
FF Extension: Adblock Plus - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\fcr6fnsc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Extension: web_clipper - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\fcr6fnsc.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2016-04-28]
Chrome:
=======
CHR HomePage: Default -> hxxp://
www.google.com/
CHR StartupUrls: Default -> "hxxps://
www.google.com/"
CHR Profile: C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-08]
CHR Extension: (Dokumenty Google) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-08]
CHR Extension: (Disk Google) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (Moje IP adresa) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf [2015-01-24]
CHR Extension: (Adblock Plus) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-05]
CHR Extension: (Vyhledávání Google) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (Tabulky Google) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-05]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2015-01-24]
CHR Extension: (Clearly) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2015-06-14]
CHR Extension: (Send to Kindle (by Klip.me)) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan [2015-01-24]
CHR Extension: (KanMeet Calendar Synchronizer for Evernote) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipogebjapdddlkchpnimcgplonlonkoj [2015-01-24]
CHR Extension: (Facebook Invite All Friends PRO 2016) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjgfeibcphdoepjnmplpgbnpkngnmdmn [2016-05-21]
CHR Extension: (Facebook Invite Them All) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\jladghljinmlokelojmdmblikkifabea [2015-01-24]
CHR Extension: (JDownloader Integration for Google Chrome™) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm [2015-01-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-03-09]
CHR Extension: (Mapy Google) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-18]
CHR Extension: (Download Master) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf [2016-04-26]
CHR Extension: (Quick Note) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2015-05-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-08]
CHR Extension: (Gmail) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKU\S-1-5-21-2460079471-3318468289-1988247580-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2015-05-16] (Software602 a.s.)
S4 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2015-01-30] (ABBYY Production LLC)
S4 ABBYY.Licensing.PDFTransformer.Classic.4.0; C:\Program Files (x86)\ABBYY PDF Transformer+\NetworkLicenseServer.exe [959184 2015-01-30] (ABBYY Production LLC)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2015-02-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2015-02-28] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2015-02-28] (ASUSTeK Computer Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2945792 2016-05-26] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-12-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-12-02] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2520928 2016-06-10] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [200240 2016-05-25] (Microsoft Corporation) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-06-12] (Stardock Software, Inc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-08-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-08-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] ()
R3 athur; C:\Windows\system32\DRIVERS\athuwbx.sys [2702336 2013-11-20] (Qualcomm Atheros Communications, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-02-05] (Disc Soft Ltd)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [469264 2013-06-21] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-03-16] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-09-10] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2016-01-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-11-20] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [142976 2015-11-20] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [198096 2016-03-16] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53384 2016-03-16] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84800 2016-03-16] (ESET)
S3 EyeOneDisplay; C:\Windows\System32\Drivers\i1display_x64.sys [7808 2005-12-14] (GretagMacbeth LLC)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 ssdudfu; C:\Windows\System32\drivers\ssdudfu.sys [101960 2016-01-08] (MCCI)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-12-18] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-08-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-08-21] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-08-21] (Microsoft Corporation)
S3 cpuz138; \??\C:\Users\ONDEJ~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
S2 PDIHWCTL; \??\C:\Windows\system32\drivers\pdihwctl.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-13 12:22 - 2016-06-13 12:22 - 00000000 ____D C:\Users\Ondřej\Desktop\FRST-OlderVersion
2016-06-13 08:59 - 2016-06-13 08:59 - 11404986 _____ C:\Users\Ondřej\Downloads\prilohy_22026.zip
2016-06-13 08:57 - 2016-06-13 08:57 - 08743614 _____ C:\Users\Ondřej\Downloads\prilohy_22260.zip
2016-06-12 18:37 - 2016-06-12 18:37 - 00002523 _____ C:\Users\Public\Desktop\Evernote.lnk
2016-06-12 18:37 - 2016-06-12 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-06-10 22:54 - 2016-06-10 22:54 - 00061440 _____ C:\Users\Ondřej\Documents\Kniha 1.indb
