VIRY.CZ

Dobrý den, narazil jsem na vir Policie ČR, počítač je po spuštění neskutečně pomalý. V task manageru mam proces csrss.exe a u neho zadna informace ani nejde zastavit a podívat se kde se nachází. Díky.

LOG COMBOFIX:

ComboFix 15-07-23.01 - Deny 29.07.2015 9:32.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.3996.2323 [GMT 2:00]
Spuštěný z: c:\users\Deny\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-06-28 do 2015-07-29 )))))))))))))))))))))))))))))))
.
.
2015-07-29 07:46 . 2015-07-29 07:46 -------- d-----w- c:\users\MSSQL$SQLEXPRESS\AppData\Local\temp
2015-07-29 07:46 . 2015-07-29 07:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-28 12:59 . 2015-07-28 12:59 -------- d-----w- c:\users\Deny\AppData\Roaming\BalsamiqMockups3
2015-07-28 12:59 . 2015-07-28 12:59 -------- d-----w- c:\program files (x86)\Balsamiq Mockups 3
2015-07-28 12:59 . 2015-07-28 12:59 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2015-07-28 08:02 . 2015-07-25 18:04 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-07-28 08:02 . 2015-07-25 18:04 765440 ----a-w- c:\windows\system32\invagent.dll
2015-07-28 08:02 . 2015-07-25 18:03 433664 ----a-w- c:\windows\system32\devinv.dll
2015-07-28 08:02 . 2015-07-25 18:03 1085440 ----a-w- c:\windows\system32\appraiser.dll
2015-07-28 08:02 . 2015-07-25 18:03 67584 ----a-w- c:\windows\system32\acmigration.dll
2015-07-28 08:02 . 2015-07-25 17:55 1145856 ----a-w- c:\windows\system32\aeinv.dll
2015-07-28 08:02 . 2015-07-25 18:03 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-07-28 08:02 . 2015-07-25 18:07 17856 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-07-28 08:01 . 2015-07-15 01:12 12222168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB06802C-5A50-4845-8392-F0FB714894A7}\mpengine.dll
2015-07-26 21:44 . 2015-07-26 21:44 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2015-07-26 11:56 . 2015-07-26 11:56 -------- d-----w- c:\program files\Common Files\DESIGNER
2015-07-26 11:48 . 2015-07-26 11:48 -------- d-----w- c:\program files\Microsoft Analysis Services
2015-07-26 11:47 . 2015-07-26 11:47 -------- d-----w- c:\users\Deny\AppData\Local\Microsoft Help
2015-07-26 11:47 . 2015-07-26 11:53 -------- d-----w- c:\program files\Microsoft Office
2015-07-26 11:47 . 2015-07-27 13:31 -------- d-----w- c:\programdata\Microsoft Help
2015-07-26 11:45 . 2015-07-26 11:45 -------- d-----r- C:\MSOCache
2015-07-26 11:37 . 2015-07-26 11:37 -------- d-----w- c:\program files (x86)\Disc Soft
2015-07-26 11:36 . 2015-07-26 11:36 -------- d-----w- c:\users\Deny\AppData\Roaming\DAEMON Tools Lite
2015-07-26 11:36 . 2015-07-26 11:36 -------- d-----w- c:\programdata\DAEMON Tools Lite
2015-07-23 09:49 . 2012-06-01 05:36 192000 ----a-w- c:\windows\system32\iisRtl.dll
2015-07-23 09:49 . 2012-06-01 05:39 14848 ----a-w- c:\windows\system32\wamregps.dll
2015-07-23 09:49 . 2012-06-01 05:36 11264 ----a-w- c:\windows\system32\iisrstap.dll
2015-07-23 09:49 . 2012-06-01 05:35 60928 ----a-w- c:\windows\system32\ahadmin.dll
2015-07-23 09:49 . 2012-06-01 05:34 55296 ----a-w- c:\windows\system32\admwprox.dll
2015-07-23 09:49 . 2012-06-01 05:33 16896 ----a-w- c:\windows\system32\iisreset.exe
2015-07-23 09:49 . 2012-06-01 04:40 10752 ----a-w- c:\windows\SysWow64\wamregps.dll
2015-07-23 09:49 . 2012-06-01 04:37 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll
2015-07-23 09:49 . 2012-06-01 04:37 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll
2015-07-23 09:49 . 2012-06-01 04:35 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll
2015-07-23 09:49 . 2012-06-01 04:35 50688 ----a-w- c:\windows\SysWow64\admwprox.dll
2015-07-23 09:49 . 2012-06-01 04:34 15360 ----a-w- c:\windows\SysWow64\iisreset.exe
2015-07-22 21:17 . 2015-07-22 21:17 -------- d-----w- c:\program files (x86)\NUnit 2.6.4
2015-07-22 19:26 . 2012-02-11 07:43 253016 ----a-w- c:\windows\system32\SQSRVRES.DLL
2015-07-22 19:24 . 2015-07-22 19:24 -------- d-----w- c:\program files\Microsoft.NET
2015-07-22 19:14 . 2015-07-22 19:14 -------- d-----w- c:\users\Classic .NET AppPool
2015-07-22 19:10 . 2015-07-22 19:10 -------- d-----w- c:\windows\SysWow64\BestPractices
2015-07-22 19:10 . 2015-07-22 19:10 -------- d-----w- c:\windows\system32\BestPractices
2015-07-22 19:10 . 2015-07-22 19:10 -------- d-----w- C:\inetpub
2015-07-22 19:04 . 2015-07-22 20:57 -------- d-----w- c:\users\Deny\AppData\Roaming\TfsNoOptSQMLog
2015-07-22 19:03 . 2015-07-22 20:57 -------- d-----w- c:\users\Deny\AppData\Roaming\TfsSQMLog
2015-07-22 18:59 . 2015-07-22 19:02 -------- d-----w- c:\program files\Microsoft Team Foundation Server 12.0
2015-07-22 18:17 . 2015-07-23 23:05 36032 ----a-w- c:\programdata\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll
2015-07-22 18:12 . 2015-07-22 18:12 -------- d-----w- c:\windows\symbols
2015-07-22 18:11 . 2015-07-22 18:11 -------- d-----w- c:\program files\Microsoft Visual Studio 11.0
2015-07-21 09:08 . 2015-07-15 03:19 41984 ----a-w- c:\windows\system32\lpk.dll
2015-07-21 09:08 . 2015-07-15 03:19 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-07-21 09:08 . 2015-07-15 03:19 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-07-21 09:08 . 2015-07-15 03:19 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-07-21 09:08 . 2015-07-15 02:55 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-07-21 09:08 . 2015-07-15 02:55 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-07-21 09:08 . 2015-07-15 02:55 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-07-21 09:08 . 2015-07-15 02:54 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-07-21 09:08 . 2015-07-15 01:59 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-07-21 09:08 . 2015-07-15 01:52 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-07-15 15:31 . 2015-06-20 19:49 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2015-07-15 15:29 . 2015-07-04 18:07 2087424 ----a-w- c:\windows\system32\ole32.dll
2015-07-15 15:28 . 2015-06-15 21:45 3242496 ----a-w- c:\windows\system32\msi.dll
2015-07-15 15:28 . 2015-06-15 21:45 1941504 ----a-w- c:\windows\system32\authui.dll
2015-07-15 15:28 . 2015-06-15 21:43 2364416 ----a-w- c:\windows\SysWow64\msi.dll
2015-07-15 15:28 . 2015-06-15 21:50 112064 ----a-w- c:\windows\system32\consent.exe
2015-07-15 15:28 . 2015-06-15 21:45 504320 ----a-w- c:\windows\system32\msihnd.dll
2015-07-15 15:28 . 2015-06-15 21:45 70656 ----a-w- c:\windows\system32\appinfo.dll
2015-07-15 15:28 . 2015-06-15 21:44 128000 ----a-w- c:\windows\system32\msiexec.exe
2015-07-15 15:28 . 2015-06-15 21:43 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2015-07-15 15:28 . 2015-06-15 21:43 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2015-07-15 15:28 . 2015-06-15 21:42 73216 ----a-w- c:\windows\SysWow64\msiexec.exe
2015-07-15 15:28 . 2015-06-15 21:42 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-07-15 15:28 . 2015-06-15 21:37 25088 ----a-w- c:\windows\SysWow64\msimsg.dll
2015-07-11 20:16 . 2015-07-11 20:18 -------- d-----w- c:\program files\trend micro
2015-07-11 20:16 . 2015-07-11 20:18 -------- d-----w- C:\rsit
2015-07-10 13:39 . 2015-07-28 11:54 -------- d-----w- C:\$Windows.~BT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-26 08:52 . 2015-01-03 12:28 1234976 ----a-w- c:\programdata\Microsoft\VWDExpress\12.0\1033\ResourceCache.dll
2015-07-26 08:43 . 2014-12-19 21:40 1121344 ----a-w- c:\programdata\Microsoft\WDExpress\12.0\1033\ResourceCache.dll
2015-07-25 23:37 . 2015-02-18 15:28 84448 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2015-07-15 12:50 . 2014-12-19 15:16 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-15 12:50 . 2014-12-19 15:16 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-08 21:36 . 2015-04-15 16:35 18510000 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-07-03 06:43 . 2015-06-12 16:40 130333168 ----a-w- c:\windows\system32\MRT.exe
2015-07-01 20:49 . 2015-07-15 15:29 342016 ----a-w- c:\windows\system32\schannel.dll
2015-07-01 20:30 . 2015-07-15 15:29 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-06-23 11:30 . 2010-11-21 03:27 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-06-16 14:31 . 2015-06-16 14:31 1691816 ----a-w- c:\windows\system32\FM20.DLL
2015-05-25 18:24 . 2015-06-10 10:50 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-10 10:50 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-10 10:50 243712 ----a-w- c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-10 10:50 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-10 10:50 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-10 10:50 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-10 10:50 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 10:50 879104 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 10:50 503808 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-10 10:50 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 10:50 50176 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-10 10:50 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-10 10:50 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-10 10:50 1162752 ----a-w- c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-10 10:50 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-10 10:50 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 10:50 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 10:50 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 10:50 112640 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-10 10:50 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-10 10:50 43008 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-10 10:50 104448 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-10 10:50 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-10 10:50 338432 ----a-w- c:\windows\system32\conhost.exe
2015-05-25 18:11 . 2015-06-10 10:50 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-10 10:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:07 . 2015-06-10 10:50 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 10:50 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-10 10:50 1310744 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-10 10:50 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-10 10:50 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-10 10:50 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-10 10:50 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-10 10:50 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-05-25 18:01 . 2015-06-10 10:50 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-25 18:00 . 2015-06-10 10:50 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-10 10:50 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 10:50 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-05-25 18:00 . 2015-06-10 10:50 37888 ----a-w- c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-10 10:50 82944 ----a-w- c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-10 10:50 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2015-05-25 17:59 . 2015-06-10 10:50 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2015-05-25 17:59 . 2015-06-10 10:50 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2015-05-25 17:55 . 2015-06-10 10:50 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 10:50 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-06-16 14:34 1730264 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-06-16 14:34 1730264 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-06-16 14:34 1730264 ----a-w- c:\progra~2\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoftonicAssistant"="c:\users\Deny\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe" [2015-03-25 1835976]
"AceWebException"="c:\users\Deny\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe" [2015-02-28 22824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\DRIVERS\RTL2832U_IRHID.sys;c:\windows\SYSNATIVE\DRIVERS\RTL2832U_IRHID.sys [x]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys;c:\windows\SYSNATIVE\drivers\RTL2832UBDA.sys [x]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys;c:\windows\SYSNATIVE\Drivers\RTL2832UUSB.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VsEtwService120;Visual Studio ETW Event Collection Service;c:\program files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe;c:\program files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WMSVC;Web Management Service;c:\windows\system32\inetsrv\wmsvc.exe;c:\windows\SYSNATIVE\inetsrv\wmsvc.exe [x]
R4 RsFx0201;RsFx0201 Driver;c:\windows\system32\DRIVERS\RsFx0201.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0201.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe;c:\program files\Motorola\Bluetooth\obexsrv.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 TFSJobAgent;Visual Studio Team Foundation Background Job Agent;c:\program files\Microsoft Team Foundation Server 12.0\Application Tier\TfsJobAgent\TfsJobAgent.exe;c:\program files\Microsoft Team Foundation Server 12.0\Application Tier\TfsJobAgent\TfsJobAgent.exe [x]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe;c:\program files\Motorola\Bluetooth\audiosrv.exe [x]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys;c:\windows\SYSNATIVE\Drivers\btmusb.sys [x]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2015-07-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-19 12:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-06-16 14:31 2335448 ----a-w- c:\progra~1\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-06-16 14:31 2335448 ----a-w- c:\progra~1\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-06-16 14:31 2335448 ----a-w- c:\progra~1\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-28 487424]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-11-30 21705296]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2015-01-28 5595848]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office15\ONBttnIE.dll/105
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 213.46.172.37 213.46.172.36
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Deny\AppData\Roaming\Mozilla\Firefox\Profiles\y24x6afr.default-1428139251595\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-BlazeServoTool - c:\program files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe
.
.
.
Celkový čas: 2015-07-29 09:51:31
ComboFix-quarantined-files.txt 2015-07-29 07:51
ComboFix2.txt 2015-07-12 10:51
ComboFix3.txt 2015-07-11 23:46
.
Před spuštěním: 197 614 796 800 bytes free
Po spuštění: 196 963 356 672 bytes free
.
- - End Of File - - 9CA296846E9451A7A21774127BEC7072
A36C5E4F47E84449FF07ED3517B43A31

