Prosím o kontrolu

Zpráva

Vicious · #1 Příspěvek od **Vicious** » 25 srp 2015 18:24

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-08-25 19:21:08
Microsoft Windows 10 Pro
System drive C: has 178 GB (38%) free of 473 GB
Total RAM: 16364 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:21:13, on 25.8.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe
C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: (no name) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - (no file)
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll
O4 - HKLM\..\Run: [HP KEYBOARDx] "C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE"
O4 - HKLM\..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~2\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~2\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CDF3E8B8-15CC-4026-90C3-491D8565EB26} (NuClient Class) - http://195.146.118.24:8080/CrystalNuClientWeb.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14373 bytes

======Listing Processes======

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1ef96749-20aa-4e24-884a-13c38bb6357f -SystemEventPortName:HostProcess-04777717-1dbf-4684-8376-7ad0e9740c41 -IoCancelEventPortName:HostProcess-2ff37919-ac7c-4941-a66e-9e5bf1a41dc2 -NonStateChangingEventPortName:HostProcess-314b2306-caf7-4e76-a050-cb6af6732e38 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3bf33f32-a694-462e-b0b0-44600d0863f9 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe"
dashost.exe {5aefa7d6-add8-47ce-988f3aa9c22d16e8}
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe"
"C:\Program Files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe"
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\mqsvc.exe
"C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\diMaster.dll" /prefetch:1
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k HPService
"C:\Program Files\OO Software\Defrag\oodag.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
"C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe" /c /a /s UserSession2
sihost.exe
"C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe" -servicelaunch=true
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.12391.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe23_ Global\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 612 620 628 8192 624

"C:\Users\Petr\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForPetr.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForPetr (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\vkvdg6nu.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.CZE
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\vkvdg6nu.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{CDF3E8B8-15CC-4026-90C3-491D8565EB26}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-07-14 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10 1042744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-06-09 1747272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2015-07-14 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14 153768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10 798008]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-23 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-06-09 1598792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2015-07-14 1729752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-23 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10 1042744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10 798008]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-12-23 1425408]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2014-05-12 4465448]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-07-30 402632]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2012-09-23 3477640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp]
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2011-11-18 1492264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe [2014-05-12 4465448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-05-06 658424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
c:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl11]
C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe [2011-08-24 230696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-04 597552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2014-12-23 1425408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk]
C:\Windows\INSTAL~1\{3A593~1\app_icon.ico [2014-05-31 292878]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP KEYBOARDx"=C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [2010-02-11 710656]
"LaunchHPOSIAPP"=C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe [2009-04-04 385024]
""= []
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"msacm.dvacm_vspx7"=c:\PROGRA~1\Corel\CORELV~1\Dvacm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-25 19:21:08 ----D---- C:\rsit
2015-08-24 20:07:00 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-08-24 20:06:57 ----D---- C:\Program Files\DAEMON Tools Lite
2015-08-24 19:32:34 ----D---- C:\ProgramData\DAEMON Tools Lite
2015-08-24 14:18:21 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools iSCSI Target
2015-08-24 14:12:05 ----A---- C:\WINDOWS\system32\drivers\dtproscsibus.sys
2015-08-24 14:12:03 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Pro
2015-08-24 14:09:53 ----D---- C:\ProgramData\DAEMON Tools Pro
2015-08-23 20:25:09 ----A---- C:\WINDOWS\SYSWOW64\drivers\DrvAgent64.SYS
2015-08-23 18:55:01 ----D---- C:\Users\Petr\AppData\Roaming\Sun
2015-08-23 18:53:35 ----A---- C:\WINDOWS\system32\RtNicProp64.dll
2015-08-23 18:53:35 ----A---- C:\WINDOWS\system32\drivers\rt640x64.sys
2015-08-21 16:47:28 ----A---- C:\WINDOWS\system32\drivers\SYMEVENT64x86.SYS
2015-08-21 16:46:41 ----D---- C:\Program Files (x86)\Norton Internet Security
2015-08-21 16:46:25 ----D---- C:\Program Files (x86)\NortonInstaller
2015-08-21 16:45:46 ----D---- C:\Users\Petr\AppData\Roaming\Symantec
2015-08-20 07:02:24 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-08-10 08:59:28 ----D---- C:\ProgramData\PCSettings
2015-08-07 19:34:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-06 11:24:32 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-08-06 11:24:31 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-08-06 11:24:30 ----A---- C:\WINDOWS\system32\shell32.dll
2015-08-06 11:24:29 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-06 11:24:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-08-06 11:24:27 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2015-08-06 11:24:26 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-06 11:24:26 ----A---- C:\WINDOWS\system32\twinui.dll
2015-08-06 11:24:25 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-08-06 11:24:24 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2015-08-06 11:24:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2015-08-06 11:24:23 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-06 11:24:23 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-08-06 11:24:23 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-06 11:24:23 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-06 11:24:22 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-08-06 11:24:22 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-06 11:24:21 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2015-08-06 11:24:21 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2015-08-06 11:24:21 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-06 11:24:21 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2015-08-06 11:24:21 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-06 11:24:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-08-06 11:24:20 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2015-08-06 11:24:20 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2015-08-06 11:24:20 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2015-08-06 11:24:20 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-08-06 11:24:20 ----A---- C:\WINDOWS\system32\d3d9.dll
2015-08-06 11:24:19 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2015-08-06 11:24:19 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-06 11:24:19 ----A---- C:\WINDOWS\system32\RDXService.dll
2015-08-06 11:24:19 ----A---- C:\WINDOWS\system32\NotificationController.dll
2015-08-06 11:24:19 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2015-08-06 11:24:19 ----A---- C:\WINDOWS\system32\LogonController.dll
2015-08-06 11:24:18 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2015-08-06 11:24:18 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2015-08-06 11:24:18 ----A---- C:\WINDOWS\system32\wmpmde.dll
2015-08-06 11:24:18 ----A---- C:\WINDOWS\system32\winmde.dll
2015-08-06 11:24:18 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2015-08-06 11:24:18 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-06 11:24:17 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2015-08-06 11:24:17 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2015-08-06 11:24:17 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2015-08-06 11:24:17 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-06 11:24:17 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-06 11:24:17 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2015-08-06 11:24:17 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2015-08-06 11:24:16 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2015-08-06 11:24:16 ----A---- C:\WINDOWS\system32\wpncore.dll
2015-08-06 11:24:16 ----A---- C:\WINDOWS\system32\UserDataService.dll
2015-08-06 11:24:16 ----A---- C:\WINDOWS\system32\provhandlers.dll
2015-08-06 11:24:16 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2015-08-06 11:24:16 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-06 11:24:16 ----A---- C:\WINDOWS\system32\AudioEng.dll
2015-08-06 11:24:15 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2015-08-06 11:24:15 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2015-08-06 11:24:15 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2015-08-06 11:24:15 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-06 11:24:15 ----A---- C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-06 11:24:15 ----A---- C:\WINDOWS\system32\SensorService.dll
2015-08-06 11:24:15 ----A---- C:\WINDOWS\system32\provengine.dll
2015-08-06 11:24:15 ----A---- C:\WINDOWS\system32\MFPlay.dll
2015-08-06 11:24:15 ----A---- C:\WINDOWS\system32\AudioSes.dll
2015-08-06 11:24:14 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2015-08-06 11:24:14 ----A---- C:\WINDOWS\SYSWOW64\MFPlay.dll
2015-08-06 11:24:14 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2015-08-06 11:24:14 ----A---- C:\WINDOWS\system32\wpnapps.dll
2015-08-06 11:24:14 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-06 11:24:14 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2015-08-06 11:24:14 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-06 11:24:14 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-06 11:24:14 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-06 11:24:13 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2015-08-06 11:24:13 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2015-08-06 11:24:13 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2015-08-06 11:24:13 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2015-08-06 11:24:13 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2015-08-06 11:24:13 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-06 11:24:13 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-06 11:24:13 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2015-08-06 11:24:13 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2015-08-06 11:24:12 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2015-08-06 11:24:12 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2015-08-06 11:24:12 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-06 11:24:12 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2015-08-06 11:24:12 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-06 11:24:12 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-06 11:24:12 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-06 11:24:12 ----A---- C:\WINDOWS\system32\dxgi.dll
2015-08-06 11:24:12 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-08-06 11:24:12 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2015-08-06 11:24:11 ----A---- C:\WINDOWS\SYSWOW64\VoiceActivationManager.dll
2015-08-06 11:24:11 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.V2.dll
2015-08-06 11:24:11 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2015-08-06 11:24:11 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2015-08-06 11:24:11 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-06 11:24:11 ----A---- C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-06 11:24:11 ----A---- C:\WINDOWS\system32\drivers\tunnel.sys
2015-08-06 11:24:11 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-08-06 11:24:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-31 19:47:59 ----D---- C:\WINDOWS\system32\SleepStudy
2015-07-31 13:05:12 ----A---- C:\WINDOWS\system32\drivers\sptd2.sys
2015-07-31 12:45:22 ----D---- C:\Program Files (x86)\Disc Soft
2015-07-31 12:42:41 ----A---- C:\WINDOWS\system32\drivers\dtlitescsibus.sys
2015-07-31 12:33:37 ----A---- C:\WINDOWS\system32\PortChanger.exe
2015-07-31 12:33:37 ----A---- C:\WINDOWS\system32\drivers\Dot4usb.sys
2015-07-31 12:33:37 ----A---- C:\WINDOWS\system32\drivers\Dot4Prt.sys
2015-07-31 12:33:37 ----A---- C:\WINDOWS\system32\drivers\Dot4.sys
2015-07-31 12:21:12 ----D---- C:\Program Files\Common Files\Symantec Shared
2015-07-31 12:05:43 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-07-30 18:43:59 ----A---- C:\WINDOWS\system32\wmp.dll
2015-07-30 18:43:59 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2015-07-30 18:43:58 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2015-07-30 18:43:58 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-07-30 18:43:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2015-07-30 18:43:56 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-07-30 18:43:53 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-07-30 18:43:53 ----A---- C:\WINDOWS\system32\mssrch.dll
2015-07-30 18:43:53 ----A---- C:\WINDOWS\system32\ClipUp.exe
2015-07-30 18:43:52 ----A---- C:\WINDOWS\system32\mfcore.dll
2015-07-30 18:43:51 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-07-30 18:43:50 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2015-07-30 18:43:50 ----A---- C:\WINDOWS\system32\windows.storage.dll
2015-07-30 18:43:49 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-07-30 18:43:48 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2015-07-30 18:43:48 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2015-07-30 18:43:47 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2015-07-30 18:43:47 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-07-30 18:43:46 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2015-07-30 18:43:45 ----A---- C:\WINDOWS\system32\msi.dll
2015-07-30 18:43:43 ----A---- C:\WINDOWS\system32\InputService.dll
2015-07-30 18:43:43 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-07-30 18:43:42 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-07-30 18:43:42 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-07-30 18:43:41 ----A---- C:\WINDOWS\system32\wininet.dll
2015-07-30 18:43:41 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-07-30 18:43:40 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-07-30 18:43:40 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2015-07-30 18:43:40 ----A---- C:\WINDOWS\system32\dosvc.dll
2015-07-30 18:43:39 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2015-07-30 18:43:38 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-07-30 18:43:37 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-07-30 18:43:37 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-07-30 18:43:36 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-07-30 18:43:36 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-07-30 18:43:35 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2015-07-30 18:43:35 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-07-30 18:43:34 ----A---- C:\WINDOWS\explorer.exe
2015-07-30 18:43:30 ----A---- C:\WINDOWS\system32\wwansvc.dll
2015-07-30 18:43:30 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-07-30 18:43:29 ----A---- C:\WINDOWS\system32\WWAHost.exe
2015-07-30 18:43:29 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-07-30 18:43:29 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-07-30 18:43:29 ----A---- C:\WINDOWS\system32\AppContracts.dll
2015-07-30 18:43:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2015-07-30 18:43:28 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-07-30 18:43:28 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-07-30 18:43:28 ----A---- C:\WINDOWS\system32\mfsvr.dll