2016-06-10 22:09 - 2016-06-10 22:09 - 00000000 ____D C:\Users\Ondřej\Downloads\still life- promo
2016-06-08 00:14 - 2016-06-08 15:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-07 13:32 - 2016-06-07 13:34 - 09428480 _____ C:\Users\Ondřej\Downloads\_tmp_video_1465299274996.mp4
2016-06-07 13:26 - 2016-06-07 13:26 - 01975427 _____ C:\Users\Ondřej\Downloads\hup a hop [Low, 360p].mp4
2016-06-07 13:25 - 2016-06-07 13:26 - 03044999 _____ C:\Users\Ondřej\Downloads\_tmp_video_1465298761371.mp4
2016-06-06 23:02 - 2016-06-06 23:03 - 00734670 _____ C:\Users\Ondřej\Downloads\250965__pertti-orn__carcrash-heartbeat-slomo.wav
2016-06-06 22:36 - 2016-06-06 22:36 - 00939307 _____ C:\Users\Ondřej\Desktop\LOGA.zip
2016-06-06 22:34 - 2016-06-09 12:25 - 00000000 ____D C:\Users\Ondřej\Desktop\LOGA
2016-06-06 22:29 - 2016-06-06 22:29 - 00108579 _____ C:\Users\Ondřej\Desktop\fonts.zip
2016-06-06 22:27 - 2015-08-25 17:24 - 00038696 _____ C:\Users\Ondřej\Desktop\CorporativeSans-Book.otf
2016-06-06 22:27 - 2015-08-25 17:24 - 00038640 _____ C:\Users\Ondřej\Desktop\CorporativeSans-Medium.otf
2016-06-06 22:27 - 2015-08-25 17:24 - 00038156 _____ C:\Users\Ondřej\Desktop\CorporativeSans-Light.otf
2016-06-06 22:25 - 2014-06-15 18:55 - 00059284 _____ C:\Users\Ondřej\Desktop\CaviarDreams.ttf
2016-06-06 14:04 - 2016-06-06 14:04 - 00020068 _____ C:\Users\Ondřej\Downloads\[kat.cr]odjbox.swamp.stomp.2011.mp3.torrent
2016-06-06 13:52 - 2016-06-06 13:52 - 00059303 _____ C:\Users\Ondřej\Downloads\double_feature.zip
2016-06-06 13:52 - 2016-06-06 13:52 - 00000000 ____D C:\Users\Ondřej\Downloads\double_feature
2016-06-06 10:30 - 2016-06-13 12:22 - 00033599 _____ C:\Users\Ondřej\Desktop\FRST.txt
2016-06-06 10:30 - 2016-06-13 12:22 - 00000000 ____D C:\FRST
2016-06-06 10:28 - 2016-06-13 12:22 - 02385408 _____ (Farbar) C:\Users\Ondřej\Desktop\FRST64.exe
2016-06-06 10:03 - 2016-06-06 10:03 - 00060487 _____ C:\Users\Ondřej\Downloads\015 Pravidla hodnocení a východných opatření.pdf
2016-06-06 10:03 - 2016-06-06 10:03 - 00047529 _____ C:\Users\Ondřej\Downloads\012 Školní řád.pdf
2016-06-06 10:03 - 2016-06-06 10:03 - 00040498 _____ C:\Users\Ondřej\Downloads\014 Minimální preventivní program.pdf
2016-06-05 21:55 - 2016-06-05 21:55 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Colossal Order
2016-06-05 21:21 - 2016-06-05 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-05 21:20 - 2016-01-08 01:42 - 00993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-06-05 21:20 - 2016-01-08 01:42 - 00987848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-06-05 21:20 - 2016-01-08 01:42 - 00690016 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-06-05 21:20 - 2016-01-08 01:42 - 00484552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-06-03 13:11 - 2016-06-03 13:11 - 00000000 ____D C:\Users\Ondřej\AppData\Local\2K Games
2016-06-03 13:08 - 2016-06-03 13:08 - 00246866 _____ C:\Users\Ondřej\Desktop\2016007.pdf
2016-06-03 13:07 - 2016-06-03 13:07 - 00227118 _____ C:\Users\Ondřej\Desktop\2016006.pdf
2016-06-02 08:34 - 2016-06-02 08:34 - 00109736 _____ C:\Users\Ondřej\Downloads\Still_life-lighting_plot.pdf
2016-06-02 08:34 - 2016-06-02 08:34 - 00109079 _____ C:\Users\Ondřej\Downloads\Still_life-lighting_plot-without_platform.pdf
2016-05-31 21:22 - 2016-05-31 21:22 - 00000000 ____D C:\Users\Ondřej\AppData\LocalLow\Infinite Dreams
2016-05-31 21:11 - 2016-05-31 21:11 - 00001765 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-05-31 21:11 - 2016-05-31 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-05-31 21:10 - 2016-05-31 21:11 - 00000000 ____D C:\Program Files\iTunes
2016-05-31 21:10 - 2016-05-31 21:10 - 00000000 ____D C:\Program Files\iPod
2016-05-31 21:10 - 2016-05-31 21:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-05-30 23:15 - 2016-05-30 23:15 - 00326285 _____ C:\Users\Ondřej\Downloads\98584-15-8824.zip
2016-05-30 23:15 - 2016-05-30 23:15 - 00000000 ____D C:\Users\Ondřej\Downloads\98584-15-8824
2016-05-30 21:55 - 2016-05-30 22:44 - 00000000 ____D C:\Users\Ondřej\Downloads\PED a PSY
2016-05-30 21:55 - 2016-05-30 21:55 - 00808556 _____ C:\Users\Ondřej\Downloads\PED a PSY.zip
2016-05-30 10:10 - 2016-05-30 10:10 - 00400817 _____ C:\Users\Ondřej\Downloads\zadani_ukolu_MS_duben_2015.pdf
2016-05-30 09:58 - 2016-05-30 09:58 - 01771672 _____ C:\Users\Ondřej\Downloads\logicke_hry__zajimave_motivacni_aktivity__hlavolamy.pdf
2016-05-27 14:27 - 2016-05-27 14:27 - 01978590 _____ C:\Users\Ondřej\Downloads\material_pro_pedagogy.pdf
2016-05-27 14:26 - 2016-05-27 14:26 - 01268881 _____ C:\Users\Ondřej\Downloads\pracovni_listy_1.stupen_zs.pdf
2016-05-27 14:24 - 2016-05-27 14:24 - 01388351 _____ C:\Users\Ondřej\Downloads\pracovni_listy_ms_a_1.trida.pdf
2016-05-27 13:20 - 2016-05-27 13:20 - 00288020 _____ C:\Users\Ondřej\Desktop\Untitled.FR12 - 0002.tif
2016-05-27 10:07 - 2016-05-27 10:08 - 90871117 _____ C:\Users\Ondřej\Downloads\documents-export-2016-05-27.zip
2016-05-21 12:57 - 2016-05-21 12:57 - 00002077 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-05-21 12:57 - 2016-05-21 12:57 - 00000000 ____D C:\Users\Ondřej\AppData\LocalLow\Strange Fire