Zdravím!
Proč spouštíte ComboFix, utilitu určenou pouze profesinálům, bez doporučení rádce? Hodláte si nabořit systém, nebo některou aplikaci?

Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 . V CF není nic vidět.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
Ran by Deny (administrator) on DENY-PC (29-07-2015 18:25:47)
Running from C:\Users\Deny\Desktop
Loaded Profiles: Deny & MSSQL$SQLEXPRESS (Available Profiles: Deny & MSSQL$SQLEXPRESS & Classic .NET AppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\stacsv64.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Microsoft Team Foundation Server 12.0\Application Tier\TFSJobAgent\TFSJobAgent.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
() C:\Users\Deny\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Jan Fiala) C:\Program Files (x86)\PSPad editor\PSPad.exe
(forum.viry.cz) C:\Users\Deny\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-28] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2028328 2010-01-22] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-01-28] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3627117365-4144886485-159678327-1000\...\Run: [SoftonicAssistant] => C:\Users\Deny\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe [1835976 2015-03-25] ()
HKU\S-1-5-21-3627117365-4144886485-159678327-1000\...\Run: [AceWebException] => C:\Users\Deny\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe [22824 2015-02-28] ()
HKU\S-1-5-21-3627117365-4144886485-159678327-1000\...\Run: [AdobeBridge] => [X]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3627117365-4144886485-159678327-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3627117365-4144886485-159678327-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-13] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-13] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{127159BF-46BB-4B08-956C-BF37552A4C31}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{53F440D9-F7EA-44A4-BCC8-614242FB832D}: [DhcpNameServer] 213.46.172.37 213.46.172.36