2015-07-30 18:43:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2015-07-30 18:43:27 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-07-30 18:43:27 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2015-07-30 18:43:27 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-07-30 18:43:27 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2015-07-30 18:43:26 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2015-07-30 18:43:26 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2015-07-30 18:43:26 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2015-07-30 18:43:26 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-07-30 18:43:26 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-07-30 18:43:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2015-07-30 18:43:25 ----A---- C:\WINDOWS\system32\SensorDataService.exe
2015-07-30 18:43:25 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2015-07-30 18:43:24 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-07-30 18:43:24 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-07-30 18:43:24 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2015-07-30 18:43:24 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2015-07-30 18:43:24 ----A---- C:\WINDOWS\system32\ContactApis.dll
2015-07-30 18:43:23 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2015-07-30 18:43:23 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2015-07-30 18:43:23 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-07-30 18:43:23 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2015-07-30 18:43:22 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-07-30 18:43:22 ----A---- C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-07-30 18:43:22 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-07-30 18:43:21 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2015-07-30 18:43:21 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-07-30 18:43:20 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-07-30 18:43:20 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2015-07-30 18:43:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-07-30 18:43:20 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-07-30 18:43:20 ----A---- C:\WINDOWS\system32\mfplat.dll
2015-07-30 18:43:20 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2015-07-30 18:43:20 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-07-30 18:43:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2015-07-30 18:43:19 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-07-30 18:43:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2015-07-30 18:43:17 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2015-07-30 18:43:17 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2015-07-30 18:43:17 ----A---- C:\WINDOWS\system32\gdi32.dll
2015-07-30 18:43:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2015-07-30 18:43:16 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2015-07-30 18:43:16 ----A---- C:\WINDOWS\system32\Windows.Media.Import.dll
2015-07-30 18:43:16 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-07-30 18:43:16 ----A---- C:\WINDOWS\system32\ieproxy.dll
2015-07-30 18:43:16 ----A---- C:\WINDOWS\system32\efscore.dll
2015-07-30 18:43:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll
2015-07-30 18:43:15 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2015-07-30 18:43:15 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2015-07-30 18:43:15 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2015-07-30 18:43:15 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2015-07-30 18:43:14 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2015-07-30 18:43:14 ----A---- C:\WINDOWS\system32\ncsi.dll
2015-07-30 18:43:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Import.dll
2015-07-30 18:43:13 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2015-07-30 18:43:13 ----A---- C:\WINDOWS\system32\OmaDmAgent.dll
2015-07-30 18:43:12 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2015-07-30 18:43:12 ----A---- C:\WINDOWS\SYSWOW64\efscore.dll
2015-07-30 18:43:12 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-07-30 18:43:12 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2015-07-30 18:43:12 ----A---- C:\WINDOWS\system32\unenrollhook.dll
2015-07-30 18:43:12 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2015-07-30 18:43:11 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2015-07-30 18:43:11 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2015-07-30 18:43:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2015-07-30 18:43:10 ----A---- C:\WINDOWS\system32\mos.dll
2015-07-30 18:43:10 ----A---- C:\WINDOWS\system32\hal.dll
2015-07-30 18:43:10 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2015-07-30 18:43:10 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2015-07-30 18:43:09 ----A---- C:\WINDOWS\system32\wuuhext.dll
2015-07-30 18:43:09 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2015-07-30 18:43:09 ----A---- C:\WINDOWS\system32\srumsvc.dll
2015-07-30 18:43:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-07-30 18:43:09 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2015-07-30 18:43:08 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2015-07-30 18:43:08 ----A---- C:\WINDOWS\system32\SharedStartModelShim.dll
2015-07-30 18:43:08 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2015-07-30 18:43:08 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2015-07-30 18:43:08 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2015-07-30 18:43:08 ----A---- C:\WINDOWS\system32\GamePanel.exe
2015-07-30 18:43:08 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-07-30 18:43:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2015-07-30 18:43:07 ----A---- C:\WINDOWS\SYSWOW64\srumsvc.dll
2015-07-30 18:43:07 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-07-30 18:43:07 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2015-07-30 18:43:07 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2015-07-30 18:43:07 ----A---- C:\WINDOWS\system32\wintrust.dll
2015-07-30 18:43:07 ----A---- C:\WINDOWS\system32\winhttp.dll
2015-07-30 18:43:07 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2015-07-30 18:43:06 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2015-07-30 18:43:06 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2015-07-30 18:43:06 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2015-07-30 18:43:06 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-07-30 18:43:06 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2015-07-30 18:43:05 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2015-07-30 18:43:05 ----A---- C:\WINDOWS\system32\TabSvc.dll
2015-07-30 18:43:05 ----A---- C:\WINDOWS\system32\psmsrv.dll
2015-07-30 18:43:05 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2015-07-30 18:43:05 ----A---- C:\WINDOWS\system32\ci.dll
2015-07-30 18:43:05 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-07-30 18:43:04 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2015-07-30 18:43:04 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2015-07-30 18:43:04 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-07-30 18:43:04 ----A---- C:\WINDOWS\system32\uxtheme.dll
2015-07-30 18:43:04 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2015-07-30 18:43:04 ----A---- C:\WINDOWS\system32\comdlg32.dll
2015-07-30 18:43:03 ----A---- C:\WINDOWS\SYSWOW64\uxtheme.dll
2015-07-30 18:43:03 ----A---- C:\WINDOWS\system32\winload.exe
2015-07-30 18:43:03 ----A---- C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-07-30 18:43:03 ----A---- C:\WINDOWS\system32\Unistore.dll
2015-07-30 18:43:03 ----A---- C:\WINDOWS\system32\MusNotification.exe
2015-07-30 18:43:03 ----A---- C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-07-30 18:43:03 ----A---- C:\WINDOWS\system32\cloudAP.dll
2015-07-30 18:43:02 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2015-07-30 18:43:02 ----A---- C:\WINDOWS\system32\winresume.exe
2015-07-30 18:43:02 ----A---- C:\WINDOWS\system32\sppcomapi.dll
2015-07-30 18:43:02 ----A---- C:\WINDOWS\system32\shutdownux.dll
2015-07-30 18:43:02 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2015-07-30 18:43:01 ----A---- C:\WINDOWS\SYSWOW64\systemcpl.dll
2015-07-30 18:43:01 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2015-07-30 18:43:01 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2015-07-30 18:43:01 ----A---- C:\WINDOWS\system32\omadmclient.exe
2015-07-30 18:43:01 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-07-30 18:43:00 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2015-07-30 18:43:00 ----A---- C:\WINDOWS\system32\wininit.exe
2015-07-30 18:43:00 ----A---- C:\WINDOWS\system32\systemcpl.dll
2015-07-30 18:43:00 ----A---- C:\WINDOWS\system32\storewuauth.dll
2015-07-30 18:43:00 ----A---- C:\WINDOWS\system32\stobject.dll
2015-07-30 18:43:00 ----A---- C:\WINDOWS\system32\dwmapi.dll
2015-07-30 18:42:59 ----A---- C:\WINDOWS\system32\wimgapi.dll
2015-07-30 18:42:59 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2015-07-30 18:42:59 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2015-07-30 18:42:58 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2015-07-30 18:42:58 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2015-07-30 18:42:58 ----A---- C:\WINDOWS\system32\usocore.dll
2015-07-30 18:42:58 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2015-07-30 18:42:58 ----A---- C:\WINDOWS\system32\ntshrui.dll
2015-07-30 18:42:58 ----A---- C:\WINDOWS\system32\drivers\UcmUcsi.sys
2015-07-30 18:42:58 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2015-07-30 18:42:57 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2015-07-30 18:42:57 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2015-07-30 18:42:57 ----A---- C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-07-30 18:42:57 ----A---- C:\WINDOWS\system32\sendmail.dll
2015-07-30 18:42:57 ----A---- C:\WINDOWS\system32\ConhostV2.dll
2015-07-30 18:42:57 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2015-07-30 18:42:56 ----A---- C:\WINDOWS\SYSWOW64\sendmail.dll
2015-07-30 18:42:56 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2015-07-30 18:42:56 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2015-07-30 18:42:56 ----A---- C:\WINDOWS\SYSWOW64\calc.exe
2015-07-30 18:42:56 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-07-30 18:42:56 ----A---- C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-07-30 18:42:56 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-07-30 18:42:56 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-07-30 18:42:56 ----A---- C:\WINDOWS\system32\calc.exe
2015-07-30 18:42:55 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2015-07-30 18:42:55 ----A---- C:\WINDOWS\SYSWOW64\bcd.dll
2015-07-30 18:42:55 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-07-30 18:42:55 ----A---- C:\WINDOWS\system32\mssprxy.dll
2015-07-30 18:42:55 ----A---- C:\WINDOWS\system32\msiexec.exe
2015-07-30 18:42:55 ----A---- C:\WINDOWS\system32\mfps.dll
2015-07-30 18:42:55 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-07-30 18:42:54 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-07-30 18:42:54 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2015-07-30 18:42:54 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2015-07-30 18:42:54 ----A---- C:\WINDOWS\system32\ReAgent.dll
2015-07-30 18:42:54 ----A---- C:\WINDOWS\system32\bcd.dll
2015-07-30 18:42:53 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe
2015-07-30 18:42:53 ----A---- C:\WINDOWS\system32\wer.dll
2015-07-30 18:42:53 ----A---- C:\WINDOWS\system32\hmkd.dll
2015-07-30 18:42:52 ----A---- C:\WINDOWS\SYSWOW64\hmkd.dll
2015-07-30 18:42:52 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-07-30 18:42:52 ----A---- C:\WINDOWS\system32\omadmprc.exe
2015-07-30 18:42:52 ----A---- C:\WINDOWS\system32\LicenseManagerApi.dll
2015-07-30 18:42:52 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2015-07-30 18:42:51 ----A---- C:\WINDOWS\system32\wimserv.exe
2015-07-30 18:42:51 ----A---- C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-07-30 18:42:51 ----A---- C:\WINDOWS\system32\setbcdlocale.dll
2015-07-30 18:42:51 ----A---- C:\WINDOWS\system32\bcdboot.exe
2015-07-30 18:42:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2015-07-30 18:42:50 ----A---- C:\WINDOWS\SYSWOW64\spbcd.dll
2015-07-30 18:42:50 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-07-30 18:42:50 ----A---- C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-07-30 18:42:50 ----A---- C:\WINDOWS\system32\spbcd.dll
2015-07-30 18:42:50 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2015-07-30 18:42:50 ----A---- C:\WINDOWS\system32\bcdedit.exe
2015-07-30 18:42:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2015-07-30 18:42:49 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2015-07-30 18:42:49 ----A---- C:\WINDOWS\system32\ReInfo.dll
2015-07-30 18:42:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-07-30 18:42:49 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2015-07-30 18:42:49 ----A---- C:\WINDOWS\system32\BingMaps.dll
2015-07-30 18:42:48 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2015-07-30 18:42:48 ----A---- C:\WINDOWS\system32\wpccpl.dll
2015-07-30 18:42:48 ----A---- C:\WINDOWS\system32\MapsStore.dll
2015-07-30 18:42:48 ----A---- C:\WINDOWS\system32\Chakra.dll
2015-07-30 18:42:48 ----A---- C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-07-30 18:42:48 ----A---- C:\WINDOWS\system32\diagtrack_win.dll
2015-07-30 18:42:47 ----A---- C:\WINDOWS\system32\reseteng.dll
2015-07-30 18:42:46 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2015-07-30 18:42:46 ----A---- C:\WINDOWS\SYSWOW64\ReInfo.dll
2015-07-30 18:42:46 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2015-07-30 18:42:45 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-07-30 18:42:45 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-07-30 18:19:23 ----DC---- C:\WINDOWS\Panther
2015-07-30 18:19:04 ----SHD---- C:\Recovery
2015-07-30 18:14:14 ----D---- C:\Windows.old
2015-07-30 18:11:32 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2015-07-30 18:11:32 ----D---- C:\WINDOWS\SYSWOW64\BestPractices
2015-07-30 18:11:32 ----D---- C:\WINDOWS\system32\msmq
2015-07-30 18:11:32 ----D---- C:\WINDOWS\system32\BestPractices
2015-07-30 18:11:31 ----D---- C:\Program Files\Reference Assemblies
2015-07-30 18:11:31 ----D---- C:\Program Files\MSBuild
2015-07-30 18:11:31 ----D---- C:\Program Files (x86)\Reference Assemblies
2015-07-30 18:11:31 ----D---- C:\Program Files (x86)\MSBuild
2015-07-30 18:11:31 ----D---- C:\inetpub
2015-07-30 18:11:05 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2015-07-30 18:11:05 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2015-07-30 18:11:05 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 18:11:04 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2015-07-30 18:11:04 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-07-30 18:11:04 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 18:03:09 ----A---- C:\WINDOWS\SYSWOW64\NlsLexicons0009.dll
2015-07-30 18:03:09 ----A---- C:\WINDOWS\SYSWOW64\NlsData0009.dll
2015-07-30 18:03:09 ----A---- C:\WINDOWS\system32\prm0009.dll
2015-07-30 18:03:09 ----A---- C:\WINDOWS\system32\NlsLexicons0009.dll
2015-07-30 18:03:09 ----A---- C:\WINDOWS\system32\NlsData0009.dll
2015-07-30 17:54:13 ----D---- C:\ProgramData\Microsoft OneDrive
2015-07-30 17:43:22 ----SHD---- C:\ProgramData\Šablony
2015-07-30 17:43:22 ----SHD---- C:\ProgramData\Plocha
2015-07-30 17:43:22 ----SHD---- C:\ProgramData\Oblíbené položky
2015-07-30 17:43:22 ----SHD---- C:\ProgramData\Nabídka Start
2015-07-30 17:43:22 ----SHD---- C:\ProgramData\Dokumenty
2015-07-30 17:43:22 ----SHD---- C:\ProgramData\Data aplikací
2015-07-30 17:42:07 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2015-07-30 17:36:56 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2015-07-30 17:27:37 ----D---- C:\Program Files\Common Files\SpeechEngines
2015-07-30 17:25:40 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2015-07-30 17:24:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-30 17:24:43 ----A---- C:\WINDOWS\SYSWOW64\PerfStringBackup.INI
2015-07-30 17:23:33 ----D---- C:\WINDOWS\system32\SRSLabs
2015-07-30 17:23:13 ----D---- C:\ProgramData\NVIDIA
2015-07-30 17:23:08 ----A---- C:\WINDOWS\system32\nvvsvc.exe
2015-07-30 17:23:08 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2015-07-30 17:23:08 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2015-07-30 17:23:08 ----A---- C:\WINDOWS\system32\nvshext.dll
2015-07-30 17:23:08 ----A---- C:\WINDOWS\system32\nvmctray.dll
2015-07-30 17:23:08 ----A---- C:\WINDOWS\system32\nvcpl.dll
2015-07-30 17:22:52 ----D---- C:\ProgramData\NVIDIA Corporation
2015-07-30 17:22:38 ----D---- C:\Program Files\NVIDIA Corporation
2015-07-30 17:22:38 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-07-30 17:20:35 ----D---- C:\WINDOWS\Prefetch
2015-07-30 17:20:20 ----ASH---- C:\swapfile.sys