2016-05-21 12:57 - 2016-01-23 03:12 - 00110016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-05-21 12:54 - 2016-05-21 12:54 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-05-21 12:54 - 2016-05-21 12:54 - 00027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-05-21 12:48 - 2016-04-14 07:38 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-05-21 12:48 - 2016-04-14 07:38 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-05-21 12:48 - 2016-04-14 07:38 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-05-21 10:01 - 2016-04-22 22:54 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-21 10:01 - 2016-04-22 22:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-21 10:01 - 2016-04-22 22:14 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-21 10:01 - 2016-04-22 22:08 - 06052864 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-21 10:01 - 2016-04-22 22:06 - 20349952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-21 10:01 - 2016-04-22 22:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-21 10:01 - 2016-04-22 21:35 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-21 10:01 - 2016-04-22 21:29 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-21 10:01 - 2016-04-22 21:24 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-05-21 10:01 - 2016-04-22 21:23 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-21 10:01 - 2016-04-22 21:19 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-21 10:01 - 2016-04-22 21:17 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-21 10:01 - 2016-04-22 21:14 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-21 10:01 - 2016-04-22 21:14 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-21 10:01 - 2016-04-22 21:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-21 10:01 - 2016-04-22 21:12 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-21 10:01 - 2016-04-22 20:58 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-21 10:01 - 2016-04-22 20:58 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-05-21 10:01 - 2016-04-22 20:54 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-21 10:01 - 2016-04-22 20:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-21 10:01 - 2016-04-22 20:52 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-21 10:01 - 2016-04-22 20:52 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-21 10:01 - 2016-04-22 20:52 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-21 10:01 - 2016-04-22 20:51 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-21 10:01 - 2016-04-22 20:40 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-21 10:01 - 2016-04-22 20:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-21 10:01 - 2016-04-22 20:27 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-21 10:01 - 2016-04-22 20:24 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-21 10:01 - 2016-04-22 20:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-21 10:01 - 2016-04-12 17:46 - 14467584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-05-21 10:01 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-05-21 10:01 - 2016-04-10 07:35 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-05-21 10:01 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-05-21 10:01 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-05-21 10:01 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-05-21 10:01 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-05-21 10:01 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2016-05-21 10:01 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Geolocation.dll
2016-05-21 10:01 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-05-21 10:01 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-05-21 10:01 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-05-21 10:01 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2016-05-21 10:01 - 2016-04-07 18:34 - 00987136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-21 10:01 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-05-21 10:01 - 2016-04-07 17:36 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-21 10:01 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2016-05-21 10:01 - 2016-04-06 23:13 - 00561960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-05-21 10:01 - 2016-04-06 23:13 - 00137976 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-21 10:01 - 2016-04-06 20:20 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2016-05-21 10:01 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-05-21 10:01 - 2016-04-06 20:20 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-21 10:01 - 2016-04-06 20:19 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-21 10:01 - 2016-04-06 20:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-21 10:01 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-05-21 10:01 - 2016-04-06 19:49 - 00120384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-21 10:01 - 2016-04-06 19:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-21 10:01 - 2016-04-06 19:11 - 07074816 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-05-21 10:01 - 2016-04-06 18:57 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-21 10:01 - 2016-04-06 18:52 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-21 10:01 - 2016-04-06 18:40 - 07792640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-05-21 10:01 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-05-21 10:01 - 2016-04-06 18:20 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-21 10:01 - 2016-04-06 18:02 - 05269504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-05-21 10:01 - 2016-04-06 17:48 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-21 10:01 - 2016-04-06 17:29 - 