FireFox:
========
FF ProfilePath: C:\Users\Deny\AppData\Roaming\Mozilla\Firefox\Profiles\y24x6afr.default-1428139251595
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF Extension: Firebug - C:\Users\Deny\AppData\Roaming\Mozilla\Firefox\Profiles\y24x6afr.default-1428139251595\Extensions\firebug@software.joehewitt.com.xpi [2015-07-29]
FF Extension: Adblock Plus - C:\Users\Deny\AppData\Roaming\Mozilla\Firefox\Profiles\y24x6afr.default-1428139251595\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2015-01-28] (ESET)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2014-12-23] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2014-12-23] (Macrovision Europe Ltd.) [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [192192 2015-05-05] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-05-05] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [244736 2010-01-28] (IDT, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TFSJobAgent; C:\Program Files\Microsoft Team Foundation Server 12.0\Application Tier\TfsJobAgent\TfsJobAgent.exe [51888 2015-06-28] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [159480 2015-03-10] (ESET)
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [336880 2012-10-20] (Microsoft Corporation)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [174368 2010-01-22] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [38944 2010-01-22] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; C:\Windows\SysWOW64\DRIVERS\RTL2832U_IRHID.sys [44320 2009-10-05] (Realtek)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-29 18:25 - 2015-07-29 18:26 - 00012693 _____ C:\Users\Deny\Desktop\FRST.txt
2015-07-29 18:25 - 2015-07-29 18:25 - 00000000 ____D C:\FRST
2015-07-29 18:24 - 2015-07-29 18:24 - 00112640 _____ (forum.viry.cz) C:\Users\Deny\Desktop\FRSTLauncher.exe
2015-07-29 18:21 - 2015-07-29 18:21 - 02169856 _____ (Farbar) C:\Users\Deny\Desktop\FRST64.exe
2015-07-29 16:23 - 2015-07-29 16:23 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-07-29 16:22 - 2015-07-29 16:22 - 00001075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2015-07-29 16:21 - 2015-07-29 16:21 - 00001207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2015-07-29 16:19 - 2015-07-29 16:28 - 00000000 ____D C:\Program Files\Adobe
2015-07-29 16:19 - 2015-07-29 16:19 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-07-29 16:18 - 2015-07-29 16:18 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2015-07-29 16:12 - 2015-07-29 16:12 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-07-29 16:12 - 2015-07-29 16:12 - 00001353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2015-07-29 16:06 - 2015-07-29 16:22 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-29 12:06 - 2015-07-29 12:23 - 299651233 _____ C:\Users\Deny\Downloads\Adobe Dreamweaver CS6.exe
2015-07-29 12:04 - 2015-07-29 12:48 - 00000000 ____D C:\Users\Deny\Downloads\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]
2015-07-29 09:51 - 2015-07-29 09:51 - 00026296 _____ C:\ComboFix.txt
2015-07-29 01:06 - 2015-01-18 15:57 - 00000000 ____D C:\Users\Deny\Desktop\wordpress
2015-07-29 01:05 - 2015-07-29 01:05 - 07122631 _____ C:\Users\Deny\Downloads\wordpress-4.1-cs_CZ.zip
2015-07-28 16:27 - 2015-07-28 16:43 - 00000000 ____D C:\Users\Deny\Desktop\port
2015-07-28 15:37 - 2015-07-28 15:39 - 45198752 _____ C:\Users\Deny\Downloads\photo-1414849424631-8b18529a81ca
2015-07-28 14:59 - 2015-07-28 14:59 - 00000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Balsamiq Mockups 3.lnk
2015-07-28 14:59 - 2015-07-28 14:59 - 00000971 _____ C:\Users\Public\Desktop\Balsamiq Mockups 3.lnk
2015-07-28 14:59 - 2015-07-28 14:59 - 00000000 ____D C:\Users\Deny\AppData\Roaming\BalsamiqMockups3.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1
2015-07-28 14:59 - 2015-07-28 14:59 - 00000000 ____D C:\Users\Deny\AppData\Roaming\BalsamiqMockups3
2015-07-28 14:59 - 2015-07-28 14:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-07-28 14:59 - 2015-07-28 14:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-07-28 14:59 - 2015-07-28 14:59 - 00000000 ____D C:\Program Files (x86)\Balsamiq Mockups 3
2015-07-28 14:57 - 2015-07-28 14:57 - 03853056 _____ C:\Users\Deny\Downloads\Balsamiq_Mockups_3.1.7.exe
2015-07-28 10:02 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 10:02 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 10:02 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 10:02 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 10:02 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 10:02 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 10:02 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 10:02 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 23:23 - 2015-07-28 00:34 - 00000000 ____D C:\Users\Deny\Downloads\Rocky Balboa (2006) [1080p]
2015-07-26 23:44 - 2015-07-26 23:44 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-07-26 23:44 - 2015-07-26 23:44 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-07-26 14:00 - 2015-07-26 14:00 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-07-26 13:58 - 2015-07-27 15:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-26 13:56 - 2015-07-26 13:56 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-07-26 13:48 - 2015-07-26 13:48 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-07-26 13:47 - 2015-07-27 15:31 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-26 13:47 - 2015-07-26 13:53 - 00000000 ____D C:\Program Files\Microsoft Office
2015-07-26 13:47 - 2015-07-26 13:47 - 00000000 ____D C:\Users\Deny\AppData\Local\Microsoft Help
2015-07-26 13:45 - 2015-07-26 13:45 - 00000000 ___RD C:\MSOCache
2015-07-26 13:44 - 2015-07-26 13:44 - 00000000 ____D C:\Users\Deny\Desktop\New folder (2)
2015-07-26 13:37 - 2015-07-26 13:37 - 00000000 ____D C:\Program Files (x86)\Disc Soft
2015-07-26 13:36 - 2015-07-26 13:36 - 00000000 ____D C:\Users\Deny\AppData\Roaming\DAEMON Tools Lite
2015-07-26 13:36 - 2015-07-26 13:36 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-07-26 13:35 - 2015-07-26 13:35 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Deny\Downloads\DTLiteInstaller.exe
2015-07-26 12:29 - 2015-07-26 12:53 - 806676480 _____ C:\Users\Deny\Downloads\OfficeProfessionalPlus_x64_en-us.img
2015-07-26 01:39 - 2015-07-26 01:39 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2013
2015-07-26 01:39 - 2015-07-26 01:39 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2013
2015-07-26 01:35 - 2015-07-26 01:35 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2015-07-26 01:35 - 2015-07-26 01:35 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2015-07-25 13:59 - 2011-05-26 23:14 - 00000000 ____D C:\Users\Deny\Desktop\Nejlepší odpovědi na 300 nejčastějších otázek u přijímacího pohovoru
2015-07-25 13:57 - 2015-07-25 13:58 - 26516908 _____ C:\Users\Deny\Downloads\Nejlepší-odpovědi-na-300-nejčastějších-otázek-u-přijímacího-pohovoru.rar
2015-07-24 01:05 - 2015-07-24 01:05 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2015-07-24 01:05 - 2015-07-24 01:05 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2015-07-23 12:51 - 2015-07-23 12:51 - 00000000 ____D C:\Users\Deny\Desktop\StudentInformationSystem
2015-07-23 11:49 - 2012-06-01 07:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2015-07-23 11:49 - 2012-06-01 07:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2015-07-23 11:49 - 2012-06-01 07:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2015-07-23 11:49 - 2012-06-01 07:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2015-07-23 11:49 - 2012-06-01 07:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2015-07-23 11:49 - 2012-06-01 07:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2015-07-23 11:49 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2015-07-23 11:49 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2015-07-23 11:49 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2015-07-23 11:49 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2015-07-23 11:49 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2015-07-23 11:49 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2015-07-22 23:53 - 2015-07-22 23:53 - 00000000 ____D C:\Users\Deny\Desktop\cash
2015-07-22 23:52 - 2015-07-22 23:52 - 00004986 _____ C:\Users\Deny\Downloads\source.zip
2015-07-22 23:17 - 2015-07-22 23:17 - 00000000 ____D C:\Users\Deny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NUnit 2.6.4
2015-07-22 23:17 - 2015-07-22 23:17 - 00000000 ____D C:\Program Files (x86)\NUnit 2.6.4
2015-07-22 23:16 - 2015-07-22 23:16 - 03023406 _____ C:\Users\Deny\Downloads\NUnit-2.6.4.msi
2015-07-22 21:26 - 2012-02-11 09:43 - 00253016 _____ (Microsoft Corporation) C:\Windows\system32\SQSRVRES.DLL
2015-07-22 21:14 - 2015-07-22 21:14 - 00000020 ___SH C:\Users\Classic .NET AppPool\ntuser.ini
2015-07-22 21:14 - 2015-07-22 21:14 - 00000000 ____D C:\Users\Classic .NET AppPool
2015-07-22 21:14 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-22 21:14 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-22 21:11 - 2015-07-26 10:22 - 00058584 _____ C:\Windows\iis7.log
2015-07-22 21:10 - 2015-07-22 21:10 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2015-07-22 21:10 - 2015-07-22 21:10 - 00000000 ____D C:\Windows\system32\BestPractices
2015-07-22 21:10 - 2015-07-22 21:10 - 00000000 ____D C:\inetpub
2015-07-22 21:04 - 2015-07-22 22:57 - 00000000 ____D C:\Users\Deny\AppData\Roaming\TfsNoOptSQMLog
2015-07-22 21:03 - 2015-07-22 22:57 - 00000000 ____D C:\Users\Deny\AppData\Roaming\TfsSQMLog
2015-07-22 21:00 - 2015-07-22 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio Team Foundation Server 2013
2015-07-22 20:59 - 2015-07-22 21:02 - 00000000 ____D C:\Program Files\Microsoft Team Foundation Server 12.0
2015-07-22 20:40 - 2015-07-22 20:40 - 00827256 _____ (Microsoft Corporation) C:\Users\Deny\Downloads\tfs_server.exe
2015-07-22 20:16 - 2015-07-22 20:29 - 00000000 ____D C:\Users\Deny\Documents\Visual Studio 2012
2015-07-22 20:14 - 2015-07-22 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2015-07-22 20:12 - 2015-07-22 20:12 - 00000000 ____D C:\Windows\symbols
2015-07-22 20:11 - 2015-07-22 20:11 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2015-07-22 20:08 - 2015-07-22 20:08 - 00914280 _____ (Microsoft Corporation) C:\Users\Deny\Downloads\vs_testprofessional.exe
2015-07-22 13:48 - 2015-07-22 13:48 - 00000112 _____ C:\Users\Deny\Desktop\dffs.xml
2015-07-21 15:19 - 2014-01-30 10:54 - 00000000 ____D C:\Users\Deny\Desktop\Magister
2015-07-21 15:18 - 2015-07-21 15:18 - 00528912 _____ C:\Users\Deny\Downloads\magister.zip
2015-07-21 15:09 - 2015-07-21 15:09 - 00010971 _____ C:\Users\Deny\Downloads\index.html
2015-07-21 11:08 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 11:08 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 11:08 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 11:08 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 11:08 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 11:08 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 11:08 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 11:08 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 11:08 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 11:08 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 00:36 - 2015-07-21 00:36 - 00038086 _____ C:\Users\Deny\Downloads\predestination-english-yify-30785.zip
2015-07-21 00:36 - 2014-11-23 14:13 - 00100439 _____ C:\Users\Deny\Desktop\Predestination.2014.720p.BluRay.x264.YIFY.srt
2015-07-20 23:22 - 2015-07-21 23:35 - 00000000 ____D C:\Users\Deny\Downloads\Still Alice (2014) [1080p]
2015-07-20 23:22 - 2015-07-21 00:17 - 00000000 ____D C:\Users\Deny\Downloads\Predestination (2014) [1080p]
2015-07-20 15:28 - 2015-07-20 15:28 - 00000300 _____ C:\Users\Deny\Documents\dbo.Uzivatel.sql
2015-07-18 23:55 - 2015-07-23 12:49 - 00000121 _____ C:\Users\Deny\Desktop\SQLQuery1.sql