======List of files/folders modified in the last 1 month======

2015-08-25 19:21:10 ----D---- C:\Program Files\trend micro
2015-08-25 19:09:21 ----D---- C:\WINDOWS\Temp
2015-08-25 19:09:21 ----D---- C:\WINDOWS\System32
2015-08-25 18:30:00 ----D---- C:\WINDOWS\system32\sru
2015-08-25 15:50:47 ----D---- C:\WINDOWS\Microsoft.NET
2015-08-25 15:35:51 ----HD---- C:\WINDOWS\ELAMBKUP
2015-08-25 15:35:50 ----D---- C:\WINDOWS\SysWOW64
2015-08-25 15:33:10 ----D---- C:\WINDOWS\AppReadiness
2015-08-25 15:33:07 ----HD---- C:\Program Files\WindowsApps
2015-08-24 20:06:57 ----RD---- C:\Program Files
2015-08-24 20:03:23 ----D---- C:\WINDOWS\INF
2015-08-24 20:00:43 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-08-24 19:58:36 ----D---- C:\ProgramData\PDFC
2015-08-24 19:57:47 ----SHD---- C:\System Volume Information
2015-08-24 19:32:34 ----HD---- C:\ProgramData
2015-08-24 19:29:07 ----D---- C:\Program Files (x86)\Smarty Uninstaller
2015-08-24 19:16:40 ----RD---- C:\Program Files (x86)
2015-08-24 19:13:39 ----D---- C:\Users\Petr\AppData\Roaming\Smarty Uninstaller
2015-08-24 18:14:24 ----D---- C:\VueScan
2015-08-24 17:41:21 ----D---- C:\RTSStavitel
2015-08-24 16:47:46 ----D---- C:\Users\Petr\AppData\Roaming\.RTS
2015-08-24 14:14:28 ----D---- C:\ProgramData\truesuite
2015-08-24 14:14:09 ----HD---- C:\Config.Msi
2015-08-24 14:12:25 ----D---- C:\WINDOWS\system32\drivers
2015-08-24 14:12:24 ----D---- C:\WINDOWS\system32\DriverStore
2015-08-24 13:50:52 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2015-08-23 21:57:34 ----D---- C:\WINDOWS\Tasks
2015-08-23 21:57:34 ----D---- C:\WINDOWS\system32\Tasks
2015-08-23 20:54:11 ----D---- C:\WINDOWS\system32\config
2015-08-23 20:46:48 ----SHD---- C:\WINDOWS\Installer
2015-08-23 20:25:09 ----D---- C:\WINDOWS\SYSWOW64\drivers
2015-08-23 19:26:17 ----D---- C:\ProgramData\Nero
2015-08-23 18:56:41 ----D---- C:\WINDOWS\system32\CatRoot
2015-08-23 18:55:12 ----D---- C:\Program Files (x86)\Common Files
2015-08-23 18:54:42 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2015-08-23 18:54:30 ----D---- C:\Program Files (x86)\Java
2015-08-23 18:40:43 ----D---- C:\ProgramData\ProductData
2015-08-21 16:46:41 ----D---- C:\ProgramData\Norton
2015-08-21 09:30:58 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-20 11:16:50 ----D---- C:\ProgramData\Microsoft Help
2015-08-20 11:15:50 ----RSD---- C:\WINDOWS\assembly
2015-08-19 19:06:01 ----D---- C:\WINDOWS\rescache
2015-08-19 18:20:33 ----D---- C:\WINDOWS\WinSxS
2015-08-19 16:41:46 ----D---- C:\WINDOWS\CbsTemp
2015-08-19 16:41:35 ----D---- C:\WINDOWS\system32\catroot2
2015-08-10 09:06:45 ----D---- C:\WINDOWS\system32\WinBioDatabase
2015-08-10 09:05:10 ----D---- C:\Windows
2015-08-10 09:04:02 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-08-10 09:04:02 ----D---- C:\WINDOWS\system32\appraiser
2015-08-10 09:04:01 ----D---- C:\WINDOWS\Provisioning
2015-08-10 09:04:01 ----D---- C:\WINDOWS\AppPatch
2015-08-10 09:04:01 ----D---- C:\Program Files\Internet Explorer
2015-08-10 09:04:01 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-03 12:15:14 ----D---- C:\WINDOWS\Logs
2015-07-31 14:09:57 ----D---- C:\WINDOWS\debug
2015-07-31 14:05:10 ----A---- C:\WINDOWS\win.ini
2015-07-31 12:34:20 ----A---- C:\WINDOWS\system32\hpwtiop5.dll
2015-07-31 12:21:12 ----D---- C:\Program Files\Common Files
2015-07-31 12:20:03 ----D---- C:\WINDOWS\system32\drivers\NISx64
2015-07-31 12:16:07 ----D---- C:\ProgramData\NortonInstaller
2015-07-31 12:07:42 ----D---- C:\WINDOWS\system32\WDI
2015-07-31 12:01:07 ----D---- C:\WINDOWS\SYSWOW64\oobe
2015-07-31 12:01:07 ----D---- C:\WINDOWS\SYSWOW64\Dism
2015-07-31 12:01:01 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2015-07-31 12:01:01 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2015-07-31 12:01:01 ----D---- C:\WINDOWS\system32\oobe
2015-07-31 12:01:00 ----D---- C:\WINDOWS\system32\migration
2015-07-31 12:01:00 ----D---- C:\WINDOWS\system32\Dism
2015-07-31 12:01:00 ----D---- C:\WINDOWS\system32\Boot
2015-07-31 12:00:52 ----RD---- C:\WINDOWS\PurchaseDialog
2015-07-31 12:00:52 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-07-31 11:54:59 ----D---- C:\WINDOWS\appcompat
2015-07-30 20:06:59 ----RSD---- C:\WINDOWS\Fonts
2015-07-30 18:14:48 ----RD---- C:\WINDOWS\DevicesFlow
2015-07-30 18:13:58 ----SD---- C:\WINDOWS\system32\Microsoft
2015-07-30 18:11:32 ----D---- C:\WINDOWS\SYSWOW64\MUI
2015-07-30 18:11:32 ----D---- C:\WINDOWS\SYSWOW64\inetsrv
2015-07-30 18:11:32 ----D---- C:\WINDOWS\system32\MUI
2015-07-30 18:11:32 ----D---- C:\WINDOWS\system32\inetsrv
2015-07-30 18:11:29 ----A---- C:\WINDOWS\SYSWOW64\mqsnap.dll
2015-07-30 18:11:29 ----A---- C:\WINDOWS\SYSWOW64\mqcertui.dll
2015-07-30 18:11:28 ----A---- C:\WINDOWS\SYSWOW64\wamregps.dll
2015-07-30 18:11:28 ----A---- C:\WINDOWS\SYSWOW64\iisRtl.dll
2015-07-30 18:11:28 ----A---- C:\WINDOWS\SYSWOW64\iisrstap.dll
2015-07-30 18:11:28 ----A---- C:\WINDOWS\SYSWOW64\iisreset.exe
2015-07-30 18:11:28 ----A---- C:\WINDOWS\SYSWOW64\ahadmin.dll
2015-07-30 18:11:28 ----A---- C:\WINDOWS\SYSWOW64\admwprox.dll
2015-07-30 18:11:28 ----A---- C:\WINDOWS\system32\wamregps.dll
2015-07-30 18:11:28 ----A---- C:\WINDOWS\system32\iisRtl.dll
2015-07-30 18:11:28 ----A---- C:\WINDOWS\system32\iisrstap.dll
2015-07-30 18:11:28 ----A---- C:\WINDOWS\system32\iisreset.exe
2015-07-30 18:11:28 ----A---- C:\WINDOWS\system32\ahadmin.dll
2015-07-30 18:11:28 ----A---- C:\WINDOWS\system32\admwprox.dll
2015-07-30 18:11:27 ----A---- C:\WINDOWS\SYSWOW64\mqoa.dll
2015-07-30 18:11:27 ----A---- C:\WINDOWS\system32\mqrt.dll
2015-07-30 18:11:27 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
2015-07-30 18:11:26 ----A---- C:\WINDOWS\system32\mqutil.dll
2015-07-30 18:11:26 ----A---- C:\WINDOWS\system32\mqsnap.dll
2015-07-30 18:11:26 ----A---- C:\WINDOWS\system32\mqcertui.dll
2015-07-30 18:11:25 ----A---- C:\WINDOWS\SYSWOW64\mqrt.dll
2015-07-30 18:11:25 ----A---- C:\WINDOWS\system32\mqqm.dll
2015-07-30 18:11:25 ----A---- C:\WINDOWS\system32\mqoa.dll
2015-07-30 18:11:24 ----A---- C:\WINDOWS\SYSWOW64\mqutil.dll
2015-07-30 18:11:24 ----A---- C:\WINDOWS\system32\mqsvc.exe
2015-07-30 18:11:24 ----A---- C:\WINDOWS\system32\mqbkup.exe
2015-07-30 18:03:14 ----D---- C:\WINDOWS\OCR
2015-07-30 17:51:16 ----RD---- C:\WINDOWS\PrintDialog
2015-07-30 17:51:15 ----RD---- C:\WINDOWS\MiracastView
2015-07-30 17:45:27 ----D---- C:\WINDOWS\system32\restore
2015-07-30 17:43:28 ----D---- C:\WINDOWS\SoftwareDistribution
2015-07-30 17:43:22 ----D---- C:\Program Files\Windows NT
2015-07-30 17:42:40 ----D---- C:\WINDOWS\Registration
2015-07-30 17:42:04 ----D---- C:\WINDOWS\system32\drivers\etc
2015-07-30 17:42:00 ----D---- C:\WINDOWS\system32\LogFiles
2015-07-30 17:41:59 ----RSD---- C:\WINDOWS\Media
2015-07-30 17:40:41 ----SHD---- C:\$RECYCLE.BIN
2015-07-30 17:40:36 ----D---- C:\WINDOWS\system32\spool
2015-07-30 17:40:24 ----D---- C:\WINDOWS\system32\wbem
2015-07-30 17:34:16 ----D---- C:\WINDOWS\SYSWOW64\en-US
2015-07-30 17:34:15 ----D---- C:\WINDOWS\system32\OEM
2015-07-30 17:34:15 ----D---- C:\WINDOWS\system32\en-US
2015-07-30 17:34:15 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-07-30 17:34:15 ----D---- C:\WINDOWS\ShellNew
2015-07-30 17:34:14 ----SD---- C:\WINDOWS\Downloaded Program Files
2015-07-30 17:34:14 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-07-30 17:32:01 ----D---- C:\Program Files\IDT
2015-07-30 17:28:46 ----D---- C:\WINDOWS\twain_32
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\zh-HK
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\spool
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\migwiz
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2015-07-30 17:28:46 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2015-07-30 17:28:45 ----D---- C:\WINDOWS\SYSWOW64\IME
2015-07-30 17:28:45 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2015-07-30 17:28:45 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2015-07-30 17:28:45 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2015-07-30 17:28:45 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2015-07-30 17:28:45 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2015-07-30 17:28:45 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2015-07-30 17:28:45 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2015-07-30 17:28:45 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-07-30 17:28:44 ----SHD---- C:\WINDOWS\SYSWOW64\%APPDATA%
2015-07-30 17:28:42 ----D---- C:\WINDOWS\system32\zh-TW
2015-07-30 17:28:42 ----D---- C:\WINDOWS\system32\zh-HK
2015-07-30 17:28:42 ----D---- C:\WINDOWS\system32\zh-CN
2015-07-30 17:28:42 ----D---- C:\WINDOWS\system32\tr-TR
2015-07-30 17:28:42 ----D---- C:\WINDOWS\system32\sv-SE
2015-07-30 17:28:41 ----D---- C:\WINDOWS\system32\sk-SK
2015-07-30 17:28:41 ----D---- C:\WINDOWS\system32\ru-RU
2015-07-30 17:28:41 ----D---- C:\WINDOWS\system32\pt-PT
2015-07-30 17:28:41 ----D---- C:\WINDOWS\system32\pt-BR
2015-07-30 17:28:41 ----D---- C:\WINDOWS\system32\pl-PL
2015-07-30 17:28:41 ----D---- C:\WINDOWS\system32\oodag
2015-07-30 17:28:41 ----D---- C:\WINDOWS\system32\nl-NL
2015-07-30 17:28:41 ----D---- C:\WINDOWS\system32\NDF
2015-07-30 17:28:41 ----D---- C:\WINDOWS\system32\nb-NO
2015-07-30 17:28:41 ----D---- C:\WINDOWS\system32\ko-KR
2015-07-30 17:28:41 ----D---- C:\WINDOWS\system32\ja-JP
2015-07-30 17:28:41 ----D---- C:\WINDOWS\system32\it-IT
2015-07-30 17:28:40 ----DC---- C:\WINDOWS\system32\DRVSTORE
2015-07-30 17:28:40 ----D---- C:\WINDOWS\system32\IME
2015-07-30 17:28:40 ----D---- C:\WINDOWS\system32\hu-HU
2015-07-30 17:28:40 ----D---- C:\WINDOWS\system32\fr-FR
2015-07-30 17:28:40 ----D---- C:\WINDOWS\system32\fi-FI
2015-07-30 17:28:40 ----D---- C:\WINDOWS\system32\es-ES
2015-07-30 17:28:40 ----D---- C:\WINDOWS\system32\el-GR
2015-07-30 17:28:40 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2015-07-30 17:28:39 ----D---- C:\WINDOWS\system32\de-DE
2015-07-30 17:28:39 ----D---- C:\WINDOWS\system32\da-DK
2015-07-30 17:28:39 ----D---- C:\WINDOWS\system32\cs-CZ
2015-07-30 17:28:18 ----SHD---- C:\WINDOWS\system32\%APPDATA%
2015-07-30 17:28:16 ----D---- C:\WINDOWS\schemas
2015-07-30 17:28:16 ----D---- C:\WINDOWS\PolicyDefinitions
2015-07-30 17:28:01 ----D---- C:\WINDOWS\Help
2015-07-30 17:28:01 ----D---- C:\WINDOWS\ehome
2015-07-30 17:28:00 ----D---- C:\WINDOWS\Cursors
2015-07-30 17:27:59 ----RD---- C:\Users
2015-07-30 17:27:43 ----SD---- C:\ProgramData\Microsoft
2015-07-30 17:27:42 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2015-07-30 17:27:42 ----D---- C:\Program Files (x86)\Windows Mail
2015-07-30 17:27:40 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-07-30 17:27:39 ----SHD---- C:\Program Files\Windows Sidebar
2015-07-30 17:27:39 ----D---- C:\Program Files\Windows Mail
2015-07-30 17:27:38 ----D---- C:\Program Files\Microsoft Games
2015-07-30 17:27:38 ----D---- C:\Program Files\DVD Maker
2015-07-30 17:27:37 ----D---- C:\Program Files\Common Files\System
2015-07-30 17:27:37 ----D---- C:\Program Files\Common Files\microsoft shared
2015-07-30 17:26:49 ----D---- C:\WINDOWS\system32\Recovery
2015-07-30 17:24:31 ----D---- C:\WINDOWS\system32\Sysprep
2015-07-30 16:58:31 ----HD---- C:\$Windows.~BT
2015-07-28 15:26:21 ----SHD---- C:\Boot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;@oem68.inf,%*PNP0600.DeviceDesc%;Intel AHCI Controller; C:\WINDOWS\System32\drivers\iaStor.sys [2011-04-26 557848]
R0 NBVol;Nero Backup Volume Filter Driver; C:\WINDOWS\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\WINDOWS\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 RapportHades64;RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [2015-07-29 139896]
R0 RapportKE64;RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [2015-07-29 394584]
R0 sptd2;sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [2015-07-31 159800]
R0 SymEFASI;Symantec Extended File Attributes (SI); C:\WINDOWS\system32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS [2015-07-11 1620720]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\BASHDefs\20150810.001\BHDrvx64.sys [2015-07-23 1650936]
R1 ccSet_NIS;NIS Settings Manager; C:\WINDOWS\system32\drivers\NISx64\1605020.00F\ccSetx64.sys [2015-07-11 173808]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2015-07-27 498512]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2014-12-23 26528]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\IPSDefs\20150821.001\IDSvia64.sys [2015-08-20 692984]
R1 RapportCerberus_1507063;RapportCerberus_1507063; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507063.sys [2015-08-21 958232]
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2015-07-29 500088]
R1 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2015-07-29 489240]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\WINDOWS\system32\drivers\NISx64\1605020.00F\SRTSPX64.SYS [2015-07-11 50936]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NISx64\1605020.00F\Ironx64.SYS [2015-07-11 297720]
R1 SymNetS;Symantec Network Security WFP Driver; C:\WINDOWS\system32\drivers\NISx64\1605020.00F\SYMNETS.SYS [2015-07-11 576248]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 ntk_PowerDVD;ntk_PowerDVD; \??\C:\Program Files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-08-24 75248]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 dtlitescsibus;@oem32.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-07-31 30264]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2015-07-27 153936]
R3 MEIx64;@oem13.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-19 56344]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-07-30 175104]
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\VirusDefs\20150824.018\ENG64.SYS [2015-05-20 138488]
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\VirusDefs\20150824.018\EX64.SYS [2015-05-20 2146040]
R3 NVHDA;@oem119.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2015-04-16 195912]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-06-17 11095696]
R3 rt640x64;@oem131.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-08-23 886528]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\WINDOWS\system32\drivers\NISx64\1605020.00F\SRTSP64.SYS [2015-07-11 926448]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-03-29 544768]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [2015-08-21 111344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S0 SymELAM;Symantec ELAM Driver; C:\WINDOWS\system32\drivers\NISx64\1605020.00F\SymELAM.sys [2015-07-11 24192]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-07-10 32256]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 dg_ssudbus;@oem49.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dot4;@oem124.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2015-07-31 151968]
S3 Dot4Print;@oem125.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2015-07-31 27040]
S3 DrvAgent64;DrvAgent64; \??\C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS [2015-08-23 22200]
S3 dtproscsibus;@oem132.inf,%DTPROSCSIBUS.DeviceDesc%;DAEMON Tools Pro Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [2015-08-24 30352]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2015-06-27 22704]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 OxPPort;OxPPort; C:\WINDOWS\system32\drivers\OxPPort.sys [2008-07-31 98304]
S3 OxSer;OxSer; C:\WINDOWS\system32\drivers\OxSer.sys [2009-09-16 98352]
S3 pmxdrv;pmxdrv; \??\C:\Windows\system32\drivers\pmxdrv.sys [2011-11-04 31152]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-07-17 934752]
S3 ssudmdm;@oem52.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2014-12-23 89600]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD; C:\Program Files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-08-24 83240]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-08-26 75048]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-08-26 292136]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\syswow64\svchost.exe [2015-07-10 35176]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-07-30 26112]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe [2015-07-16 282016]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-06-17 937616]
R2 OneSyncSvc_Session2;Hostitel synchronizace_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2014-05-12 1657640]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-05-06 1128952]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2013-09-13 337776]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-07-29 2255128]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-12-23 314880]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\syswow64\svchost.exe [2015-07-10 35176]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 PimIndexMaintenanceSvc_Session2;Data kontaktů_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-06-09 264008]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-08 116648]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-23 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-07-10 50352]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-04-24 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-04-24 203344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-08 116648]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-07 148136]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-07-12 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 25 srp 2015 21:30

Krasny den Vam preju

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Cleaning
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Vicious · #3 Příspěvek od **Vicious** » 26 srp 2015 13:15

Přeji dobrý den a posílám log.

# AdwCleaner v5.003 - Logfile created 26/08/2015 at 14:09:36
# Updated 20/08/2015 by Xplode
# Database : 2015-08-25.1 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : Petr - PETR-HP
# Running from : C:\Users\Petr\Desktop\adwcleaner_5.003.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Petr\AppData\Local\eSupport.com

***** [ Files ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKCU\Software\eSupport.com
[!] Key Not Deleted : [x64] HKCU\Software\eSupport.com

***** [ Web browsers ] *****

[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search the web

*************************

:: Proxy settings cleared
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1122 bytes] ##########

#4 Příspěvek od **altrok** » 26 srp 2015 20:07

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Vicious · #5 Příspěvek od **Vicious** » 27 srp 2015 14:05

Posílám na dvakrát, celej sem nevleze

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-08-2015
Ran by Petr (administrator) on PETR-HP (27-08-2015 14:49:17)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Program Files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
() C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coNatHst.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2014-12-23] (IDT, Inc.)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [4465448 2014-05-12] (O&O Software GmbH)
HKLM-x32\...\Run: [HP KEYBOARDx] => C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [710656 2010-02-11] (Hewlett-Packard)
HKLM-x32\...\Run: [LaunchHPOSIAPP] => C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe [385024 2009-04-04] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\Run: [OneDrive] => C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe [402632 2015-07-30] (Microsoft Corporation)
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {0b7d1de4-49bf-11e5-9bcc-806e6f6e6963} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {0b7d1e2b-49bf-11e5-9bcc-806e6f6e6963} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {0b7d1e65-49bf-11e5-9bcc-806e6f6e6963} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {0b7d1eb1-49bf-11e5-9bcc-806e6f6e6963} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {1e5b0dac-3f2e-11e5-9bc8-3860774043b7} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {96aaf14b-4a59-11e5-9bcd-806e6f6e6963} - "M:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {9aeefe31-4a89-11e5-9bce-806e6f6e6963} - "M:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {ca377faa-4cb8-11e5-9bd0-806e6f6e6963} - "F:\Start.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-12-28]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000 -> {C775F041-F3DB-43DF-8DA5-CF6BABF0AD2E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-06-09] (HP)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-23] (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-06-09] (HP)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-23] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
DPF: HKLM-x32 {CDF3E8B8-15CC-4026-90C3-491D8565EB26} hxxp://195.146.118.24:8080/CrystalNuClientWeb.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9490a4dc-7ff1-4c1c-8fd3-4776ee72017e}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\vkvdg6nu.default
FF SearchEngineOrder.1:
FF SelectedSearchEngine:
FF Homepage: hxxp://www.google.cz/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-08-20] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-08-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-08-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-08-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-08-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-08-24] (Apple Inc.)
FF Extension: Garmin Communicator - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\vkvdg6nu.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-07-11]
FF Extension: CrystalNuClient - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\vkvdg6nu.default\Extensions\{CDF3E8B8-15CC-4026-90C3-491D8565EB26} [2015-06-02]
FF Extension: VideoGet FireFox extension - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\vkvdg6nu.default\Extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}.xpi [2013-12-28]
FF Extension: Adblock Plus - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\vkvdg6nu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFPlgn [2015-08-27]
FF HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-28]
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-12-29]

Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-08]
CHR Extension: (Google Drive) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-08]
CHR Extension: (Rapport) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2015-06-10]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-08]
CHR Extension: (Norton Security Toolbar) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-07-31]
CHR Extension: (Google Search) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-08]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-01-08]
CHR Extension: (Norton Identity Safe) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-07-31]
CHR Extension: (Website Logon) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe [2014-01-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-08]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-08]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-08-21]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-08-21]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-06-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 CLHNServiceForPowerDVD; C:\Program Files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-08-24] ()
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-07-22] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-07-22] (Microsoft Corporation)
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [75048 2011-08-26] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [292136 2011-08-26] (CyberLink)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-07-24] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe [282016 2015-07-16] (Symantec Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1657640 2014-05-12] (O&O Software GmbH)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2255128 2015-08-04] (IBM Corp.)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-07-30] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-07-12] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-07-24] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-07-24] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-30] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-30] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-30] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\BASHDefs\20150821.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-07-31] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-07-31] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-31] (Disc Soft Ltd)
S3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30352 2015-08-24] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-06-27] ()
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-23] (REALiX(tm))
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\IPSDefs\20150821.001\IDSvia64.sys [692984 2015-08-20] (Symantec Corporation)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-30] (Microsoft Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\VirusDefs\20150826.017\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\VirusDefs\20150826.017\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
S3 OxPPort; C:\Windows\system32\drivers\OxPPort.sys [98304 2008-07-31] (OEM)
S3 OxSer; C:\Windows\system32\drivers\OxSer.sys [98352 2009-09-16] (OEM)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-11-04] ()
R1 RapportCerberus_1507065; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507065.sys [958744 2015-08-26] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [500184 2015-08-04] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [139896 2015-08-04] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [394584 2015-08-04] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [489240 2015-08-04] (IBM Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-08-23] (Realtek )
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [159800 2015-07-31] (Duplex Secure Ltd)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1605020.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation)
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2015-06-27] (BitDefender S.R.L.)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-07-14] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-09-01] (CyberLink Corp.)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-27 14:49 - 2015-08-27 14:50 - 00033653 _____ C:\Users\Petr\Desktop\FRST.txt
2015-08-27 14:48 - 2015-08-27 14:49 - 00000000 ____D C:\FRST
2015-08-27 14:48 - 2015-08-27 14:48 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2015-08-27 14:47 - 2015-08-27 14:47 - 02186752 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-08-27 14:41 - 2015-08-27 14:41 - 00016148 _____ C:\WINDOWS\system32\PETR-HP_Petr_HistoryPrediction.bin
2015-08-26 14:06 - 2015-08-26 14:08 - 01605632 _____ C:\Users\Petr\Desktop\adwcleaner_5.003.exe
2015-08-25 19:21 - 2015-08-25 19:21 - 00000000 ____D C:\rsit
2015-08-25 19:20 - 2015-08-25 19:20 - 01222144 _____ C:\Users\Petr\Desktop\RSITx64.exe
2015-08-24 20:07 - 2015-08-24 20:09 - 00000000 ____D C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-08-24 20:07 - 2015-08-24 20:07 - 00001816 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-08-24 20:07 - 2015-08-24 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-08-24 20:06 - 2015-08-24 20:07 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2015-08-24 19:32 - 2015-08-24 20:06 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-08-24 14:18 - 2015-08-24 19:07 - 00000000 ____D C:\Users\Petr\AppData\Roaming\DAEMON Tools iSCSI Target
2015-08-24 14:12 - 2015-08-24 14:25 - 00000000 ____D C:\Users\Petr\AppData\Roaming\DAEMON Tools Pro
2015-08-24 14:12 - 2015-08-24 14:12 - 00030352 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtproscsibus.sys
2015-08-24 14:09 - 2015-08-24 14:11 - 00000000 ____D C:\ProgramData\DAEMON Tools Pro
2015-08-23 20:25 - 2015-08-23 20:25 - 00022200 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2015-08-23 18:55 - 2015-08-23 18:55 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Sun
2015-08-23 18:55 - 2015-08-23 18:55 - 00000000 ____D C:\Users\Petr\.oracle_jre_usage
2015-08-23 18:53 - 2015-08-23 18:53 - 00886528 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2015-08-23 18:53 - 2015-08-23 18:53 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-08-21 16:53 - 2015-08-27 14:47 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2015-08-21 16:47 - 2015-08-21 16:47 - 00111344 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2015-08-21 16:47 - 2015-08-21 16:47 - 00008214 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2015-08-21 16:47 - 2015-08-21 16:47 - 00002574 _____ C:\Users\Public\Desktop\Norton Internet Security.LNK
2015-08-21 16:46 - 2015-08-21 16:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-08-21 16:46 - 2015-08-21 16:46 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2015-08-21 16:45 - 2015-08-21 16:45 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Symantec
2015-08-20 07:02 - 2015-08-20 07:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-08-10 09:05 - 2015-08-27 14:40 - 00555132 _____ C:\WINDOWS\PFRO.log
2015-08-10 08:59 - 2015-08-10 08:59 - 00000000 ____D C:\ProgramData\PCSettings
2015-08-08 19:44 - 2015-08-23 19:22 - 00004345 _____ C:\WINDOWS\setupact.log
2015-08-08 19:44 - 2015-08-08 19:44 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-08-08 19:44 - 2015-08-08 19:44 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-07 19:34 - 2015-08-10 09:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-06 11:24 - 2015-07-30 08:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-06 11:24 - 2015-07-30 08:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-06 11:24 - 2015-07-30 08:22 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-06 11:24 - 2015-07-30 08:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-06 11:24 - 2015-07-30 08:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-06 11:24 - 2015-07-30 08:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-06 11:24 - 2015-07-30 08:17 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-06 11:24 - 2015-07-30 08:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-06 11:24 - 2015-07-30 08:16 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-06 11:24 - 2015-07-30 08:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-06 11:24 - 2015-07-30 08:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-06 11:24 - 2015-07-30 08:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-06 11:24 - 2015-07-30 08:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-06 11:24 - 2015-07-30 08:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-06 11:24 - 2015-07-30 08:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-06 11:24 - 2015-07-30 08:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-06 11:24 - 2015-07-30 08:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-06 11:24 - 2015-07-30 08:03 - 01983328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-06 11:24 - 2015-07-30 07:30 - 22319520 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-06 11:24 - 2015-07-30 07:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-06 11:24 - 2015-07-30 06:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-06 11:24 - 2015-07-30 06:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-06 11:24 - 2015-07-30 06:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-06 11:24 - 2015-07-30 06:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-06 11:24 - 2015-07-30 06:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-06 11:24 - 2015-07-30 06:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-06 11:24 - 2015-07-30 06:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-06 11:24 - 2015-07-30 06:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-06 11:24 - 2015-07-30 06:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-06 11:24 - 2015-07-30 06:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-06 11:24 - 2015-07-30 06:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-06 11:24 - 2015-07-30 06:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-06 11:24 - 2015-07-30 06:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-06 11:24 - 2015-07-30 06:17 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-06 11:24 - 2015-07-30 06:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-06 11:24 - 2015-07-30 06:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-06 11:24 - 2015-07-30 06:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-06 11:24 - 2015-07-30 06:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-06 11:24 - 2015-07-30 06:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-06 11:24 - 2015-07-30 06:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-06 11:24 - 2015-07-30 06:07 - 20854776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-06 11:24 - 2015-07-30 06:02 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-06 11:24 - 2015-07-30 05:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-06 11:24 - 2015-07-30 05:56 - 16707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-06 11:24 - 2015-07-30 05:54 - 24591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-06 11:24 - 2015-07-30 05:54 - 02415616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-06 11:24 - 2015-07-30 05:53 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-06 11:24 - 2015-07-30 05:53 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-06 11:24 - 2015-07-30 05:53 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-06 11:24 - 2015-07-30 05:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-06 11:24 - 2015-07-30 05:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-06 11:24 - 2015-07-30 05:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-06 11:24 - 2015-07-30 05:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-06 11:24 - 2015-07-30 05:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-06 11:24 - 2015-07-30 05:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-06 11:24 - 2015-07-30 05:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-06 11:24 - 2015-07-30 05:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-06 11:24 - 2015-07-30 05:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-06 11:24 - 2015-07-30 05:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-06 11:24 - 2015-07-30 05:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-06 11:24 - 2015-07-30 05:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-06 11:24 - 2015-07-30 05:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-06 11:24 - 2015-07-30 05:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-06 11:24 - 2015-07-30 05:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-06 11:24 - 2015-07-30 05:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-06 11:24 - 2015-07-30 05:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-06 11:24 - 2015-07-30 05:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-06 11:24 - 2015-07-30 05:42 - 00596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-06 11:24 - 2015-07-30 05:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-06 11:24 - 2015-07-30 05:41 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-06 11:24 - 2015-07-30 05:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-06 11:24 - 2015-07-30 05:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-06 11:24 - 2015-07-30 05:40 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-06 11:24 - 2015-07-30 05:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-06 11:24 - 2015-07-30 05:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-06 11:24 - 2015-07-30 05:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-06 11:24 - 2015-07-30 05:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-06 11:24 - 2015-07-30 05:32 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-06 11:24 - 2015-07-30 05:32 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-06 11:24 - 2015-07-30 05:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-06 11:24 - 2015-07-30 05:23 - 13024256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-06 11:24 - 2015-07-30 05:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-06 11:24 - 2015-07-30 05:14 - 19333632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-06 11:24 - 2015-07-30 05:13 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-06 11:24 - 2015-07-30 05:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-06 11:24 - 2015-07-30 05:12 - 01914880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-06 11:24 - 2015-07-30 05:11 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-06 11:24 - 2015-07-30 05:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-06 11:24 - 2015-07-30 05:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-06 11:24 - 2015-07-30 05:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-06 11:24 - 2015-07-30 05:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-06 11:24 - 2015-07-30 05:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-06 11:24 - 2015-07-30 05:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-06 11:24 - 2015-07-30 05:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-06 11:24 - 2015-07-30 05:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-06 11:24 - 2015-07-30 05:04 - 00495616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-06 11:24 - 2015-07-30 05:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-06 11:24 - 2015-07-30 04:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-06 11:24 - 2015-07-30 04:58 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-06 11:24 - 2015-07-30 04:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-07-31 19:47 - 2015-07-31 19:47 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-07-31 14:49 - 2015-08-27 14:41 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-31 13:05 - 2015-08-24 20:12 - 00000000 ____D C:\Users\Petr\AppData\Local\Disc_Soft_Ltd
2015-07-31 13:05 - 2015-07-31 13:05 - 00159800 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2015-07-31 13:03 - 2015-07-31 13:03 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2015-07-31 12:45 - 2015-07-31 12:45 - 00000000 ____D C:\Program Files (x86)\Disc Soft
2015-07-31 12:42 - 2015-07-31 12:42 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2015-07-31 12:33 - 2015-07-31 12:33 - 03867040 _____ C:\WINDOWS\system32\PortChanger.exe
2015-07-31 12:33 - 2015-07-31 12:33 - 00151968 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Dot4.sys
2015-07-31 12:33 - 2015-07-31 12:33 - 00049056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dot4usb.sys
2015-07-31 12:33 - 2015-07-31 12:33 - 00027040 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\Dot4Prt.sys
2015-07-31 12:21 - 2015-08-21 16:47 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-07-31 12:05 - 2015-07-15 01:37 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-31 12:05 - 2015-07-15 01:37 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-30 18:50 - 2015-07-30 18:51 - 00000000 ____D C:\Users\Petr\AppData\Local\MicrosoftEdge
2015-07-30 18:44 - 2015-07-30 18:44 - 00000000 ____D C:\Users\Petr\AppData\Local\Comms
2015-07-30 18:43 - 2015-07-26 07:16 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-07-30 18:43 - 2015-07-26 07:16 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-07-30 18:43 - 2015-07-26 07:15 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-07-30 18:43 - 2015-07-26 07:14 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-07-30 18:43 - 2015-07-26 07:14 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-07-30 18:43 - 2015-07-26 07:13 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-07-30 18:43 - 2015-07-26 07:06 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-07-30 18:43 - 2015-07-26 06:28 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-07-30 18:43 - 2015-07-26 06:28 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-07-30 18:43 - 2015-07-26 05:49 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-07-30 18:43 - 2015-07-26 05:47 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-07-30 18:43 - 2015-07-26 05:40 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-07-30 18:43 - 2015-07-26 05:39 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-07-30 18:43 - 2015-07-26 05:38 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-07-30 18:43 - 2015-07-26 05:34 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-07-30 18:43 - 2015-07-26 05:30 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-07-30 18:43 - 2015-07-24 05:30 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-07-30 18:43 - 2015-07-24 04:46 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-07-30 18:43 - 2015-07-24 04:46 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-07-30 18:43 - 2015-07-24 04:40 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-07-30 18:43 - 2015-07-24 04:39 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-07-30 18:43 - 2015-07-24 04:25 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-07-30 18:43 - 2015-07-24 04:24 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-07-30 18:43 - 2015-07-24 04:24 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-07-30 18:43 - 2015-07-22 07:22 - 02462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-07-30 18:43 - 2015-07-22 07:19 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-07-30 18:43 - 2015-07-22 07:18 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-07-30 18:43 - 2015-07-22 07:15 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-07-30 18:43 - 2015-07-22 07:02 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-07-30 18:43 - 2015-07-22 06:13 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-07-30 18:43 - 2015-07-22 06:02 - 02150696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-07-30 18:43 - 2015-07-22 06:02 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-07-30 18:43 - 2015-07-22 06:00 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-07-30 18:43 - 2015-07-22 06:00 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-07-30 18:43 - 2015-07-22 06:00 - 00643616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-07-30 18:43 - 2015-07-22 06:00 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-07-30 18:43 - 2015-07-22 06:00 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-07-30 18:43 - 2015-07-22 05:59 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-07-30 18:43 - 2015-07-22 05:55 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-07-30 18:43 - 2015-07-22 05:55 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-07-30 18:43 - 2015-07-22 05:54 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-07-30 18:43 - 2015-07-22 05:53 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-07-30 18:43 - 2015-07-22 05:52 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-07-30 18:43 - 2015-07-22 05:52 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-07-30 18:43 - 2015-07-22 05:51 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-07-30 18:43 - 2015-07-22 05:49 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-07-30 18:43 - 2015-07-22 05:48 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-07-30 18:43 - 2015-07-22 05:48 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-07-30 18:43 - 2015-07-22 05:46 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-07-30 18:43 - 2015-07-22 05:13 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-07-30 18:43 - 2015-07-22 05:13 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-07-30 18:43 - 2015-07-22 05:11 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-07-30 18:43 - 2015-07-22 05:10 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-07-30 18:43 - 2015-07-22 05:07 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-07-30 18:43 - 2015-07-22 05:07 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-07-30 18:43 - 2015-07-22 05:05 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-07-30 18:43 - 2015-07-22 05:04 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-07-30 18:43 - 2015-07-22 05:03 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-07-30 18:43 - 2015-07-22 04:50 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-07-30 18:43 - 2015-07-19 06:04 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-07-30 18:43 - 2015-07-19 05:54 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-07-30 18:43 - 2015-07-19 05:18 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-07-30 18:43 - 2015-07-19 05:12 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-07-30 18:43 - 2015-07-19 05:12 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-07-30 18:43 - 2015-07-19 05:02 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-07-30 18:43 - 2015-07-19 04:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-07-30 18:43 - 2015-07-18 10:48 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-07-30 18:43 - 2015-07-18 10:22 - 00539216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-07-30 18:43 - 2015-07-18 09:43 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-07-30 18:43 - 2015-07-18 09:39 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-07-30 18:43 - 2015-07-18 09:37 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-07-30 18:43 - 2015-07-18 09:29 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-07-30 18:43 - 2015-07-18 07:18 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-07-30 18:43 - 2015-07-18 07:15 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-07-30 18:43 - 2015-07-18 07:02 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-07-30 