05265408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-05-21 10:01 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-05-21 10:01 - 2016-04-02 16:09 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2016-05-21 10:01 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-05-21 10:01 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-05-21 10:01 - 2016-04-01 19:00 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-05-21 10:01 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-05-21 10:01 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-05-21 10:01 - 2016-04-01 18:42 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-05-21 10:01 - 2016-04-01 18:41 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-05-21 10:01 - 2016-04-01 18:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-05-21 10:01 - 2016-03-31 08:53 - 07446360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-21 10:01 - 2016-03-31 08:51 - 01134776 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-21 10:01 - 2016-03-31 06:36 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-21 10:01 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-05-21 10:01 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-05-21 10:01 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-05-21 10:00 - 2016-04-14 17:25 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-05-21 10:00 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-05-21 10:00 - 2016-04-11 08:21 - 00074584 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2016-05-21 10:00 - 2016-04-10 09:48 - 00738096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-21 10:00 - 2016-04-10 09:48 - 00613624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-21 10:00 - 2016-04-10 07:37 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-21 10:00 - 2016-04-10 06:21 - 01763376 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-21 10:00 - 2016-04-10 06:21 - 01489088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-21 10:00 - 2016-04-10 06:14 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-21 10:00 - 2016-04-10 01:29 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-21 10:00 - 2016-04-10 00:07 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-21 10:00 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-05-21 10:00 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-05-21 10:00 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-21 10:00 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-21 09:43 - 2016-05-21 09:44 - 00000000 ____D C:\Users\Ondřej\Documents\OpenRA
2016-05-21 09:43 - 2016-05-21 09:43 - 12131939 _____ C:\Users\Ondřej\Downloads\OpenRA-release-20160508.exe
2016-05-21 09:43 - 2016-05-21 09:43 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenRA
2016-05-21 09:43 - 2016-05-21 09:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenRA
2016-05-21 09:43 - 2016-05-21 09:43 - 00000000 ____D C:\Program Files (x86)\OpenRA
2016-05-17 19:49 - 2016-05-17 19:49 - 00790776 _____ C:\Users\Ondřej\Downloads\63795-18-7945.zip
2016-05-17 19:49 - 2016-05-17 19:49 - 00738859 _____ C:\Users\Ondřej\Downloads\90805-18-25275.zip
2016-05-17 19:49 - 2013-06-01 18:19 - 00906698 ____N C:\Users\Ondřej\Downloads\Heinlein, Robert Anson - Cizinec v cizi zemi.mobi
2016-05-17 19:49 - 2013-05-31 21:08 - 00883527 ____N C:\Users\Ondřej\Downloads\Heinlein, Robert Anson - Dvere do leta.mobi
2016-05-17 19:39 - 2016-05-17 19:46 - 00000000 ____D C:\Users\Ondřej\Downloads\75458-18-25405
2016-05-17 19:39 - 2016-05-17 19:39 - 00368601 _____ C:\Users\Ondřej\Downloads\75458-18-25405.zip
2016-05-17 19:28 - 2016-05-17 19:28 - 00246791 _____ C:\Users\Ondřej\Downloads\91484-18-15984.zip
2016-05-17 19:27 - 2016-05-17 19:27 - 00303707 _____ C:\Users\Ondřej\Downloads\51713-18-11515.zip
2016-05-17 19:26 - 2016-05-17 19:27 - 00461490 _____ C:\Users\Ondřej\Downloads\47806-18-12216.zip
2016-05-17 19:25 - 2016-05-17 19:25 - 00309758 _____ C:\Users\Ondřej\Downloads\75531-15-11514.zip
2016-05-17 19:23 - 2016-05-17 19:23 - 00000000 ____D C:\Users\Ondřej\Downloads\61820-15-11513
2016-05-17 19:22 - 2016-05-17 19:22 - 00260091 _____ C:\Users\Ondřej\Downloads\61820-15-11513.zip
2016-05-16 20:43 - 2016-05-16 20:43 - 02416640 _____ C:\Users\Ondřej\AppData\Roaming\bflusb.dll
2016-05-16 20:43 - 2016-05-16 20:43 - 02265088 _____ () C:\Users\Ondřej\AppData\Roaming\bfluart.dll
2016-05-16 20:43 - 2016-05-16 20:43 - 02248704 _____ () C:\Users\Ondřej\AppData\Roaming\bfldongle.dll
2016-05-16 20:43 - 2016-05-16 20:43 - 02171392 _____ C:\Users\Ondřej\AppData\Roaming\bfldb.dll
2016-05-16 20:43 - 2016-05-16 20:43 - 00004366 _____ C:\Users\Ondřej\AppData\Roaming\C
2016-05-16 20:43 - 2016-05-16 20:43 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\temp
2016-05-16 20:20 - 2016-05-16 20:20 - 00073789 _____ C:\Users\Ondřej\Downloads\fler_faktura_816016002.pdf
2016-05-16 11:46 - 2016-05-16 11:46 - 00000000 ____D C:\Users\Ondřej\Desktop\fobrt
2016-05-15 19:57 - 2016-05-15 19:58 - 31391744 _____ C:\Users\Ondřej\Downloads\DSC_4407.avi
2016-05-15 19:13 - 2016-05-15 19:13 - 00000000 ____D C:\Users\Ondřej\Downloads\2016-05-13_-_still_life_-_ondra_holba
2016-05-14 15:19 - 2016-05-14 15:20 - 00000000 ____D C:\Users\Ondřej\Downloads\fwdstillliferehersal13_5_2016lafa
2016-05-14 15:19 - 2016-05-14 15:19 - 05178547 _____ C:\Users\Ondřej\Downloads\fwdstillliferehersal13_5_2016lafa.zip
2016-05-14 15:10 - 2016-05-14 15:14 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\The Curious Expedition