2015-07-15 17:32 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 17:32 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 17:32 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 17:32 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 17:32 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 17:32 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 17:32 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 17:32 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 17:32 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 17:32 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 17:32 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 17:32 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 17:32 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 17:32 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 17:32 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 17:32 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 17:32 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 17:32 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 17:32 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 17:32 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 17:32 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 17:32 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 17:32 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 17:32 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 17:32 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 17:32 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 17:32 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 17:32 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 17:32 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 17:31 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 17:31 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 17:31 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 17:31 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 17:31 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 17:31 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 17:31 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 17:31 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 17:31 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 17:31 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 17:31 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 17:31 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 17:31 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 17:31 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 17:31 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 17:31 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 17:31 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 17:31 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 17:31 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 17:31 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 17:31 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 17:31 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 17:31 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 17:31 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 17:31 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 17:31 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 17:31 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 17:31 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 17:31 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 17:31 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 17:31 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 17:31 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 17:31 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 17:31 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 17:31 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 17:31 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 17:31 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 17:31 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 17:31 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 17:31 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 17:31 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 17:31 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 17:31 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 17:31 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 17:29 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 17:29 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 17:29 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 17:29 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 17:29 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 17:29 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 17:29 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 17:29 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 17:29 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 17:29 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 17:29 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 17:29 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 17:29 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 17:29 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 17:29 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 17:29 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 17:29 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 17:29 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 17:29 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 17:29 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 17:29 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 17:29 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 17:29 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 17:29 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 17:29 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 17:29 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 17:29 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 17:29 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 17:29 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 17:28 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 17:28 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 17:28 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 17:28 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 17:28 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 17:28 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 17:28 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 17:28 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 17:28 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 17:28 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 17:28 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 17:28 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-11 23:28 - 2015-07-11 23:28 - 00001138 _____ C:\Users\Deny\Desktop\ComboFix - Shortcut.lnk
2015-07-11 22:45 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-11 22:45 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-11 22:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-11 22:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-11 22:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-11 22:45 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-11 22:45 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-11 22:45 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-11 22:44 - 2015-07-29 09:51 - 00000000 ____D C:\Qoobox
2015-07-11 22:43 - 2015-07-12 12:40 - 00000000 ____D C:\Windows\erdnt
2015-07-11 22:42 - 2015-07-29 09:25 - 05633622 ____R (Swearware) C:\Users\Deny\Downloads\ComboFix.exe
2015-07-11 22:16 - 2015-07-11 22:18 - 00000000 ____D C:\rsit
2015-07-11 22:16 - 2015-07-11 22:18 - 00000000 ____D C:\Program Files\trend micro
2015-07-11 22:16 - 2015-07-11 22:16 - 01222144 _____ C:\Users\Deny\Downloads\RSITx64.exe
2015-07-10 21:27 - 2015-07-10 22:36 - 733661064 _____ C:\Users\Deny\Downloads\Pantani The Accidental Death Of A Cyclist 2014.avi
2015-07-10 15:39 - 2015-07-28 13:54 - 00000000 ____D C:\$Windows.~BT
2015-07-08 18:46 - 2015-07-27 15:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-05 17:57 - 2015-07-05 18:15 - 630616340 _____ C:\Users\Deny\Downloads\Hot.Girls.Wanted.2015.720p.WEBRip.600MB.MkvCage.mkv
2015-07-01 20:01 - 2015-07-01 20:01 - 01325518 _____ C:\Users\Deny\Downloads\slouceneJR_od_2015-07-01.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-29 18:20 - 2014-12-19 15:34 - 01263023 _____ C:\Windows\WindowsUpdate.log
2015-07-29 17:35 - 2014-12-19 17:16 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-29 16:44 - 2014-12-19 18:00 - 00000000 ____D C:\Users\Deny\AppData\Roaming\Adobe
2015-07-29 16:35 - 2014-12-19 17:15 - 00000000 ____D C:\Users\Deny\AppData\Local\Adobe
2015-07-29 16:31 - 2014-12-19 18:04 - 00118728 _____ C:\Users\Deny\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-29 16:28 - 2015-01-01 23:25 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-29 16:23 - 2015-01-01 23:24 - 00000000 ____D C:\ProgramData\Adobe
2015-07-29 16:01 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-29 16:01 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-29 15:59 - 2009-07-14 07:13 - 00986036 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-29 15:54 - 2014-12-19 18:04 - 00000000 ____D C:\Users\Deny\AppData\Local\SoftonicAssistant
2015-07-29 15:51 - 2010-11-21 05:47 - 00019504 _____ C:\Windows\PFRO.log
2015-07-29 15:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-29 15:51 - 2009-07-14 06:51 - 00054562 _____ C:\Windows\setupact.log
2015-07-29 13:36 - 2014-12-20 19:02 - 00000000 ____D C:\Users\Deny\AppData\Roaming\uTorrent
2015-07-29 10:16 - 2014-12-20 21:38 - 00000000 ____D C:\Users\Deny\AppData\Roaming\vlc
2015-07-29 09:46 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-29 02:09 - 2014-12-21 11:34 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-28 13:48 - 2015-02-14 22:23 - 00000000 ____D C:\Users\Deny\AppData\Roaming\moztrap-fff1b9d09ebe1b62d05cc4f5b2063720
2015-07-28 13:47 - 2015-06-06 20:11 - 00000000 ____D C:\ProgramData\BlazeVideo
2015-07-28 13:46 - 2014-12-26 20:04 - 00000000 ____D C:\Users\Deny\AppData\Roaming\.ACEStream
2015-07-28 13:46 - 2014-12-26 20:02 - 00000000 ____D C:\Users\Deny\AppData\Roaming\ACEStream
2015-07-28 13:14 - 2014-12-20 00:27 - 00000000 ____D C:\Windows\Panther
2015-07-28 00:41 - 2015-05-27 01:48 - 2900188462 _____ C:\Users\Deny\Downloads\Rihanna.Samuel.Barmaid.Got.Laid.PublicPickUps.2012.HD_iyutero.com.mp4
2015-07-27 15:16 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-07-27 08:41 - 2009-07-14 06:45 - 00453032 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-27 00:30 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-27 00:22 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-07-26 17:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-26 13:57 - 2011-04-12 10:28 - 00000000 ____D C:\Windows\ShellNew
2015-07-26 13:47 - 2015-02-18 17:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-07-26 10:45 - 2015-02-13 18:39 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS
2015-07-26 10:45 - 2014-12-19 21:43 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-07-26 10:45 - 2014-12-19 21:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-07-26 10:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2015-07-26 10:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2015-07-26 01:38 - 2014-12-19 20:40 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-25 11:57 - 2015-04-05 03:01 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-25 04:01 - 2015-02-18 17:32 - 00000000 ____D C:\Users\Deny\Documents\SQL Server Management Studio
2015-07-22 21:26 - 2015-02-13 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012
2015-07-22 21:13 - 2014-12-19 20:48 - 00951716 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-22 20:21 - 2009-07-14 07:08 - 00032570 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-22 20:16 - 2014-12-19 23:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-07-22 20:12 - 2014-12-19 21:44 - 00000000 ____D C:\Windows\system32\1033
2015-07-22 13:48 - 2015-02-11 20:37 - 00000000 __SHD C:\Users\Deny\AppData\Local\EmieUserList
2015-07-22 13:48 - 2015-02-11 20:37 - 00000000 __SHD C:\Users\Deny\AppData\Local\EmieSiteList
2015-07-22 13:48 - 2015-02-11 20:37 - 00000000 __SHD C:\Users\Deny\AppData\Local\EmieBrowserModeList
2015-07-20 14:55 - 2014-12-19 23:40 - 00000000 ____D C:\Users\Deny\Documents\Visual Studio 2013
2015-07-18 02:32 - 2015-04-05 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 15:19 - 2015-01-01 23:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 15:16 - 2015-06-23 23:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 09:53 - 2014-12-21 11:34 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 09:25 - 2015-06-12 18:41 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 14:50 - 2014-12-19 17:16 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 14:50 - 2014-12-19 17:16 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 14:50 - 2014-12-19 17:16 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-09 12:11 - 2014-12-19 17:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-08 23:36 - 2015-04-15 18:35 - 18510000 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-06 19:33 - 2015-02-11 15:09 - 00000000 ____D C:\Users\Deny\Desktop\web1
2015-07-03 08:43 - 2015-06-12 18:40 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 02:33 - 2014-12-23 15:44 - 00006786 _____ C:\Users\Deny\AppData\Local\mbt-actwiz.log