18:43 - 2015-07-18 06:54 - 00606392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-07-30 18:43 - 2015-07-18 06:13 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-07-30 18:43 - 2015-07-18 06:09 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-07-30 18:43 - 2015-07-18 06:06 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-07-30 18:43 - 2015-07-18 06:01 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-07-30 18:43 - 2015-07-18 05:59 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-07-30 18:43 - 2015-07-18 05:59 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-07-30 18:43 - 2015-07-18 05:57 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-07-30 18:43 - 2015-07-18 05:52 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-07-30 18:43 - 2015-07-18 05:48 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-07-30 18:43 - 2015-07-17 06:23 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-07-30 18:43 - 2015-07-17 06:17 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-07-30 18:43 - 2015-07-17 06:07 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-07-30 18:43 - 2015-07-17 05:39 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-07-30 18:43 - 2015-07-17 05:05 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-07-30 18:43 - 2015-07-17 04:48 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-07-30 18:43 - 2015-07-17 04:39 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-07-30 18:43 - 2015-07-17 04:36 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-07-30 18:43 - 2015-07-17 04:34 - 01601024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-07-30 18:43 - 2015-07-17 04:33 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-07-30 18:43 - 2015-07-17 04:32 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-07-30 18:43 - 2015-07-17 04:31 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-07-30 18:43 - 2015-07-17 04:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-07-30 18:43 - 2015-07-17 04:24 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-07-30 18:43 - 2015-07-17 04:21 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-07-30 18:43 - 2015-07-17 04:19 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-07-30 18:43 - 2015-07-17 04:19 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-07-30 18:43 - 2015-07-17 04:18 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-07-30 18:43 - 2015-07-17 04:00 - 01161728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-07-30 18:43 - 2015-07-17 03:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-07-30 18:43 - 2015-07-17 03:51 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-07-30 18:43 - 2015-07-17 03:50 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-07-30 18:43 - 2015-07-17 03:46 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-07-30 18:43 - 2015-07-17 03:44 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-07-30 18:43 - 2015-07-16 07:11 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-07-30 18:43 - 2015-07-16 06:55 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-07-30 18:43 - 2015-07-16 06:09 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-07-30 18:43 - 2015-07-16 06:04 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-07-30 18:43 - 2015-07-16 06:03 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-07-30 18:43 - 2015-07-16 06:01 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-07-30 18:43 - 2015-07-16 05:48 - 12502016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-07-30 18:43 - 2015-07-16 05:47 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-07-30 18:43 - 2015-07-16 05:45 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-07-30 18:43 - 2015-07-16 05:44 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-07-30 18:43 - 2015-07-16 05:43 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-07-30 18:43 - 2015-07-16 05:41 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-07-30 18:43 - 2015-07-16 05:40 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-07-30 18:43 - 2015-07-16 05:35 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-07-30 18:43 - 2015-07-16 05:33 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-07-30 18:43 - 2015-07-16 05:32 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-07-30 18:43 - 2015-07-16 05:29 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-07-30 18:43 - 2015-07-16 05:27 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-07-30 18:43 - 2015-07-16 05:22 - 11260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-07-30 18:43 - 2015-07-16 05:19 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-07-30 18:43 - 2015-07-15 05:21 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-07-30 18:43 - 2015-07-15 04:49 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-07-30 18:43 - 2015-07-15 04:49 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-07-30 18:43 - 2015-07-15 04:41 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-07-30 18:43 - 2015-07-15 04:22 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-07-30 18:43 - 2015-07-15 04:16 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-07-30 18:43 - 2015-07-15 04:10 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-07-30 18:43 - 2015-07-15 03:59 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-07-30 18:43 - 2015-07-15 03:57 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-07-30 18:43 - 2015-07-15 03:47 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-07-30 18:43 - 2015-07-15 03:43 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-07-30 18:43 - 2015-07-15 03:41 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-07-30 18:43 - 2015-07-15 03:35 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-07-30 18:43 - 2015-07-15 03:34 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-07-30 18:43 - 2015-07-15 03:34 - 01680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-07-30 18:43 - 2015-07-14 03:51 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-07-30 18:43 - 2015-07-14 03:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-07-30 18:43 - 2015-07-14 03:50 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-07-30 18:43 - 2015-07-14 03:49 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-07-30 18:43 - 2015-07-14 03:38 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-07-30 18:43 - 2015-07-14 03:31 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-07-30 18:43 - 2015-07-14 03:20 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-07-30 18:43 - 2015-07-13 01:30 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-07-30 18:43 - 2015-07-12 02:38 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-07-30 18:43 - 2015-07-12 02:25 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-07-30 18:43 - 2015-07-12 02:18 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-07-30 18:43 - 2015-07-12 01:46 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-07-30 18:43 - 2015-07-11 03:28 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-07-30 18:43 - 2015-07-11 03:17 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-07-30 18:43 - 2015-07-11 03:07 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-07-30 18:43 - 2015-07-11 03:05 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-07-30 18:43 - 2015-07-11 03:04 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-07-30 18:43 - 2015-07-11 03:03 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-07-30 18:43 - 2015-07-11 03:02 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-07-30 18:43 - 2015-07-11 02:57 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-07-30 18:43 - 2015-07-11 02:51 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-07-30 18:43 - 2015-07-11 02:43 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-07-30 18:43 - 2015-07-11 02:42 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-07-30 18:43 - 2015-07-11 02:41 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-07-30 18:43 - 2015-07-11 02:40 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-07-30 18:43 - 2015-07-11 02:34 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-07-30 18:43 - 2015-07-10 17:51 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-07-30 18:43 - 2015-07-10 17:47 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-07-30 18:43 - 2015-07-10 17:00 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-07-30 18:43 - 2015-07-10 16:52 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-07-30 18:43 - 2015-07-10 12:05 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-07-30 18:43 - 2015-07-10 11:53 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-07-30 18:43 - 2015-07-10 11:35 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-07-30 18:43 - 2015-07-10 11:31 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-07-30 18:43 - 2015-07-10 11:29 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-07-30 18:42 - 2015-07-26 05:49 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-07-30 18:42 - 2015-07-26 05:40 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-07-30 18:42 - 2015-07-26 05:39 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-07-30 18:42 - 2015-07-26 05:35 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-07-30 18:42 - 2015-07-26 05:30 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-07-30 18:42 - 2015-07-26 05:29 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-07-30 18:42 - 2015-07-24 05:31 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-07-30 18:42 - 2015-07-24 05:18 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-07-30 18:42 - 2015-07-24 05:17 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-07-30 18:42 - 2015-07-24 05:17 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-07-30 18:42 - 2015-07-24 05:17 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-07-30 18:42 - 2015-07-24 05:12 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-07-30 18:42 - 2015-07-24 05:11 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-07-30 18:42 - 2015-07-24 04:55 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-07-30 18:42 - 2015-07-24 04:52 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-07-30 18:42 - 2015-07-24 04:46 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-07-30 18:42 - 2015-07-24 04:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-07-30 18:42 - 2015-07-24 04:34 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-07-30 18:42 - 2015-07-24 04:30 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-07-30 18:42 - 2015-07-24 04:29 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-07-30 18:42 - 2015-07-24 04:24 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-07-30 18:42 - 2015-07-24 04:24 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-07-30 18:42 - 2015-07-24 04:24 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-07-30 18:42 - 2015-07-22 07:15 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-07-30 18:42 - 2015-07-22 06:13 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-07-30 18:42 - 2015-07-22 05:55 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-07-30 18:42 - 2015-07-22 05:21 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-07-30 18:42 - 2015-07-22 05:09 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-07-30 18:42 - 2015-07-19 05:23 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-07-30 18:42 - 2015-07-18 10:47 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-07-30 18:42 - 2015-07-18 09:48 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-07-30 18:42 - 2015-07-18 09:28 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-07-30 18:42 - 2015-07-18 09:28 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-07-30 18:42 - 2015-07-18 09:26 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-07-30 18:42 - 2015-07-18 07:17 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-07-30 18:42 - 2015-07-18 05:50 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-07-30 18:42 - 2015-07-18 05:50 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-07-30 18:42 - 2015-07-18 05:49 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-07-30 18:42 - 2015-07-18 05:49 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-07-30 18:42 - 2015-07-18 05:49 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-07-30 18:42 - 2015-07-18 05:48 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-07-30 18:42 - 2015-07-18 05:47 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-07-30 18:42 - 2015-07-17 06:13 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-07-30 18:42 - 2015-07-17 06:12 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-07-30 18:42 - 2015-07-17 04:39 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-07-30 18:42 - 2015-07-17 04:33 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-07-30 18:42 - 2015-07-17 04:26 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-07-30 18:42 - 2015-07-17 04:19 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-07-30 18:42 - 2015-07-17 04:16 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-07-30 18:42 - 2015-07-17 04:05 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-07-30 18:42 - 2015-07-17 04:05 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-07-30 18:42 - 2015-07-17 03:56 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-07-30 18:42 - 2015-07-16 07:39 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-07-30 18:42 - 2015-07-16 05:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-07-30 18:42 - 2015-07-16 05:36 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-07-30 18:42 - 2015-07-15 04:04 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-07-30 18:42 - 2015-07-15 03:37 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-07-30 18:42 - 2015-07-15 03:27 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-07-30 18:42 - 2015-07-14 05:13 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-07-30 18:42 - 2015-07-14 05:00 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-07-30 18:42 - 2015-07-14 04:37 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-07-30 18:42 - 2015-07-14 04:04 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-07-30 18:42 - 2015-07-14 03:31 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-07-30 18:42 - 2015-07-13 02:01 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-07-30 18:42 - 2015-07-11 03:22 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-07-30 18:42 - 2015-07-11 03:21 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-07-30 18:42 - 2015-07-11 03:03 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-07-30 18:42 - 2015-07-11 03:03 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-07-30 18:42 - 2015-07-11 03:01 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-07-30 18:42 - 2015-07-11 02:41 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-07-30 18:42 - 2015-07-11 02:40 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-07-30 18:42 - 2015-07-11 02:40 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-07-30 18:42 - 2015-07-10 12:59 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-07-30 18:42 - 2015-07-10 12:42 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-07-30 18:42 - 2015-07-10 12:10 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-07-30 18:19 - 2015-07-31 14:09 - 00000000 ___DC C:\WINDOWS\Panther
2015-07-30 18:19 - 2015-07-30 17:24 - 00000000 __SHD C:\Recovery
2015-07-30 18:18 - 2015-08-19 18:20 - 00005214 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Petr-HP-Petr Petr-HP
2015-07-30 18:14 - 2015-07-30 18:14 - 00000000 ____D C:\Windows.old
2015-07-30 18:13 - 2015-07-30 18:13 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-07-30 18:11 - 2015-07-30 18:11 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-07-30 18:11 - 2015-07-30 18:11 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-07-30 18:11 - 2015-07-30 18:11 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-07-30 18:11 - 2015-07-30 18:11 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-07-30 18:11 - 2015-07-30 18:11 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-07-30 18:11 - 2015-07-30 18:11 - 00000000 ____D C:\Program Files\MSBuild
2015-07-30 18:11 - 2015-07-30 18:11 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-07-30 18:11 - 2015-07-30 18:11 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-07-30 18:11 - 2015-07-30 18:11 - 00000000 ____D C:\inetpub
2015-07-30 18:11 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-07-30 18:11 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 18:11 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-07-30 18:11 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-07-30 18:11 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 18:11 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-07-30 18:03 - 2015-07-09 20:39 - 04847104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-07-30 18:03 - 2015-07-09 20:36 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-07-30 18:03 - 2015-07-09 20:28 - 06358016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-07-30 18:03 - 2015-07-09 20:25 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-07-30 18:03 - 2015-07-09 20:25 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-07-30 18:02 - 2015-07-30 18:02 - 00001053 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Volitelné funkce.lnk
2015-07-30 18:02 - 2015-07-30 18:02 - 00000000 ____D C:\Users\Petr\AppData\Local\PeerDistRepub
2015-07-30 17:54 - 2015-07-30 17:54 - 00002400 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-07-30 17:54 - 2015-07-30 17:54 - 00000000 ___RD C:\Users\Petr\OneDrive
2015-07-30 17:54 - 2015-07-30 17:54 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-07-30 17:51 - 2015-07-30 17:51 - 00000000 ____D C:\Users\Petr\AppData\Local\Publishers
2015-07-30 17:50 - 2015-08-24 18:21 - 00000000 ____D C:\Users\Petr\AppData\Local\Packages
2015-07-30 17:50 - 2015-07-30 17:50 - 00000020 ___SH C:\Users\Petr\ntuser.ini
2015-07-30 17:50 - 2015-07-30 17:50 - 00000000 ____D C:\Users\Petr\AppData\Local\TileDataLayer
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Public\Documents\Obrázky
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Public\Documents\Hudba
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Public\Documents\Filmy
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default\Šablony
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default\Poslední
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default\Okolní síť
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default\Dokumenty
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default\Data aplikací
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\ProgramData\Šablony
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\ProgramData\Plocha
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\ProgramData\Oblíbené položky
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\ProgramData\Nabídka Start
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\ProgramData\Dokumenty
2015-07-30 17:43 - 2015-07-30 17:43 - 00000000 _SHDL C:\ProgramData\Data aplikací
2015-07-30 17:42 - 2015-07-30 17:42 - 00022924 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-07-30 17:36 - 2015-07-30 17:36 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2015-07-30 17:36 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-07-30 17:32 - 2015-07-30 17:32 - 00000000 ____D C:\Users\Default\AppData\Roaming\Garmin
2015-07-30 17:32 - 2015-07-30 17:32 - 00000000 ____D C:\Users\Default\AppData\Local\Trusteer
2015-07-30 17:32 - 2015-07-30 17:32 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-07-30 17:32 - 2015-07-30 17:32 - 00000000 ____D C:\Users\Default\AppData\Local\Garmin_Ltd._or_its_subsid
2015-07-30 17:32 - 2015-07-30 17:32 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Garmin
2015-07-30 17:32 - 2015-07-30 17:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Trusteer
2015-07-30 17:32 - 2015-07-30 17:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-07-30 17:32 - 2015-07-30 17:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Garmin_Ltd._or_its_subsid
2015-07-30 17:31 - 2015-07-30 17:31 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-30 17:27 - 2015-07-30 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2015-07-30 17:27 - 2015-07-30 17:27 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-07-30 17:25 - 2015-08-23 18:55 - 00000000 ____D C:\Users\Petr
2015-07-30 17:25 - 2015-07-30 17:50 - 00000000 ___RD C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 _SHDL C:\Users\Petr\Šablony
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 _SHDL C:\Users\Petr\Soubory cookie
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 _SHDL C:\Users\Petr\Poslední
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 _SHDL C:\Users\Petr\Okolní tiskárny
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 _SHDL C:\Users\Petr\Okolní síť
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 _SHDL C:\Users\Petr\Nabídka Start
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 _SHDL C:\Users\Petr\Dokumenty
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 _SHDL C:\Users\Petr\Documents\Obrázky
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 _SHDL C:\Users\Petr\Documents\Hudba
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 _SHDL C:\Users\Petr\Documents\Filmy
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 _SHDL C:\Users\Petr\Data aplikací
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 _SHDL C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-07-30 17:25 - 2015-07-30 17:25 - 00000000 _SHDL C:\Users\Petr\AppData\Local\Data aplikací
2015-07-30 17:25 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-07-30 17:25 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-30 17:25 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-07-30 17:25 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-30 17:24 - 2015-08-27 14:46 - 02030404 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-30 17:24 - 2015-07-30 17:24 - 01940726 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-07-30 17:23 - 2015-07-30 17:27 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-30 17:23 - 2015-07-30 17:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-07-30 17:23 - 2015-07-30 17:23 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-07-30 17:23 - 2015-06-17 08:30 - 06873232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-07-30 17:23 - 2015-06-17 08:30 - 03492168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-07-30 17:23 - 2015-06-17 08:30 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-07-30 17:23 - 2015-06-17 08:30 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-07-30 17:23 - 2015-06-17 08:30 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-07-30 17:23 - 2015-06-17 08:30 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-07-30 17:23 - 2015-06-14 06:18 - 04421614 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-07-30 17:22 - 2015-07-30 17:27 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-30 17:22 - 2015-07-30 17:27 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-07-30 17:22 - 2015-07-30 17:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-30 17:20 - 2015-07-30 17:20 - 00021421 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-07-30 16:58 - 2015-07-30 17:42 - 00010449 _____ C:\WINDOWS\diagerr.xml
2015-07-30 16:58 - 2015-07-30 17:42 - 00009528 _____ C:\WINDOWS\diagwrn.xml