2016-05-14 14:59 - 2016-05-14 15:09 - 00000000 ____D C:\Users\Ondřej\Documents\Endless Space
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-13 12:21 - 2015-01-26 00:00 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\uTorrent
2016-06-13 12:21 - 2015-01-24 03:13 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\vlc
2016-06-13 12:12 - 2015-01-26 09:17 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-13 12:04 - 2015-01-24 18:18 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-13 12:02 - 2016-03-16 13:43 - 00000000 ____D C:\ProgramData\BOINC
2016-06-13 11:52 - 2015-02-07 17:46 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d042ed32c14d11.job
2016-06-13 11:50 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-13 11:29 - 2015-12-02 21:24 - 00000922 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-06-13 09:18 - 2015-01-24 02:33 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2460079471-3318468289-1988247580-1001
2016-06-13 08:55 - 2014-03-18 17:33 - 02073088 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-13 08:55 - 2014-03-18 16:54 - 00974410 _____ C:\Windows\system32\perfh005.dat
2016-06-13 08:55 - 2014-03-18 16:54 - 00236664 _____ C:\Windows\system32\perfc005.dat
2016-06-13 08:55 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-06-13 08:52 - 2015-01-24 02:39 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8AB5D8BB-339D-43C7-B0D8-1D0040E0ADC0}
2016-06-13 08:51 - 2015-12-02 21:25 - 00000000 ___RD C:\Users\Ondřej\Dropbox
2016-06-13 08:50 - 2015-12-02 21:24 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-06-13 08:50 - 2015-03-15 23:41 - 00000000 ___DO C:\Users\Ondřej\OneDrive
2016-06-13 08:50 - 2015-01-25 16:43 - 00000000 ___RD C:\Users\Ondřej\Disk Google
2016-06-13 08:50 - 2015-01-25 16:41 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-13 08:49 - 2016-01-05 19:02 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-13 08:49 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-11 16:24 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-11 16:23 - 2016-01-23 15:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-09 12:47 - 2015-03-08 20:36 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-09 12:25 - 2015-04-13 20:26 - 00000132 _____ C:\Users\Ondřej\AppData\Roaming\Formát PNG Adobe CC – předvolby
2016-06-08 20:33 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-08 15:44 - 2015-01-24 02:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-08 11:32 - 2015-01-31 15:27 - 06134784 ___SH C:\Users\Ondřej\Desktop\Thumbs.db
2016-06-07 13:35 - 2015-02-15 22:15 - 01687552 ___SH C:\Users\Ondřej\Downloads\Thumbs.db
2016-06-06 23:40 - 2013-08-22 16:44 - 05586496 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-06 22:28 - 2015-02-02 17:04 - 00001480 _____ C:\Users\Ondřej\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-06-06 21:46 - 2015-01-24 02:15 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Packages
2016-06-05 21:32 - 2015-11-26 11:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-05 21:21 - 2015-12-02 21:24 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-06-05 21:21 - 2015-04-04 13:35 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-06-05 21:21 - 2015-04-04 13:35 - 00000000 ___SD C:\Windows\system32\GWX
2016-06-05 21:21 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-05-31 21:10 - 2015-03-18 12:17 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-31 13:47 - 2015-01-25 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-05-31 12:04 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-30 22:08 - 2015-12-20 20:16 - 00000000 ____D C:\Users\Ondřej\AppData\Local\CrashDumps
2016-05-30 21:11 - 2015-01-28 01:13 - 00000000 ____D C:\Users\Ondřej\Documents\Wastelands-Interactive
2016-05-30 21:11 - 2015-01-28 01:11 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-25 17:17 - 2015-02-28 03:10 - 00000000 ____D C:\Users\Ondřej\Documents\My Games
2016-05-23 23:37 - 2016-02-03 22:22 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-05-23 08:38 - 2016-04-17 19:49 - 00000000 ____D C:\Users\Ondřej\AppData\Local\ElevatedDiagnostics
2016-05-22 17:46 - 2015-01-24 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2016-05-22 17:46 - 2015-01-24 18:23 - 00000000 ____D C:\Program Files\Calibre2
2016-05-22 10:59 - 2015-01-24 16:49 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\MusicBee
2016-05-21 12:57 - 2016-01-05 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-05-21 12:57 - 2015-11-27 00:16 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-21 12:57 - 2015-01-30 23:33 - 00000000 ____D C:\temp
2016-05-21 12:48 - 2016-01-05 19:03 - 00000000 ____D C:\Users\Ondřej\AppData\Local\NVIDIA
2016-05-21 12:46 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-05-21 10:08 - 2015-01-24 15:20 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-21 10:08 - 2015-01-24 14:57 - 00000000 ____D C:\Windows\system32\MRT