==================== Files in the root of some directories =======

2015-02-19 19:14 - 2015-02-19 19:01 - 198180864 _____ () C:\Program Files\AdventureWorks2012_Data.mdf
2014-12-23 15:44 - 2015-07-02 02:33 - 0006786 _____ () C:\Users\Deny\AppData\Local\mbt-actwiz.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Deny\Desktop" je 2156 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v4.208 - Logfile created 29/07/2015 at 21:12:46
# Updated 09/07/2015 by Xplode
# Database : 2015-07-26.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Deny - DENY-PC
# Running from : C:\Users\Deny\Desktop\adwcleaner_4.208.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ytd video downloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Users\Deny\AppData\Local\SoftonicAssistant
Folder Deleted : C:\Users\Deny\AppData\Roaming\AceWebExtension
File Deleted : C:\Users\Public\Desktop\YTD Video Downloader.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\SiteSee
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftonicAssistant
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17909


-\\ Mozilla Firefox v39.0 (x86 en-US)


*************************

AdwCleaner[R0].txt - [833 bytes] - [21/12/2014 23:12:15]
AdwCleaner[R1].txt - [1658 bytes] - [29/07/2015 21:11:15]
AdwCleaner[S0].txt - [853 bytes] - [21/12/2014 23:14:16]
AdwCleaner[S1].txt - [1563 bytes] - [29/07/2015 21:12:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1622 bytes] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
Ran by Deny (administrator) on DENY-PC (29-07-2015 22:36:48)
Running from C:\Users\Deny\Desktop
Loaded Profiles: Deny & MSSQL$SQLEXPRESS (Available Profiles: Deny & MSSQL$SQLEXPRESS & Classic .NET AppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\stacsv64.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Microsoft Team Foundation Server 12.0\Application Tier\TFSJobAgent\TFSJobAgent.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(forum.viry.cz) C:\Users\Deny\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-28] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2028328 2010-01-22] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-01-28] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3627117365-4144886485-159678327-1000\...\Run: [SoftonicAssistant] => "C:\Users\Deny\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe"
HKU\S-1-5-21-3627117365-4144886485-159678327-1000\...\Run: [AceWebException] => C:\Users\Deny\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe
HKU\S-1-5-21-3627117365-4144886485-159678327-1000\...\Run: [AdobeBridge] => [X]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3627117365-4144886485-159678327-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3627117365-4144886485-159678327-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-13] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-13] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{127159BF-46BB-4B08-956C-BF37552A4C31}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{53F440D9-F7EA-44A4-BCC8-614242FB832D}: [DhcpNameServer] 213.46.172.37 213.46.172.36