Vicious · #6 Příspěvek od **Vicious** » 27 srp 2015 14:06

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-27 14:46 - 2015-07-10 18:02 - 00838954 _____ C:\WINDOWS\system32\perfh005.dat
2015-08-27 14:46 - 2015-07-10 18:02 - 00191282 _____ C:\WINDOWS\system32\perfc005.dat
2015-08-27 14:43 - 2013-12-31 17:15 - 00000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2015-08-27 14:42 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-27 14:41 - 2015-07-16 13:48 - 00000948 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-27 14:41 - 2011-11-04 00:46 - 00000000 ____D C:\ProgramData\PDFC
2015-08-27 14:40 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-27 14:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-27 14:40 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-27 14:40 - 2011-11-04 00:49 - 00000000 ____D C:\ProgramData\truesuite
2015-08-27 14:11 - 2013-12-29 16:11 - 00000000 ____D C:\VueScan
2015-08-27 13:53 - 2015-07-16 13:48 - 00000952 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-27 13:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-26 19:21 - 2013-12-29 08:44 - 00000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2015-08-26 17:28 - 2013-12-28 21:15 - 00004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BBE54821-8B62-4041-84AB-6F0625AB418C}
2015-08-26 14:14 - 2015-05-06 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2015-08-26 14:10 - 2015-07-10 13:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-08-26 14:09 - 2015-06-27 19:01 - 00000000 ____D C:\AdwCleaner
2015-08-25 19:21 - 2014-11-01 10:26 - 00000000 ____D C:\Program Files\trend micro
2015-08-24 17:41 - 2013-12-29 16:05 - 00000000 ____D C:\RTSStavitel
2015-08-24 16:47 - 2014-01-07 22:28 - 00000000 ____D C:\Users\Petr\AppData\Roaming\.RTS
2015-08-24 14:14 - 2014-06-23 16:46 - 00000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPetr.job
2015-08-23 21:57 - 2014-06-23 16:46 - 00003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForPetr
2015-08-23 21:57 - 2014-01-06 17:30 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-08-23 21:26 - 2014-04-26 20:27 - 00000000 ____D C:\Users\Petr\AppData\Local\Nero
2015-08-23 19:26 - 2013-12-31 12:31 - 00000000 ____D C:\ProgramData\Nero
2015-08-23 18:57 - 2014-03-15 16:14 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-23 18:54 - 2015-01-10 12:06 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-23 18:54 - 2015-01-10 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-23 18:54 - 2015-01-10 12:06 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-23 18:54 - 2014-03-15 16:14 - 00003890 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-23 18:40 - 2015-07-09 14:12 - 00003074 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Petr)
2015-08-23 18:40 - 2014-12-23 19:44 - 00000000 ____D C:\ProgramData\ProductData
2015-08-21 16:47 - 2011-11-04 00:47 - 00003404 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-08-21 16:46 - 2011-11-04 00:47 - 00000000 ____D C:\ProgramData\Norton
2015-08-21 09:30 - 2013-12-28 22:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-20 11:17 - 2013-12-28 22:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-20 11:16 - 2013-12-28 22:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-19 19:06 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-19 16:41 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-10 09:06 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-08-10 09:05 - 2015-07-10 14:20 - 00385496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-10 09:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-10 09:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-04 21:45 - 2015-06-10 16:23 - 00139896 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2015-08-04 21:45 - 2015-05-06 18:44 - 00394584 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2015-07-31 14:05 - 2009-07-14 04:34 - 00000947 _____ C:\WINDOWS\win.ini
2015-07-31 12:34 - 2013-12-28 21:48 - 01424896 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpwtiop5.dll
2015-07-31 12:20 - 2011-11-04 00:47 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2015-07-31 12:13 - 2014-01-05 16:37 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-07-31 12:01 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-07-31 12:01 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-07-31 12:01 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-07-31 12:01 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-07-31 12:01 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-07-31 12:01 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-07-31 12:00 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-07-31 12:00 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-07-31 11:54 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-07-30 18:19 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-07-30 18:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-07-30 18:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-07-30 18:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-07-30 18:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-07-30 18:11 - 2015-07-10 13:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-07-30 18:11 - 2015-07-10 13:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-07-30 18:11 - 2015-07-10 13:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-07-30 18:11 - 2015-07-10 13:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-07-30 18:11 - 2015-07-10 13:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-07-30 18:11 - 2015-07-10 13:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-07-30 18:11 - 2015-07-10 13:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-07-30 18:11 - 2015-07-10 13:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-07-30 18:11 - 2015-07-10 13:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-07-30 18:11 - 2015-07-10 13:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-07-30 18:11 - 2015-07-10 13:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-07-30 18:11 - 2015-07-10 13:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-07-30 18:11 - 2015-07-10 13:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-07-30 18:11 - 2015-07-10 13:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-07-30 18:11 - 2015-07-10 13:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-07-30 18:11 - 2015-07-10 13:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-07-30 18:11 - 2015-07-10 13:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-07-30 18:11 - 2015-07-10 13:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-07-30 18:11 - 2015-07-10 13:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-07-30 18:11 - 2015-07-10 13:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-07-30 18:11 - 2015-07-10 13:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-07-30 18:11 - 2015-07-10 13:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-07-30 18:11 - 2015-07-10 13:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-07-30 18:11 - 2015-07-10 13:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-07-30 18:11 - 2015-07-10 13:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-07-30 18:11 - 2015-07-10 13:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-07-30 18:11 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-07-30 18:11 - 2015-07-10 13:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-07-30 18:11 - 2015-07-10 13:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-07-30 18:11 - 2015-07-10 13:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-07-30 18:11 - 2015-07-10 13:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-07-30 18:11 - 2015-07-10 13:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-07-30 18:11 - 2015-07-10 13:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-07-30 18:11 - 2015-07-10 13:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-07-30 18:11 - 2015-07-10 13:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-07-30 18:11 - 2015-07-10 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-07-30 18:11 - 2015-07-10 13:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-07-30 18:03 - 2015-07-10 18:03 - 00000000 ____D C:\WINDOWS\OCR
2015-07-30 17:51 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-07-30 17:51 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-07-30 17:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-07-30 17:43 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-07-30 17:43 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-07-30 17:42 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-07-30 17:42 - 2015-07-09 14:32 - 00003382 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scan
2015-07-30 17:42 - 2015-07-09 14:32 - 00003326 _____ C:\WINDOWS\System32\Tasks\Driver Booster Update
2015-07-30 17:42 - 2015-06-27 08:43 - 00003432 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2015-07-30 17:42 - 2015-06-25 20:28 - 00003912 _____ C:\WINDOWS\System32\Tasks\TechSmith Updater
2015-07-30 17:42 - 2015-01-10 12:03 - 00003288 _____ C:\WINDOWS\System32\Tasks\{117FCCA9-69D1-4060-8AFF-AEE7721EAA83}
2015-07-30 17:42 - 2014-07-05 08:30 - 00003874 _____ C:\WINDOWS\System32\Tasks\Trigger KMS Activation
2015-07-30 17:42 - 2014-05-08 18:07 - 00003338 _____ C:\WINDOWS\System32\Tasks\{52E16D46-475D-4027-927F-188A15E08F4B}
2015-07-30 17:42 - 2014-04-26 18:23 - 00004270 _____ C:\WINDOWS\System32\Tasks\Petr Nero LIVEBackup 6 0
2015-07-30 17:42 - 2014-04-26 18:23 - 00003832 _____ C:\WINDOWS\System32\Tasks\Petr Nero LIVEBackup Merge 6 0
2015-07-30 17:42 - 2014-04-26 18:23 - 00003582 _____ C:\WINDOWS\System32\Tasks\Petr NBAgent 6 0
2015-07-30 17:42 - 2014-03-23 09:08 - 00003668 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2015-07-30 17:42 - 2014-01-08 16:08 - 00004058 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-30 17:42 - 2014-01-08 16:08 - 00003806 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-30 17:42 - 2014-01-01 09:02 - 00002882 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-07-30 17:42 - 2013-12-30 10:18 - 00003226 _____ C:\WINDOWS\System32\Tasks\{D2104A08-0C6D-4695-A3F1-E407FC3C93EB}
2015-07-30 17:42 - 2013-12-29 16:07 - 00003180 _____ C:\WINDOWS\System32\Tasks\{F5F06FC8-DDEA-43B5-88B3-A72B32228E4E}
2015-07-30 17:42 - 2011-11-04 00:43 - 00003294 _____ C:\WINDOWS\System32\Tasks\HPOSIAPP64
2015-07-30 17:41 - 2015-07-10 13:04 - 00000000 __RSD C:\WINDOWS\Media
2015-07-30 17:41 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-30 17:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-07-30 17:34 - 2015-07-10 18:05 - 00000000 ____D C:\WINDOWS\ShellNew
2015-07-30 17:34 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-30 17:34 - 2015-07-09 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-07-30 17:34 - 2015-06-25 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2015-07-30 17:34 - 2015-05-23 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein The Old Blood
2015-07-30 17:34 - 2014-08-24 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-30 17:34 - 2014-08-24 12:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X7
2015-07-30 17:34 - 2014-08-10 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thief 2014
2015-07-30 17:34 - 2014-05-18 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call Of Duty Modern Warfare 2
2015-07-30 17:34 - 2014-02-01 11:09 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-07-30 17:34 - 2014-01-19 20:53 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2015-07-30 17:34 - 2014-01-13 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FORM studio
2015-07-30 17:34 - 2014-01-08 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-30 17:34 - 2014-01-06 19:49 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoulseekQt
2015-07-30 17:34 - 2014-01-05 16:37 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-07-30 17:34 - 2014-01-01 09:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-30 17:34 - 2013-12-31 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-07-30 17:34 - 2013-12-29 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-30 17:34 - 2013-12-29 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoGet
2015-07-30 17:34 - 2013-12-29 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9
2015-07-30 17:34 - 2013-12-29 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-07-30 17:34 - 2013-12-29 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-07-30 17:34 - 2013-12-29 16:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 11
2015-07-30 17:34 - 2013-12-29 07:06 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2015-07-30 17:34 - 2013-12-28 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-07-30 17:34 - 2013-12-28 22:21 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-30 17:34 - 2013-12-28 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-30 17:34 - 2013-12-28 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-07-30 17:34 - 2013-12-28 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Uživatelské Příručky
2015-07-30 17:34 - 2011-11-04 00:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-07-30 17:34 - 2011-11-04 00:46 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders and Document Viewers
2015-07-30 17:34 - 2011-11-04 00:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager
2015-07-30 17:34 - 2011-11-04 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-07-30 17:34 - 2011-11-04 00:38 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2015-07-30 17:34 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-30 17:32 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-30 17:32 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-30 17:32 - 2011-11-04 00:39 - 00000000 ____D C:\Program Files\IDT
2015-07-30 17:32 - 2009-07-14 05:20 - 00000000 ____D C:\Users\Default.migrated
2015-07-30 17:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-07-30 17:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-07-30 17:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2015-07-30 17:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-07-30 17:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-07-30 17:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-07-30 17:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-07-30 17:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2015-07-30 17:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-07-30 17:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-07-30 17:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\schemas
2015-07-30 17:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-07-30 17:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help
2015-07-30 17:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Cursors
2015-07-30 17:28 - 2013-12-31 09:13 - 00000000 ____D C:\WINDOWS\system32\oodag
2015-07-30 17:28 - 2013-12-29 22:23 - 00000000 __SHD C:\WINDOWS\SysWOW64\%APPDATA%
2015-07-30 17:28 - 2013-12-29 21:45 - 00000000 __SHD C:\WINDOWS\system32\%APPDATA%
2015-07-30 17:28 - 2013-12-28 21:51 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2015-07-30 17:27 - 2015-07-10 13:04 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-07-30 17:27 - 2015-07-10 13:04 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-07-30 17:27 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-30 17:27 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-30 17:27 - 2015-04-12 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REPACKY BY TOMI2K9
2015-07-30 17:27 - 2014-05-31 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2015-07-30 17:27 - 2011-11-04 00:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-07-30 17:27 - 2011-11-04 00:31 - 00000000 ____D C:\Program Files\Microsoft Games
2015-07-30 17:27 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-07-30 17:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-07-30 17:24 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-07-30 17:05 - 2009-07-14 06:45 - 00027568 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-30 17:05 - 2009-07-14 06:45 - 00027568 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-30 16:58 - 2015-07-10 18:24 - 00000000 ___HD C:\$Windows.~BT

==================== Files in the root of some directories =======

2011-11-04 00:48 - 2011-06-10 01:44 - 0002792 _____ () C:\Program Files\HP SimplePass 2011
2013-12-28 21:44 - 2013-12-28 21:56 - 0000777 _____ () C:\ProgramData\hpzinstall.log

Some zero byte size files/folders:
==========================
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS) (Fixed) (Total:461.72 GB) (Free:173.2 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:9.06 GB) (Free:1.06 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: (RTSStavitel2014) (CDROM) (Total:0.14 GB) (Free:0 GB) CDFS
Drive j: (Nový svazek) (Fixed) (Total:460.62 GB) (Free:217.36 GB) NTFS
Drive k: (VERBATIM HD) (Fixed) (Total:931.28 GB) (Free:907.32 GB) FAT32

Available physical RAM: 14296.68 MB
Total physical RAM: 16364.31 MB
Percentage of memory in use: 12%

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForPetr.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\WINDOWS\system32\msln.exe:2f02c8b7c71b44bee60d342be8d7ded7

==================== Security Center ==================

AV: Norton Internet Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Petr\Desktop" je 13 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp
"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent
"C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray
C:\Program Files\OO Software\Defrag\oodtray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete
C:\Program Files (x86)\PDF Complete\pdfsty.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"c:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl11
C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
C:\Program Files\IDT\WDM\sttray64.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk
C:\Windows\INSTAL~1\{3A593~1\app_icon.ico

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Vicious · #7 Příspěvek od **Vicious** » 27 srp 2015 14:08

Additional scan result of Farbar Recovery Scan Tool (x64) Version:26-08-2015
Ran by Petr (2015-08-27 14:50:26)
Running from C:\Users\Petr\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3728237023-1333468553-1728830994-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3728237023-1333468553-1728830994-503 - Limited - Disabled)
Guest (S-1-5-21-3728237023-1333468553-1728830994-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3728237023-1333468553-1728830994-1002 - Limited - Enabled)
Petr (S-1-5-21-3728237023-1333468553-1728830994-1000 - Administrator - Enabled) => C:\Users\Petr

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Alien Isolation version 1.0.0 (HKLM-x32\...\Alien Isolation_is1) (Version: 1.0.0 - REPACKY BY TOMI2K9)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.3.0.116 - AuthenTec, Inc.) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty Ghosts (HKLM-x32\...\Q2FsbG9mRHV0eUdob3N0cw==_is1) (Version: 1 - )
Call Of Duty Modern Warfare 2 verze 1.2 CZ (HKLM-x32\...\{318EAFB5-2019-4A09-811D-33A45A4E71D5}_is1) (Version: 1.2 CZ - tomi2k9)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.1 - Cenega)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Cenega) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
COD - Advanced Warfare (HKLM-x32\...\COD - Advanced Warfare_is1) (Version: 1.2.0.4107 - Activision)
Contents64 (Version: 17.0.0.249 - Corel Corporation) Hidden
Corel VideoStudio Pro X7 (HKLM-x32\...\_{77B3BEA9-835C-4DDF-BCE7-1510271E4E37}) (Version: 17.0.0.249 - Corel Corporation)
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink PowerDVD 11 (HKLM-x32\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.2024.53 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DocMgr (x32 Version: 130.0.000.000 - Název společnosti:) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit)
DVDFab 9.0.4.5 (07/06/2013) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
Elevated Installer (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Garmin Express (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connect Solutions (HKLM-x32\...\{BE1C9464-DEBB-4DA6-B19A-8EC634F22D73}) (Version: 1.0.0.4 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Desktop Keyboard (HKLM-x32\...\HP Keyboard_is1) (Version: 1.0.0.13 - Hewlett-Packard)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MAINSTREAM KEYBOARD (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.4.3.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}) (Version: 5.3.0.194 - Hewlett-Packard)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ICA (x32 Version: 17.0.0.249 - Corel Corporation) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6346.0 - IDT)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IPM_VS_Pro64 (Version: 17.0 - Corel Corporation) Hidden
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
K-Lite Mega Codec Pack 10.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 cs)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 cs)) (Version: 38.2.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nero 2014 (HKLM-x32\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.02200 - Nero AG)
Nero BackItUp 11 Essentials CDPack (HKLM-x32\...\{BD0516DD-705C-441F-A30D-1CC289895309}) (Version: 11.0.00200 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.5.2.15 - Symantec Corporation)
Nuclear Coffee - VideoGet (HKLM-x32\...\VideoGet_is1) (Version: 2012 - Nuclear Coffee)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{3A59346C-DE9E-4F25-BDEE-F8229A2AF582}) (Version: 17.5.559 - O&O Software GmbH)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.63 - Trusteer)
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outlast + DLC Whistleblower verze 1.0 (HKLM-x32\...\Outlast + DLC Whistleblower_is1) (Version: 1.0 - Danik1B9)
Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
Ovládací panel NVIDIA 353.30 (Version: 353.30 - NVIDIA Corporation) Hidden
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5331 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5331 - CyberLink Corp.) Hidden
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rapport (x32 Version: 3.5.1507.63 - Trusteer) Hidden
Recovery Manager (x32 Version: 5.5.0.4222 - CyberLink Corp.) Hidden
RTS Stavitel+ 2013 (HKLM-x32\...\RTS Stavitel+ 2013_is1) (Version: - )
RTS Stavitel+ 2014 (HKLM-x32\...\RTS Stavitel+_is1) (Version: - )
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Setup (x32 Version: 17.0.0.249 - Corel Corporation) Hidden
Seznam Software (HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\SeznamInstall) (Version: - Seznam.cz)
Share64 (Version: 17.0.0.249 - Corel Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Slingo Supreme (x32 Version: 2.2.0.97 - WildTangent) Hidden
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Smarty Uninstaller Pro (HKLM-x32\...\{C20A5184-E994-4CF4-A388-30236A94AD41}_is1) (Version: 3.0.1 - WINner Tweak Software)
Snagit 12 (HKLM-x32\...\{0eba6232-cbfc-4d1b-afdc-bcb615194542}) (Version: 12.2.1.1968 - TechSmith Corporation)
Snagit 12 (x32 Version: 12.2.1 - TechSmith Corporation) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version: - )
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Thief 2014 verze 1.4-4133.3 (HKLM-x32\...\Thief 2014_is1) (Version: 1.4-4133.3 - Repack by Danik1B9)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{2B44F588-2B80-4DD3-B577-B10B3C6865EA}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
VIP Access SDK (1.0.1.4) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.4 - Symantec Inc.)
Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
VSClassic64 (Version: 17.0.0.249 - Corel Corporation) Hidden
VSPro64 (Version: 17.0.0.249 - Corel Corporation) Hidden
VueScan (HKLM\...\VueScan) (Version: - )
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WildTangent Games App for HP (x32 Version: 4.0.11.9 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wolfenstein The Old Blood (HKLM-x32\...\Wolfenstein The Old Blood_is1) (Version: - )
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