2016-05-21 10:08 - 2014-03-18 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-21 10:02 - 2015-01-24 14:57 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-21 10:00 - 2016-05-01 20:53 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-21 10:00 - 2016-05-01 20:53 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-21 10:00 - 2016-05-01 20:53 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-05-21 10:00 - 2016-05-01 20:53 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-21 10:00 - 2016-05-01 20:53 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-21 10:00 - 2016-05-01 20:53 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-05-21 10:00 - 2016-05-01 20:53 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-05-19 18:11 - 2016-04-21 11:38 - 00002365 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2016-05-19 18:11 - 2016-01-23 15:27 - 00003178 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2460079471-3318468289-1988247580-1001
2016-05-16 20:10 - 2015-06-24 10:41 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-14 12:13 - 2015-07-31 20:46 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Bvckup2
==================== Files in the root of some directories =======
2016-05-16 20:43 - 2016-05-16 20:43 - 2171392 _____ () C:\Users\Ondřej\AppData\Roaming\bfldb.dll
2016-05-16 20:43 - 2016-05-16 20:43 - 2248704 _____ () C:\Users\Ondřej\AppData\Roaming\bfldongle.dll
2016-05-16 20:43 - 2016-05-16 20:43 - 2265088 _____ () C:\Users\Ondřej\AppData\Roaming\bfluart.dll
2016-05-16 20:43 - 2016-05-16 20:43 - 2416640 _____ () C:\Users\Ondřej\AppData\Roaming\bflusb.dll
2016-05-16 20:43 - 2016-05-16 20:43 - 0004366 _____ () C:\Users\Ondřej\AppData\Roaming\C
2015-04-10 22:27 - 2015-11-15 22:33 - 0000132 _____ () C:\Users\Ondřej\AppData\Roaming\Filtr IIIExport Adobe CC – předvolby
2015-04-07 17:54 - 2015-07-21 09:17 - 0000132 _____ () C:\Users\Ondřej\AppData\Roaming\Formát BMP Adobe CC – předvolby
2015-04-13 20:26 - 2016-06-09 12:25 - 0000132 _____ () C:\Users\Ondřej\AppData\Roaming\Formát PNG Adobe CC – předvolby
2015-05-16 15:12 - 2015-05-16 15:12 - 182572124 _____ () C:\Users\Ondřej\AppData\Local\ACCCx3_0_1_88.zip.aamdownload
2015-05-16 15:12 - 2015-05-16 15:12 - 0002194 _____ () C:\Users\Ondřej\AppData\Local\ACCCx3_0_1_88.zip.aamdownload.aamd
2015-02-02 17:04 - 2016-06-06 22:28 - 0001480 _____ () C:\Users\Ondřej\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-05-30 14:13 - 2015-05-30 14:13 - 0000000 ___SH () C:\Users\Ondřej\AppData\Local\LumaEmu
2015-01-24 02:33 - 2015-01-24 02:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d038ad9e959b6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d042ed32c14d11.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Windows\HelpPane.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\hh.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\regedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SECOH-QAD.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\splwow64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\twain_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\winhlp32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\write.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\accessibilitycpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acledit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aclui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acppage.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ActionCenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ActionCenterCPL.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ActionQueue.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\activeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adhapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AdmTmpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adrclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsldp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsldpc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adsnt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\advpack.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aecache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AepRoam.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aitagent.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\alg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AltTab.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\amstream.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Apphlpdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppIdPolicyEngineApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appmgmts.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppReadiness.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apprepapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apprepsync.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appsruprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appwiz.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppxAllUserStore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppxApplicabilityEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppXDeploymentClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppxPackaging.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppxSip.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppxStreamingDataSourcePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AppxSysprep.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ARP.EXE:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\at.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AtBroker.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\athuwbx.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\atlthunk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\attrib.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AudioEndpointBuilder.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\auditcse.