FireFox:
========
FF ProfilePath: C:\Users\Deny\AppData\Roaming\Mozilla\Firefox\Profiles\y24x6afr.default-1428139251595
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF Extension: Firebug - C:\Users\Deny\AppData\Roaming\Mozilla\Firefox\Profiles\y24x6afr.default-1428139251595\Extensions\firebug@software.joehewitt.com.xpi [2015-07-29]
FF Extension: Adblock Plus - C:\Users\Deny\AppData\Roaming\Mozilla\Firefox\Profiles\y24x6afr.default-1428139251595\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2015-01-28] (ESET)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2014-12-23] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2014-12-23] (Macrovision Europe Ltd.) [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [192192 2015-05-05] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-05-05] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [244736 2010-01-28] (IDT, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TFSJobAgent; C:\Program Files\Microsoft Team Foundation Server 12.0\Application Tier\TfsJobAgent\TfsJobAgent.exe [51888 2015-06-28] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [159480 2015-03-10] (ESET)
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [336880 2012-10-20] (Microsoft Corporation)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [174368 2010-01-22] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [38944 2010-01-22] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; C:\Windows\SysWOW64\DRIVERS\RTL2832U_IRHID.sys [44320 2009-10-05] (Realtek)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-29 22:36 - 2015-07-29 22:37 - 00012600 _____ C:\Users\Deny\Desktop\FRST.txt
2015-07-29 21:10 - 2015-07-29 21:10 - 02248704 _____ C:\Users\Deny\Desktop\adwcleaner_4.208.exe
2015-07-29 18:29 - 2015-07-29 18:29 - 00006306 _____ C:\Users\Deny\Desktop\Addition.rar
2015-07-29 18:25 - 2015-07-29 22:36 - 00000000 ____D C:\FRST
2015-07-29 18:24 - 2015-07-29 18:24 - 00112640 _____ (forum.viry.cz) C:\Users\Deny\Desktop\FRSTLauncher.exe
2015-07-29 18:21 - 2015-07-29 18:21 - 02169856 _____ (Farbar) C:\Users\Deny\Desktop\FRST64.exe
2015-07-29 16:23 - 2015-07-29 16:23 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-07-29 16:22 - 2015-07-29 16:22 - 00001075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2015-07-29 16:21 - 2015-07-29 16:21 - 00001207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2015-07-29 16:19 - 2015-07-29 16:28 - 00000000 ____D C:\Program Files\Adobe
2015-07-29 16:19 - 2015-07-29 16:19 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-07-29 16:18 - 2015-07-29 16:18 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2015-07-29 16:12 - 2015-07-29 16:12 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-07-29 16:12 - 2015-07-29 16:12 - 00001353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2015-07-29 16:06 - 2015-07-29 16:22 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-29 12:06 - 2015-07-29 12:23 - 299651233 _____ C:\Users\Deny\Downloads\Adobe Dreamweaver CS6.exe
2015-07-29 12:04 - 2015-07-29 12:48 - 00000000 ____D C:\Users\Deny\Downloads\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]
2015-07-29 09:51 - 2015-07-29 09:51 - 00026296 _____ C:\ComboFix.txt
2015-07-29 01:06 - 2015-01-18 15:57 - 00000000 ____D C:\Users\Deny\Desktop\wordpress
2015-07-29 01:05 - 2015-07-29 01:05 - 07122631 _____ C:\Users\Deny\Downloads\wordpress-4.1-cs_CZ.zip
2015-07-28 16:27 - 2015-07-28 16:43 - 00000000 ____D C:\Users\Deny\Desktop\port
2015-07-28 15:37 - 2015-07-28 15:39 - 45198752 _____ C:\Users\Deny\Downloads\photo-1414849424631-8b18529a81ca
2015-07-28 14:59 - 2015-07-28 14:59 - 00000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Balsamiq Mockups 3.lnk
2015-07-28 14:59 - 2015-07-28 14:59 - 00000971 _____ C:\Users\Public\Desktop\Balsamiq Mockups 3.lnk
2015-07-28 14:59 - 2015-07-28 14:59 - 00000000 ____D C:\Users\Deny\AppData\Roaming\BalsamiqMockups3.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1
2015-07-28 14:59 - 2015-07-28 14:59 - 00000000 ____D C:\Users\Deny\AppData\Roaming\BalsamiqMockups3
2015-07-28 14:59 - 2015-07-28 14:59 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-07-28 14:59 - 2015-07-28 14:59 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-07-28 14:59 - 2015-07-28 14:59 - 00000000 ____D C:\Program Files (x86)\Balsamiq Mockups 3
2015-07-28 14:57 - 2015-07-28 14:57 - 03853056 _____ C:\Users\Deny\Downloads\Balsamiq_Mockups_3.1.7.exe
2015-07-28 10:02 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 10:02 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 10:02 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 10:02 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 10:02 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 10:02 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 10:02 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 10:02 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 23:23 - 2015-07-28 00:34 - 00000000 ____D C:\Users\Deny\Downloads\Rocky Balboa (2006) [1080p]
2015-07-26 23:44 - 2015-07-26 23:44 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-07-26 23:44 - 2015-07-26 23:44 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-07-26 14:00 - 2015-07-26 14:00 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-07-26 13:58 - 2015-07-27 15:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-26 13:56 - 2015-07-26 13:56 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-07-26 13:48 - 2015-07-26 13:48 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-07-26 13:47 - 2015-07-27 15:31 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-26 13:47 - 2015-07-26 13:53 - 00000000 ____D C:\Program Files\Microsoft Office
2015-07-26 13:47 - 2015-07-26 13:47 - 00000000 ____D C:\Users\Deny\AppData\Local\Microsoft Help
2015-07-26 13:45 - 2015-07-26 13:45 - 00000000 ___RD C:\MSOCache
2015-07-26 13:44 - 2015-07-26 13:44 - 00000000 ____D C:\Users\Deny\Desktop\New folder (2)
2015-07-26 13:37 - 2015-07-26 13:37 - 00000000 ____D C:\Program Files (x86)\Disc Soft
2015-07-26 13:36 - 2015-07-26 13:36 - 00000000 ____D C:\Users\Deny\AppData\Roaming\DAEMON Tools Lite
2015-07-26 13:36 - 2015-07-26 13:36 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-07-26 13:35 - 2015-07-26 13:35 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Deny\Downloads\DTLiteInstaller.exe
2015-07-26 12:29 - 2015-07-26 12:53 - 806676480 _____ C:\Users\Deny\Downloads\OfficeProfessionalPlus_x64_en-us.img
2015-07-26 01:39 - 2015-07-26 01:39 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2013
2015-07-26 01:39 - 2015-07-26 01:39 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2013
2015-07-26 01:35 - 2015-07-26 01:35 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010
2015-07-26 01:35 - 2015-07-26 01:35 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010
2015-07-25 13:59 - 2011-05-26 23:14 - 00000000 ____D C:\Users\Deny\Desktop\Nejlepší odpovědi na 300 nejčastějších otázek u přijímacího pohovoru
2015-07-25 13:57 - 2015-07-25 13:58 - 26516908 _____ C:\Users\Deny\Downloads\Nejlepší-odpovědi-na-300-nejčastějších-otázek-u-přijímacího-pohovoru.rar
2015-07-24 01:05 - 2015-07-24 01:05 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2015-07-24 01:05 - 2015-07-24 01:05 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2015-07-23 12:51 - 2015-07-23 12:51 - 00000000 ____D C:\Users\Deny\Desktop\StudentInformationSystem
2015-07-23 11:49 - 2012-06-01 07:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2015-07-23 11:49 - 2012-06-01 07:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2015-07-23 11:49 - 2012-06-01 07:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2015-07-23 11:49 - 2012-06-01 07:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2015-07-23 11:49 - 2012-06-01 07:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2015-07-23 11:49 - 2012-06-01 07:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2015-07-23 11:49 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2015-07-23 11:49 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2015-07-23 11:49 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2015-07-23 11:49 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2015-07-23 11:49 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2015-07-23 11:49 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2015-07-22 23:53 - 2015-07-22 23:53 - 00000000 ____D C:\Users\Deny\Desktop\cash
2015-07-22 23:52 - 2015-07-22 23:52 - 00004986 _____ C:\Users\Deny\Downloads\source.zip
2015-07-22 23:17 - 2015-07-22 23:17 - 00000000 ____D C:\Users\Deny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NUnit 2.6.4
2015-07-22 23:17 - 2015-07-22 23:17 - 00000000 ____D C:\Program Files (x86)\NUnit 2.6.4
2015-07-22 23:16 - 2015-07-22 23:16 - 03023406 _____ C:\Users\Deny\Downloads\NUnit-2.6.4.msi
2015-07-22 21:26 - 2012-02-11 09:43 - 00253016 _____ (Microsoft Corporation) C:\Windows\system32\SQSRVRES.DLL
2015-07-22 21:14 - 2015-07-22 21:14 - 00000020 ___SH C:\Users\Classic .NET AppPool\ntuser.ini
2015-07-22 21:14 - 2015-07-22 21:14 - 00000000 ____D C:\Users\Classic .NET AppPool
2015-07-22 21:14 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-22 21:14 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-22 21:11 - 2015-07-26 10:22 - 00058584 _____ C:\Windows\iis7.log
2015-07-22 21:10 - 2015-07-22 21:10 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2015-07-22 21:10 - 2015-07-22 21:10 - 00000000 ____D C:\Windows\system32\BestPractices
2015-07-22 21:10 - 2015-07-22 21:10 - 00000000 ____D C:\inetpub
2015-07-22 21:04 - 2015-07-22 22:57 - 00000000 ____D C:\Users\Deny\AppData\Roaming\TfsNoOptSQMLog
2015-07-22 21:03 - 2015-07-22 22:57 - 00000000 ____D C:\Users\Deny\AppData\Roaming\TfsSQMLog
2015-07-22 21:00 - 2015-07-22 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio Team Foundation Server 2013
2015-07-22 20:59 - 2015-07-22 21:02 - 00000000 ____D C:\Program Files\Microsoft Team Foundation Server 12.0
2015-07-22 20:40 - 2015-07-22 20:40 - 00827256 _____ (Microsoft Corporation) C:\Users\Deny\Downloads\tfs_server.exe
2015-07-22 20:16 - 2015-07-22 20:29 - 00000000 ____D C:\Users\Deny\Documents\Visual Studio 2012
2015-07-22 20:14 - 2015-07-22 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2015-07-22 20:12 - 2015-07-22 20:12 - 00000000 ____D C:\Windows\symbols
2015-07-22 20:11 - 2015-07-22 20:11 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2015-07-22 20:08 - 2015-07-22 20:08 - 00914280 _____ (Microsoft Corporation) C:\Users\Deny\Downloads\vs_testprofessional.exe
2015-07-22 13:48 - 2015-07-22 13:48 - 00000112 _____ C:\Users\Deny\Desktop\dffs.xml
2015-07-21 15:19 - 2014-01-30 10:54 - 00000000 ____D C:\Users\Deny\Desktop\Magister
2015-07-21 15:18 - 2015-07-21 15:18 - 00528912 _____ C:\Users\Deny\Downloads\magister.zip
2015-07-21 15:09 - 2015-07-21 15:09 - 00010971 _____ C:\Users\Deny\Downloads\index.html
2015-07-21 11:08 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 11:08 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 11:08 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 11:08 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 11:08 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 11:08 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 11:08 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 11:08 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 11:08 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 11:08 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 00:36 - 2015-07-21 00:36 - 00038086 _____ C:\Users\Deny\Downloads\predestination-english-yify-30785.zip
2015-07-21 00:36 - 2014-11-23 14:13 - 00100439 _____ C:\Users\Deny\Desktop\Predestination.2014.720p.BluRay.x264.YIFY.srt
2015-07-20 23:22 - 2015-07-21 23:35 - 00000000 ____D C:\Users\Deny\Downloads\Still Alice (2014) [1080p]
2015-07-20 23:22 - 2015-07-21 00:17 - 00000000 ____D C:\Users\Deny\Downloads\Predestination (2014) [1080p]
2015-07-20 15:28 - 2015-07-20 15:28 - 00000300 _____ C:\Users\Deny\Documents\dbo.Uzivatel.sql
2015-07-18 23:55 - 2015-07-23 12:49 - 00000121 _____ C:\Users\Deny\Desktop\SQLQuery1.sql