06-08-2015 17:43:22 Instalační služba modulů systému Windows
19-08-2015 19:04:09 Naplánovaný kontrolní bod
21-08-2015 09:33:00 Installed Rapport
23-08-2015 18:50:53 Driver Booster : Adobe Flash Player NPAPI
24-08-2015 19:13:59 SmartyUninstall08-24-201519:13:56
26-08-2015 14:13:07 Installed Rapport

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-12-23 19:54 - 2014-12-23 19:53 - 00000790 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.iobit.com
127.0.0.1 www.asc55.iobit.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {023AE001-032E-4BA1-8AAC-590F355AFE75} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {04348BDF-EBDA-4329-AFA1-9FBDC6263BF2} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {060982A2-ECFD-4775-8C61-6F034F974BCF} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {09815EF4-81A0-4884-8356-F4EEFC987493} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe
Task: {0AEB670E-82DA-4887-8DE7-65630C58BF7C} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {1611D121-7B64-40AF-BF38-1F74EB55E852} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1FAA3935-A5D3-487F-A949-AC3BEEFF476C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {218CA032-9F1C-4429-93AB-1B735E0F04AF} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {241D88D1-F9AF-4DEA-9046-8FBE2DB0724E} - System32\Tasks\Petr NBAgent 6 0 => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2011-11-18] (Nero AG)
Task: {31C57815-27A0-4C86-BF03-F4AC961BB00A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-08] (Google Inc.)
Task: {356B2DF7-5AAF-480A-B079-4073A1ADB040} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-23] (Adobe Systems Incorporated)
Task: {35FA3322-1292-4DB0-B960-CBEF29046E4C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {3809F401-9C8E-4283-9F74-5A36F278DCF9} - System32\Tasks\{D2104A08-0C6D-4695-A3F1-E407FC3C93EB} => pcalua.exe -a C:\RTSStavitel\Rozp.exe -d c:\RTSStavitel\
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {42D400CC-4164-4592-B055-461ACCBBC421} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {4D0FF355-5DFF-4978-B15D-94DD0B644C67} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4E7F2AE9-63FA-4C44-9601-9143001920ED} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {58EC59AA-F42F-44EE-A597-030882DE1691} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {5ECC8DD6-1D91-43CB-8073-ABEA8EA93500} - System32\Tasks\Petr Nero LIVEBackup Merge 6 0 => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBCore.exe [2011-11-18] (Nero AG)
Task: {626AFFDA-7341-4976-81B4-727293F038F7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {6F06CB9F-F5C6-407C-B5EA-5F04AC933449} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {701FEBE8-D080-48FF-8790-3F77FD7DD02D} - System32\Tasks\Driver Booster SkipUAC (Petr) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-05-14] (IObit)
Task: {706569C2-EE0C-4602-B41D-FFAC811821E3} - System32\Tasks\{F5F06FC8-DDEA-43B5-88B3-A72B32228E4E} => pcalua.exe -a M:\Start.exe -d M:\
Task: {71FA6689-4987-49CF-9E2D-C6D001032601} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {73B79E09-060B-420C-9E07-6CB8A0FF35CB} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {778D8491-88E3-4B87-ACDA-4D43CDE31F6B} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-05-14] (IObit)
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {797FE70E-D1AD-41F8-B67E-1FE799FEEDEB} - System32\Tasks\{52E16D46-475D-4027-927F-188A15E08F4B} => pcalua.exe -a "C:\Program Files (x86)\RTS Stavitel 2014\Rozp.exe" -d "C:\Program Files (x86)\RTS Stavitel 2014\"
Task: {7BC6FA59-E2F8-42B9-9B4E-1634ECE4656D} - System32\Tasks\HPOSIAPP64 => C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe [2009-02-28] ()
Task: {7CC26949-6F88-4ED1-9877-C623E5958C14} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-08-20] (Nero AG)
Task: {7EB2EF73-3C17-4C32-8225-E536550FC68B} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-04-07] (IObit)
Task: {7ECEFB58-FF9E-410A-B420-8CB099B1B59F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8922D43A-85BE-4EBD-832F-1C03CE5FA94C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {89A17677-59F5-434B-9248-445146887D6A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-15] (Microsoft Corporation)
Task: {919E76FB-43BB-4FA2-AB20-81D95F3CD05E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9333A573-5EC5-4330-8370-1319F89CD85E} - System32\Tasks\Norton Internet Security\Norton Autofix => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {9695DE37-9381-4035-B6F8-6D87A95ACD84} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {9A8A0C82-003A-4757-8674-0B0B27F1FF8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-08] (Google Inc.)
Task: {9AB9104D-D336-4C67-A7B3-19C1141932CA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {9E6EE18D-DE1A-46E4-934B-23439346BCCC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A1CF51B9-9411-4617-AEB0-187E39C1959E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A7FCFDE0-7B73-4AB6-8391-388204C9EA76} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {A8DADF29-6409-4ACD-BB62-B2ED483E1FC3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {A94DE24A-1E68-4248-B6F7-E3F939F0FD2E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {AC618E10-555D-4C0C-8E64-F09E6B67087C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {AE61F653-D831-4E60-B852-2FA5FE3720F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B0705654-7C26-4EAF-81C8-510A5A9D5C45} - System32\Tasks\HPCeeScheduleForPetr => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {B90B3A32-D90E-418B-9CF2-FBE32EEDC5A9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {B9D4BD75-250A-4423-B91C-D9D65DAD2889} - System32\Tasks\{117FCCA9-69D1-4060-8AFF-AEE7721EAA83} => pcalua.exe -a "J:\Downloads\Firefox\chromeinstall-8u25 (1).exe" -d J:\Downloads\Firefox
Task: {BDB9D624-1D28-4E0C-AFA7-CF02216C3EFE} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2014-07-31] (TechSmith Corporation)
Task: {C2E78BE0-A9BC-41E0-9441-66D4F84F5DE6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C33A8D5A-9B4A-403C-9DAC-C74D6D66A849} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {C426D090-3527-4A6A-9672-543C88D1FE78} - System32\Tasks\Petr Nero LIVEBackup 6 0 => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBCore.exe [2011-11-18] (Nero AG)
Task: {C4535B3A-90BA-4974-BEFC-60461E871949} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CB3E8E3D-D047-4596-BB4E-D01F53CF4322} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {CB515FBA-B231-4C33-8453-33D7BFDAF82C} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Petr-HP-Petr Petr-HP => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-06-26] (Microsoft Corporation)
Task: {D7E0CF17-06D5-44F2-B771-80EF50DB8F9A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {D9454F17-4A65-4B1D-B844-E10016885D11} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D9CEC22A-9AF0-4494-AAEF-E1D4EA16F9F0} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> No File <==== ATTENTION
Task: {D9DBEA6A-3973-4C77-AA14-45BB43A0DDD9} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {DA8317C0-F9F6-4136-9D31-B55F53C08A4D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {DBB2270E-8D38-4611-923A-54DAA084D826} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {DE8E470B-B711-49EF-92B8-C1C568EBAB23} - System32\Tasks\Trigger KMS Activation => N:\Programy\Microsoft Office Professional Plus 2013 CZ EN 64bit\aktivator - KMSnano v19 Final\TriggerKMS.exe
Task: {E03820A8-5DB7-4080-A9AF-094B3DDCACA3} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {E94C3401-950B-4F98-BD59-6E68F2E778CB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {F245C407-79D9-4F1C-9758-651D2E6B7731} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {F935AC6E-0916-474E-94C4-0965C2CC90A8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {F9F771A6-4B0B-49BB-8DEB-F84DBC12D227} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForPetr.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-30 18:42 - 2015-07-15 04:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-30 17:23 - 2015-06-17 08:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-30 18:42 - 2015-07-11 03:22 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-12-29 16:20 - 2011-08-24 03:13 - 00083240 _____ () C:\Program Files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
2015-08-06 11:24 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-06 11:24 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2011-11-04 00:43 - 2009-02-28 04:13 - 00053248 _____ () C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-06 11:24 - 2015-08-02 03:37 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:05 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-06 11:24 - 2015-08-02 03:34 - 01806848 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-06 11:24 - 2015-08-02 03:35 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-12-29 16:20 - 2011-08-26 06:57 - 00260096 _____ () C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\sqlite3.dll
2015-07-21 17:02 - 2015-07-21 17:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2015-08-22 07:54 - 2015-08-18 07:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-22 07:54 - 2015-08-18 07:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\msln.exe:2f02c8b7c71b44bee60d342be8d7ded7

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\cpzp.cz -> hxxps://portal.cpzp.cz
IE trusted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\ozp.cz -> hxxps://portal.ozp.cz
IE trusted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\portalzp.cz -> hxxps://www.portalzp.cz
IE trusted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\rbp-zp.cz -> hxxps://portal.rbp-zp.cz
IE trusted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\vozp.cz -> hxxps://portal.vozp.cz
IE trusted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\zpskoda.cz -> hxxps://portal.zpskoda.cz

IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\123simsen.com -> www.123simsen.com

There are 7865 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk => C:\Windows\pss\O&O Defrag Tray.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: QuickTime Task => "c:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl11 => C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
MSCONFIG\startupreg: SDTray =>
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "hpsysdrv"
HKLM\...\StartupApproved\Run: => "SysTrayApp"
HKLM\...\StartupApproved\Run: => "OODefragTray"
HKLM\...\StartupApproved\Run32: => "HP KEYBOARDx"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "LaunchHPOSIAPP"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{A5ADE723-CABC-47A9-85D0-1B8A22224834}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{5B281E09-3ACC-44EA-A573-18FD41B107A6}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{AFC7E52E-4377-442A-9400-00861F1A2DBB}] => (Allow) LPort=8298
FirewallRules: [{E2D8E430-E45A-4249-8287-259932096EEC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A33369A5-15B1-4DA7-A58B-2EF9A2E5972E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C48F1200-988A-456B-BBD0-6E024FFB7867}] => (Allow) c:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{8D012018-2223-48A2-9D0C-07F7A6EDD785}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{4B823BE3-BE41-4850-9999-BB3FDE7B790F}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{DEEBBE50-D429-4D1D-8CEC-45F2E6A10F7C}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{F9F545E4-715D-4F3A-A028-FDA22ECF4ACD}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [UDP Query User{CA41E80F-1A97-4AA3-84AD-F69730D5F712}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [TCP Query User{5D42BD8A-EE1F-45C6-8440-18F17CB0129C}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{F11F60CD-D938-4A96-8CD4-F8AF01C6B1A1}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{952F3C77-1A96-4324-A285-C4B33A046C31}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{848A993D-92F0-4CC2-9C4F-1503AE96B4AF}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{9FE3C1C7-7C65-45E9-9BDE-4874E33F57DD}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{EA6807E4-8B78-4CEF-B654-870F2B1CE563}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{2FD9914D-617A-498A-AEC0-51F62B9FAC8B}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{52CA0B6B-8169-4969-9999-7EFB147FE65C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B24F66A9-C7FB-480A-92E2-6BFD85B65C41}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{C1904D0D-B8A4-4143-9230-160D2CED2A44}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
FirewallRules: [{AE7B9339-4076-4625-BF6A-759461EC9A17}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
FirewallRules: [{D65F2875-514A-49E1-8E1D-DEECA8563F6B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11.exe
FirewallRules: [{5E75505F-BD17-4806-A50A-A3CB8D56C517}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD11\Movie\PowerDVD Cinema\PowerDVDCinema11.exe
FirewallRules: [{E196FACE-C06E-4DEE-BDF5-1A1E20126730}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{50ADBC03-A837-433F-B71E-BE65FABA6BA0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C753308B-BA88-47D7-AD92-DAC012D53D37}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2D674F9E-53CD-48C7-A8CB-846BB747442F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{93E04CA1-C8DB-4031-8D4C-7521B21B0BFA}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{ECC2B857-8C6B-47B2-A667-2B3AA24966DE}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{74F814D1-9B71-47FD-868D-55F94878162A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{0D863FD1-5FA2-4D79-9AB9-488E299841D6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{7C8AD935-5AE8-4C13-9493-3507B03605B2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{01A11231-C451-4E3C-B3E6-0BBAD48B3F0A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{0C24DC57-0E43-48E7-B412-B2E5CCC3845C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{15D320FB-0A61-4324-8767-80ED776C2781}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{66B38B65-D35F-44F9-B2A6-1D6D5FD9556F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{3541FF1E-5DE8-4B5D-AE65-C8E9F659DA0B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{A67034D1-9CA1-449B-AF15-9E7A769E9750}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{31470D09-4049-48F9-A7A9-FAA6EDB430AD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{2A6C5C83-D6A6-41FA-9EF5-D2E2CE6A907E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{8B7E748E-1647-4BDE-A7D6-22776930F1D0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{4E9E197C-C99A-4961-8EFE-273DE6DE7A98}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{9E30AA4D-8907-4F32-A590-8F0C01C7A176}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{621144AD-DD70-4871-BB3B-41F7613D7A3A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{C19035A2-4F6C-49BB-9686-53A824A50498}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{685AD8B4-2918-4053-9866-C93AB9142053}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/27/2015 02:43:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OHub.exe, verze: 16.0.6106.2350, časové razítko: 0x55c40ea1
Název chybujícího modulu: ntdll.dll, verze: 10.0.10240.16392, časové razítko: 0x55a864a2
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ea28c
ID chybujícího procesu: 0x1f68
Čas spuštění chybující aplikace: 0xOHub.exe0
Cesta k chybující aplikaci: OHub.exe1
Cesta k chybujícímu modulu: OHub.exe2
ID zprávy: OHub.exe3
Úplný název chybujícího balíčku: OHub.exe4
ID aplikace související s chybujícím balíčkem: OHub.exe5

Error: (08/27/2015 02:40:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TrueSuiteService.exe, verze: 5.3.0.194, časové razítko: 0x4df09290
Název chybujícího modulu: TrueSuiteService.exe, verze: 5.3.0.194, časové razítko: 0x4df09290
Kód výjimky: 0xc0000417
Posun chyby: 0x0001280a
ID chybujícího procesu: 0x430
Čas spuštění chybující aplikace: 0xTrueSuiteService.exe0
Cesta k chybující aplikaci: TrueSuiteService.exe1
Cesta k chybujícímu modulu: TrueSuiteService.exe2
ID zprávy: TrueSuiteService.exe3
Úplný název chybujícího balíčku: TrueSuiteService.exe4
ID aplikace související s chybujícím balíčkem: TrueSuiteService.exe5

Error: (08/27/2015 02:39:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Petr-HP)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/27/2015 01:55:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 44.0.2403.157, časové razítko: 0x55d29eef
Název chybujícího modulu: ntdll.dll, verze: 10.0.10240.16392, časové razítko: 0x55a85cc1
Kód výjimky: 0xc0000005
Posun chyby: 0x00045e93
ID chybujícího procesu: 0x1f8c
Čas spuštění chybující aplikace: 0xchrome.exe0
Cesta k chybující aplikaci: chrome.exe1
Cesta k chybujícímu modulu: chrome.exe2
ID zprávy: chrome.exe3
Úplný název chybujícího balíčku: chrome.exe4
ID aplikace související s chybujícím balíčkem: chrome.exe5