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AuditNativeSnapIn.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AuditPolicyGPInterop.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AuthBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AuthExt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\authfwcfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AuthFWGP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AuthFWSnapin.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AuthFWWizFwk.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AuthHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AuthHostProxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\authz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\autoconv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\autoplay.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AutoWorkplaceN.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\avicap32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\avifil32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\avrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AxInstSv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AxInstUI.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\azroles.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\azroleui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\AzSqlExt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\baaupdate.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\backgroundTaskHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BackgroundTransferHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\basecsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\batmeter.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdboot.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcdprov.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\bcdsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BCP47Langs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bcryptprimitives.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bdaplgin.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bdechangepin.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bderepair.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BdeSysprep.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bdeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BdeUISrv.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bdeunlock.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bidispl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BioCredProv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BitLockerDeviceEncryption.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BitLockerWizard.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BitLockerWizardElev.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bitsadmin.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bitsigd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bitsperf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bitsprx2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bitsprx3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bitsprx4.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\bitsprx5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bitsprx6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bitsprx7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\biwinrt.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\blb_ps.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\BluetoothApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bootcfg.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\bootim.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BootMenuUX.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bootsect.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bootux.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\brdgcfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bridgeunattend.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BrokerLib.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\browcli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\browser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\browseui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bthci.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BthHFSrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BthMtpContextHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bthpanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BthpanContextHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bthprops.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BthRadioMedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bthserv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BthSQM.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\bthudtask.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\btpanui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Bubbles.scr:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BulkOperationHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\BWContextHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ByteCodeGenerator.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cabinet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cabview.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cacls.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\calc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CallButtons.