2015-07-15 17:32 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 17:32 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 17:32 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 17:32 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 17:32 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 17:32 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 17:32 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 17:32 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 17:32 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 17:32 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 17:32 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 17:32 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 17:32 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 17:32 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 17:32 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 17:32 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 17:32 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 17:32 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 17:32 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 17:32 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 17:32 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 17:32 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 17:32 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 17:32 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 17:32 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 17:32 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 17:32 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 17:32 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 17:32 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 17:32 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 17:31 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 17:31 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 17:31 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 17:31 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 17:31 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 17:31 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 17:31 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 17:31 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 17:31 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 17:31 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 17:31 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 17:31 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 17:31 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 17:31 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 17:31 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 17:31 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 17:31 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 17:31 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 17:31 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 17:31 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 17:31 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 17:31 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 17:31 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 17:31 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 17:31 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 17:31 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 17:31 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 17:31 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 17:31 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 17:31 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 17:31 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 17:31 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 17:31 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 17:31 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 17:31 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 17:31 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 17:31 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 17:31 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 17:31 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 17:31 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 17:31 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 17:31 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 17:31 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 17:31 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 17:29 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 17:29 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 17:29 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 17:29 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 17:29 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 17:29 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 17:29 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 17:29 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 17:29 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 17:29 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 17:29 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 17:29 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 17:29 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 17:29 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 17:29 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 17:29 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 17:29 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 17:29 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 17:29 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 17:29 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 17:29 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 17:29 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 17:29 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 17:29 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 17:29 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 17:29 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 17:29 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 17:29 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 17:29 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 17:29 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 17:29 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 17:28 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 17:28 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 17:28 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 17:28 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 17:28 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 17:28 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 17:28 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 17:28 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 17:28 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 17:28 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 17:28 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 17:28 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-11 23:28 - 2015-07-11 23:28 - 00001138 _____ C:\Users\Deny\Desktop\ComboFix - Shortcut.lnk
2015-07-11 22:45 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-11 22:45 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-11 22:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-11 22:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-11 22:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-11 22:45 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-11 22:45 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-11 22:45 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-11 22:44 - 2015-07-29 09:51 - 00000000 ____D C:\Qoobox
2015-07-11 22:43 - 2015-07-12 12:40 - 00000000 ____D C:\Windows\erdnt
2015-07-11 22:42 - 2015-07-29 09:25 - 05633622 ____R (Swearware) C:\Users\Deny\Downloads\ComboFix.exe
2015-07-11 22:16 - 2015-07-11 22:18 - 00000000 ____D C:\rsit
2015-07-11 22:16 - 2015-07-11 22:18 - 00000000 ____D C:\Program Files\trend micro
2015-07-11 22:16 - 2015-07-11 22:16 - 01222144 _____ C:\Users\Deny\Downloads\RSITx64.exe
2015-07-10 21:27 - 2015-07-10 22:36 - 733661064 _____ C:\Users\Deny\Downloads\Pantani The Accidental Death Of A Cyclist 2014.avi
2015-07-10 15:39 - 2015-07-28 13:54 - 00000000 ____D C:\$Windows.~BT
2015-07-08 18:46 - 2015-07-27 15:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-05 17:57 - 2015-07-05 18:15 - 630616340 _____ C:\Users\Deny\Downloads\Hot.Girls.Wanted.2015.720p.WEBRip.600MB.MkvCage.mkv
2015-07-01 20:01 - 2015-07-01 20:01 - 01325518 _____ C:\Users\Deny\Downloads\slouceneJR_od_2015-07-01.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-29 22:35 - 2014-12-19 17:16 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-29 22:20 - 2014-12-19 15:34 - 01286162 _____ C:\Windows\WindowsUpdate.log
2015-07-29 21:26 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-29 21:26 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-29 21:16 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-29 21:16 - 2009-07-14 06:51 - 00054618 _____ C:\Windows\setupact.log
2015-07-29 21:15 - 2009-07-14 06:45 - 05074696 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-29 21:12 - 2014-12-21 23:12 - 00000000 ____D C:\AdwCleaner
2015-07-29 16:44 - 2014-12-19 18:00 - 00000000 ____D C:\Users\Deny\AppData\Roaming\Adobe
2015-07-29 16:35 - 2014-12-19 17:15 - 00000000 ____D C:\Users\Deny\AppData\Local\Adobe
2015-07-29 16:31 - 2014-12-19 18:04 - 00118728 _____ C:\Users\Deny\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-29 16:28 - 2015-01-01 23:25 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-29 16:23 - 2015-01-01 23:24 - 00000000 ____D C:\ProgramData\Adobe
2015-07-29 15:59 - 2009-07-14 07:13 - 00986036 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-29 15:51 - 2010-11-21 05:47 - 00019504 _____ C:\Windows\PFRO.log
2015-07-29 13:36 - 2014-12-20 19:02 - 00000000 ____D C:\Users\Deny\AppData\Roaming\uTorrent
2015-07-29 10:16 - 2014-12-20 21:38 - 00000000 ____D C:\Users\Deny\AppData\Roaming\vlc
2015-07-29 09:46 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-29 02:09 - 2014-12-21 11:34 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-28 13:48 - 2015-02-14 22:23 - 00000000 ____D C:\Users\Deny\AppData\Roaming\moztrap-fff1b9d09ebe1b62d05cc4f5b2063720
2015-07-28 13:47 - 2015-06-06 20:11 - 00000000 ____D C:\ProgramData\BlazeVideo
2015-07-28 13:46 - 2014-12-26 20:04 - 00000000 ____D C:\Users\Deny\AppData\Roaming\.ACEStream
2015-07-28 13:46 - 2014-12-26 20:02 - 00000000 ____D C:\Users\Deny\AppData\Roaming\ACEStream
2015-07-28 13:14 - 2014-12-20 00:27 - 00000000 ____D C:\Windows\Panther
2015-07-28 00:41 - 2015-05-27 01:48 - 2900188462 _____ C:\Users\Deny\Downloads\Rihanna.Samuel.Barmaid.Got.Laid.PublicPickUps.2012.HD_iyutero.com.mp4
2015-07-27 15:16 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-07-27 00:30 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-27 00:22 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-07-26 17:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-26 13:57 - 2011-04-12 10:28 - 00000000 ____D C:\Windows\ShellNew
2015-07-26 13:47 - 2015-02-18 17:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-07-26 10:45 - 2015-02-13 18:39 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS
2015-07-26 10:45 - 2014-12-19 21:43 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-07-26 10:45 - 2014-12-19 21:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-07-26 10:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2015-07-26 10:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2015-07-26 01:38 - 2014-12-19 20:40 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-25 11:57 - 2015-04-05 03:01 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-25 04:01 - 2015-02-18 17:32 - 00000000 ____D C:\Users\Deny\Documents\SQL Server Management Studio
2015-07-22 21:26 - 2015-02-13 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012
2015-07-22 21:13 - 2014-12-19 20:48 - 00951716 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-22 20:21 - 2009-07-14 07:08 - 00032570 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-22 20:16 - 2014-12-19 23:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-07-22 20:12 - 2014-12-19 21:44 - 00000000 ____D C:\Windows\system32\1033
2015-07-22 13:48 - 2015-02-11 20:37 - 00000000 __SHD C:\Users\Deny\AppData\Local\EmieUserList
2015-07-22 13:48 - 2015-02-11 20:37 - 00000000 __SHD C:\Users\Deny\AppData\Local\EmieSiteList
2015-07-22 13:48 - 2015-02-11 20:37 - 00000000 __SHD C:\Users\Deny\AppData\Local\EmieBrowserModeList
2015-07-20 14:55 - 2014-12-19 23:40 - 00000000 ____D C:\Users\Deny\Documents\Visual Studio 2013
2015-07-18 02:32 - 2015-04-05 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 15:19 - 2015-01-01 23:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 15:16 - 2015-06-23 23:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 09:53 - 2014-12-21 11:34 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 09:25 - 2015-06-12 18:41 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 14:50 - 2014-12-19 17:16 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 14:50 - 2014-12-19 17:16 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 14:50 - 2014-12-19 17:16 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-09 12:11 - 2014-12-19 17:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-08 23:36 - 2015-04-15 18:35 - 18510000 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-06 19:33 - 2015-02-11 15:09 - 00000000 ____D C:\Users\Deny\Desktop\web1
2015-07-03 08:43 - 2015-06-12 18:40 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 02:33 - 2014-12-23 15:44 - 00006786 _____ C:\Users\Deny\AppData\Local\mbt-actwiz.log

==================== Files in the root of some directories =======

2015-02-19 19:14 - 2015-02-19 19:01 - 198180864 _____ () C:\Program Files\AdventureWorks2012_Data.mdf
2014-12-23 15:44 - 2015-07-02 02:33 - 0006786 _____ () C:\Users\Deny\AppData\Local\mbt-actwiz.log

Some files in TEMP:
====================
C:\Users\Deny\AppData\Local\Temp\Quarantine.exe
C:\Users\Deny\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Deny\Desktop" je 2158 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-3627117365-4144886485-159678327-1000\...\Run: [AdobeBridge] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3627117365-4144886485-159678327-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
C:\Users\Deny\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Deny\Desktop" je 2158 MB.

To je hodně a může to zpomalovat start systému. Vytvořte novou složku v C:\Users\Deny, do které přesuňte vše z plochy, kromě zástupců. Na ploch dejte pro snazší přístup zástupce té složky.

Fix result of Farbar Recovery Scan Tool (x64) Version:28-07-2015
Ran by Deny (2015-07-29 23:04:30) Run:1
Running from C:\Users\Deny\Desktop
Loaded Profiles: Deny & MSSQL$SQLEXPRESS (Available Profiles: Deny & MSSQL$SQLEXPRESS & Classic .NET AppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-3627117365-4144886485-159678327-1000\...\Run: [AdobeBridge] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3627117365-4144886485-159678327-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
C:\Users\Deny\AppData\Local\Temp
End
*****************

HKU\S-1-5-21-3627117365-4144886485-159678327-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3627117365-4144886485-159678327-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully

"C:\Users\Deny\AppData\Local\Temp" folder move:

Could not move "C:\Users\Deny\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-29 23:09:08)<=

C:\Users\Deny\AppData\Local\Temp => moved successfully

==== End of Fixlog 23:09:09 ====

Vše smazáno, PC by již měl být čistý.