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CallButtons.ProxyStub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CameraSettingsUIHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\capiprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\capisp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cca.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cdd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cdosys.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certca.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certCredProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certenc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CertEnroll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CertEnrollCtrl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CertEnrollUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CertPolEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certprop.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certreq.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\certutil.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cfgmgr32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cfmifs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cfmifsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\change.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\charmap.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chartv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chcp.com:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CheckNetIsolation.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chglogon.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chgport.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chgusr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chkdsk.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chkntfs.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\chkwudrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\choice.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CHxReadingStringIME.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cic.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\cipher.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CIRCoInst.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clb.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clbcatq.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cleanmgr.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cliconfg.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\cliconfg.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clip.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CloudNotifications.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CloudStorageWizard.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\clusapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmcfg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmdext.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmdial32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmdkey.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmdl32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmifw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmlua.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmmon32.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmpbk32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmstp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmstplua.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cngcredui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cngprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CNHMCA6.dll:$CmdTcID [32]
AlternateDataStreams: C:\Windows\system32\CNQ4809C.dll:$CmdTcID [32]
AlternateDataStreams: C:\Windows\system32\CNQ4809I.dll:$CmdTcID [32]
AlternateDataStreams: C:\Windows\system32\CNQ4809L.dll:$CmdTcID [32]
AlternateDataStreams: C:\Windows\system32\CNQ4809O.dll:$CmdTcID [32]
AlternateDataStreams: C:\Windows\system32\CNQ4809Y.dll:$CmdTcID [32]
AlternateDataStreams: C:\Windows\system32\cnvfat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cofire.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cofiredm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\colbact.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\colorcpl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\colorui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comcat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comdlg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\compact.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CompMgmtLauncher.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CompPkgSup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\compstui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ComputerDefaults.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comrepl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comsnap.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comuid.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ConfigureExpandedStorage.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\connect.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ConnectedAccountState.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ConsentUX.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\console.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\control.exe:$CmdTcID [64]