Error: (08/27/2015 01:45:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OHub.exe, verze: 16.0.6106.2350, časové razítko: 0x55c40ea1
Název chybujícího modulu: ntdll.dll, verze: 10.0.10240.16392, časové razítko: 0x55a864a2
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ea28c
ID chybujícího procesu: 0x1618
Čas spuštění chybující aplikace: 0xOHub.exe0
Cesta k chybující aplikaci: OHub.exe1
Cesta k chybujícímu modulu: OHub.exe2
ID zprávy: OHub.exe3
Úplný název chybujícího balíčku: OHub.exe4
ID aplikace související s chybujícím balíčkem: OHub.exe5

Error: (08/26/2015 02:16:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OHub.exe, verze: 16.0.6106.2350, časové razítko: 0x55c40ea1
Název chybujícího modulu: ntdll.dll, verze: 10.0.10240.16392, časové razítko: 0x55a864a2
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ea28c
ID chybujícího procesu: 0x1dfc
Čas spuštění chybující aplikace: 0xOHub.exe0
Cesta k chybující aplikaci: OHub.exe1
Cesta k chybujícímu modulu: OHub.exe2
ID zprávy: OHub.exe3
Úplný název chybujícího balíčku: OHub.exe4
ID aplikace související s chybujícím balíčkem: OHub.exe5

Error: (08/26/2015 02:13:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (08/26/2015 02:11:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TrueSuiteService.exe, verze: 5.3.0.194, časové razítko: 0x4df09290
Název chybujícího modulu: TrueSuiteService.exe, verze: 5.3.0.194, časové razítko: 0x4df09290
Kód výjimky: 0xc0000417
Posun chyby: 0x0001280a
ID chybujícího procesu: 0x48c
Čas spuštění chybující aplikace: 0xTrueSuiteService.exe0
Cesta k chybující aplikaci: TrueSuiteService.exe1
Cesta k chybujícímu modulu: TrueSuiteService.exe2
ID zprávy: TrueSuiteService.exe3
Úplný název chybujícího balíčku: TrueSuiteService.exe4
ID aplikace související s chybujícím balíčkem: TrueSuiteService.exe5

Error: (08/26/2015 02:05:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OHub.exe, verze: 16.0.6106.2350, časové razítko: 0x55c40ea1
Název chybujícího modulu: ntdll.dll, verze: 10.0.10240.16392, časové razítko: 0x55a864a2
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ea28c
ID chybujícího procesu: 0x1188
Čas spuštění chybující aplikace: 0xOHub.exe0
Cesta k chybující aplikaci: OHub.exe1
Cesta k chybujícímu modulu: OHub.exe2
ID zprávy: OHub.exe3
Úplný název chybujícího balíčku: OHub.exe4
ID aplikace související s chybujícím balíčkem: OHub.exe5

Error: (08/25/2015 03:33:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HTM_Procs.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: HTM_Procs.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000409
Posun chyby: 0x001bedfd
ID chybujícího procesu: 0x1538
Čas spuštění chybující aplikace: 0xHTM_Procs.exe0
Cesta k chybující aplikaci: HTM_Procs.exe1
Cesta k chybujícímu modulu: HTM_Procs.exe2
ID zprávy: HTM_Procs.exe3
Úplný název chybujícího balíčku: HTM_Procs.exe4
ID aplikace související s chybujícím balíčkem: HTM_Procs.exe5

System errors:
=============
Error: (08/27/2015 02:44:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (08/27/2015 02:44:05 PM) (Source: DCOM) (EventID: 10016) (User: Petr-HP)
Description: výchozí pro počítačMístníAktivace{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Petr-HPPetrS-1-5-21-3728237023-1333468553-1728830994-1000LocalHost (pomocí LRPC)Microsoft.WindowsStore_2015.8.12.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (08/27/2015 02:42:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TrueSuiteService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/27/2015 02:41:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Adaptér naslouchání Net.Tcp závisí na službě Služba sdílení portů Net.Tcp, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (08/27/2015 02:39:49 PM) (Source: DCOM) (EventID: 10010) (User: Petr-HP)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (08/27/2015 02:39:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_Session2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (08/27/2015 02:39:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_Session2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (08/27/2015 02:39:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_Session2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (08/27/2015 02:39:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session2 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (08/26/2015 09:03:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CyberLink PowerDVD 11.0 Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Microsoft Office:
=========================
Error: (08/27/2015 02:43:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1ntdll.dll10.0.10240.1639255a864a2c000037400000000000ea28c1f6801d0e0c5fffb4eafC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dll51b9d547-9845-426c-a239-2027229e79d8Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub

Error: (08/27/2015 02:40:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TrueSuiteService.exe5.3.0.1944df09290TrueSuiteService.exe5.3.0.1944df09290c00004170001280a43001d0e0c59bece225C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exeC:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe2db70826-8725-443a-9319-85a14a6397f0

Error: (08/27/2015 02:39:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Petr-HP)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927141

Error: (08/27/2015 01:55:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe44.0.2403.15755d29eefntdll.dll10.0.10240.1639255a85cc1c000000500045e931f8c01d0e0bf2473c3e2C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\WINDOWS\SYSTEM32\ntdll.dll5c56a3e5-89a3-4db6-9bf7-5c9277cb24a0

Error: (08/27/2015 01:45:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1ntdll.dll10.0.10240.1639255a864a2c000037400000000000ea28c161801d0e0bdc529c677C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dllb866b613-aee4-4c26-ac06-c9e875a69095Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub

Error: (08/26/2015 02:16:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1ntdll.dll10.0.10240.1639255a864a2c000037400000000000ea28c1dfc01d0dff910658d2dC:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dllb8e4df91-9afc-4aae-bd1c-aa820a4d186cMicrosoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub

Error: (08/26/2015 02:13:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.

Error: (08/26/2015 02:11:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TrueSuiteService.exe5.3.0.1944df09290TrueSuiteService.exe5.3.0.1944df09290c00004170001280a48c01d0dff844ca8263C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exeC:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exedecaf8c0-3880-4a83-9e97-49cca72e95c0

Error: (08/26/2015 02:05:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OHub.exe16.0.6106.235055c40ea1ntdll.dll10.0.10240.1639255a864a2c000037400000000000ea28c118801d0dff77f0b9df9C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbwe\OHub.exeC:\WINDOWS\SYSTEM32\ntdll.dll15e842a3-09b2-438c-a3c5-edb870b55229Microsoft.MicrosoftOfficeHub_17.6106.23501.0_x64__8wekyb3d8bbweMicrosoft.MicrosoftOfficeHub

Error: (08/25/2015 03:33:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HTM_Procs.exe0.0.0.000000000HTM_Procs.exe0.0.0.000000000c0000409001bedfd153801d0df3a90d196aeM:\Install\utils\demo\HTM_Procs.exeM:\Install\utils\demo\HTM_Procs.exe8d124090-b569-4059-8405-6554492dcb46

CodeIntegrity:
===================================
Date: 2015-07-31 19:16:56.349
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-07-31 19:16:56.324
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2015-07-31 19:16:56.296
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2015-07-31 19:16:56.249
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-07-31 19:16:56.235
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2015-07-31 19:16:56.205
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2015-07-31 19:16:55.497
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2015-07-31 19:16:55.346
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2015-07-31 19:13:34.639
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2015-07-31 19:13:34.614
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 12%
Total physical RAM: 16364.31 MB
Available physical RAM: 14296.68 MB
Total Virtual: 17388.31 MB
Available Virtual: 15133.4 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:461.72 GB) (Free:173.2 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:9.06 GB) (Free:1.06 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: (RTSStavitel2014) (CDROM) (Total:0.14 GB) (Free:0 GB) CDFS
Drive j: (Nový svazek) (Fixed) (Total:460.62 GB) (Free:217.36 GB) NTFS
Drive k: (VERBATIM HD) (Fixed) (Total:931.28 GB) (Free:907.32 GB) FAT32

#8 Příspěvek od **altrok** » 27 srp 2015 19:37

Odinstalujte stare verze javy a tu aktualni overte na java.com/verify

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {0b7d1de4-49bf-11e5-9bcc-806e6f6e6963} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {0b7d1e2b-49bf-11e5-9bcc-806e6f6e6963} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {0b7d1e65-49bf-11e5-9bcc-806e6f6e6963} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {0b7d1eb1-49bf-11e5-9bcc-806e6f6e6963} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {1e5b0dac-3f2e-11e5-9bc8-3860774043b7} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {96aaf14b-4a59-11e5-9bcd-806e6f6e6963} - "M:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {9aeefe31-4a89-11e5-9bce-806e6f6e6963} - "M:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {ca377faa-4cb8-11e5-9bd0-806e6f6e6963} - "F:\Start.exe" 
FF NetworkProxy: "type", 0
2015-08-27 14:48 - 2015-08-27 14:48 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2015-08-26 14:06 - 2015-08-26 14:08 - 01605632 _____ C:\Users\Petr\Desktop\adwcleaner_5.003.exe
2015-08-25 19:21 - 2015-08-25 19:21 - 00000000 ____D C:\rsit
2015-08-25 19:20 - 2015-08-25 19:20 - 01222144 _____ C:\Users\Petr\Desktop\RSITx64.exe
2015-08-26 14:09 - 2015-06-27 19:01 - 00000000 ____D C:\AdwCleaner
2015-08-25 19:21 - 2014-11-01 10:26 - 00000000 ____D C:\Program Files\trend micro

C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe

AlternateDataStreams: C:\WINDOWS\system32\msln.exe:2f02c8b7c71b44bee60d342be8d7ded7
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
Task: {0AEB670E-82DA-4887-8DE7-65630C58BF7C} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Program Files\Enigma Software Group
Task: {3809F401-9C8E-4283-9F74-5A36F278DCF9} - System32\Tasks\{D2104A08-0C6D-4695-A3F1-E407FC3C93EB} => pcalua.exe -a C:\RTSStavitel\Rozp.exe -d c:\RTSStavitel\
Task: {706569C2-EE0C-4602-B41D-FFAC811821E3} - System32\Tasks\{F5F06FC8-DDEA-43B5-88B3-A72B32228E4E} => pcalua.exe -a M:\Start.exe -d M:\
Task: {B9D4BD75-250A-4423-B91C-D9D65DAD2889} - System32\Tasks\{117FCCA9-69D1-4060-8AFF-AEE7721EAA83} => pcalua.exe -a "J:\Downloads\Firefox\chromeinstall-8u25 (1).exe" -d J:\Downloads\Firefox
Task: {DE8E470B-B711-49EF-92B8-C1C568EBAB23} - System32\Tasks\Trigger KMS Activation => N:\Programy\Microsoft Office Professional Plus 2013 CZ EN 64bit\aktivator - KMSnano v19 Final\TriggerKMS.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
File: %WinDir%\SECOH-QAD.exe
EmptyTemp:
End

Vicious · #9 Příspěvek od **Vicious** » 27 srp 2015 20:54

Fix result of Farbar Recovery Scan Tool (x64) Version:27-08-2015
Ran by Petr (2015-08-27 21:48:15) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {0b7d1de4-49bf-11e5-9bcc-806e6f6e6963} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {0b7d1e2b-49bf-11e5-9bcc-806e6f6e6963} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {0b7d1e65-49bf-11e5-9bcc-806e6f6e6963} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {0b7d1eb1-49bf-11e5-9bcc-806e6f6e6963} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {1e5b0dac-3f2e-11e5-9bc8-3860774043b7} - "F:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {96aaf14b-4a59-11e5-9bcd-806e6f6e6963} - "M:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {9aeefe31-4a89-11e5-9bce-806e6f6e6963} - "M:\Start.exe"
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\...\MountPoints2: {ca377faa-4cb8-11e5-9bd0-806e6f6e6963} - "F:\Start.exe"
FF NetworkProxy: "type", 0
2015-08-27 14:48 - 2015-08-27 14:48 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2015-08-26 14:06 - 2015-08-26 14:08 - 01605632 _____ C:\Users\Petr\Desktop\adwcleaner_5.003.exe
2015-08-25 19:21 - 2015-08-25 19:21 - 00000000 ____D C:\rsit
2015-08-25 19:20 - 2015-08-25 19:20 - 01222144 _____ C:\Users\Petr\Desktop\RSITx64.exe
2015-08-26 14:09 - 2015-06-27 19:01 - 00000000 ____D C:\AdwCleaner
2015-08-25 19:21 - 2014-11-01 10:26 - 00000000 ____D C:\Program Files\trend micro

C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe

AlternateDataStreams: C:\WINDOWS\system32\msln.exe:2f02c8b7c71b44bee60d342be8d7ded7
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
Task: {0AEB670E-82DA-4887-8DE7-65630C58BF7C} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Program Files\Enigma Software Group
Task: {3809F401-9C8E-4283-9F74-5A36F278DCF9} - System32\Tasks\{D2104A08-0C6D-4695-A3F1-E407FC3C93EB} => pcalua.exe -a C:\RTSStavitel\Rozp.exe -d c:\RTSStavitel\
Task: {706569C2-EE0C-4602-B41D-FFAC811821E3} - System32\Tasks\{F5F06FC8-DDEA-43B5-88B3-A72B32228E4E} => pcalua.exe -a M:\Start.exe -d M:\
Task: {B9D4BD75-250A-4423-B91C-D9D65DAD2889} - System32\Tasks\{117FCCA9-69D1-4060-8AFF-AEE7721EAA83} => pcalua.exe -a "J:\Downloads\Firefox\chromeinstall-8u25 (1).exe" -d J:\Downloads\Firefox
Task: {DE8E470B-B711-49EF-92B8-C1C568EBAB23} - System32\Tasks\Trigger KMS Activation => N:\Programy\Microsoft Office Professional Plus 2013 CZ EN 64bit\aktivator - KMSnano v19 Final\TriggerKMS.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
File: %WinDir%\SECOH-QAD.exe
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value removed successfully
HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
"HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0b7d1de4-49bf-11e5-9bcc-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{0b7d1de4-49bf-11e5-9bcc-806e6f6e6963} => key not found.
"HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0b7d1e2b-49bf-11e5-9bcc-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{0b7d1e2b-49bf-11e5-9bcc-806e6f6e6963} => key not found.
"HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0b7d1e65-49bf-11e5-9bcc-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{0b7d1e65-49bf-11e5-9bcc-806e6f6e6963} => key not found.
"HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0b7d1eb1-49bf-11e5-9bcc-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{0b7d1eb1-49bf-11e5-9bcc-806e6f6e6963} => key not found.
"HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e5b0dac-3f2e-11e5-9bc8-3860774043b7}" => key removed successfully
HKCR\CLSID\{1e5b0dac-3f2e-11e5-9bc8-3860774043b7} => key not found.
"HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96aaf14b-4a59-11e5-9bcd-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{96aaf14b-4a59-11e5-9bcd-806e6f6e6963} => key not found.
"HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9aeefe31-4a89-11e5-9bce-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{9aeefe31-4a89-11e5-9bce-806e6f6e6963} => key not found.
"HKU\S-1-5-21-3728237023-1333468553-1728830994-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ca377faa-4cb8-11e5-9bd0-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{ca377faa-4cb8-11e5-9bd0-806e6f6e6963} => key not found.
Firefox Proxy settings were reset.
"C:\Users\Petr\Desktop\FRSTLauncher.exe" => File/Folder not found.
C:\Users\Petr\Desktop\adwcleaner_5.003.exe => moved successfully
C:\rsit => moved successfully
C:\Users\Petr\Desktop\RSITx64.exe => moved successfully
C:\AdwCleaner => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Windows\logo1_.exe => moved successfully
C:\Windows\logo_1.exe => moved successfully
C:\Windows\RUNDL132.EXE => moved successfully
C:\Windows\rundll16.exe => moved successfully
C:\Windows\VDLL.DLL => moved successfully
C:\Windows\SysWOW64\runouce.exe => moved successfully
C:\WINDOWS\system32\msln.exe => ":2f02c8b7c71b44bee60d342be8d7ded7" ADS removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0 => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0 => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0AEB670E-82DA-4887-8DE7-65630C58BF7C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AEB670E-82DA-4887-8DE7-65630C58BF7C}" => key removed successfully
C:\WINDOWS\System32\Tasks\SpyHunter4Startup => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup" => key removed successfully
"C:\Program Files\Enigma Software Group" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3809F401-9C8E-4283-9F74-5A36F278DCF9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3809F401-9C8E-4283-9F74-5A36F278DCF9}" => key removed successfully
C:\WINDOWS\System32\Tasks\{D2104A08-0C6D-4695-A3F1-E407FC3C93EB} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D2104A08-0C6D-4695-A3F1-E407FC3C93EB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{706569C2-EE0C-4602-B41D-FFAC811821E3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{706569C2-EE0C-4602-B41D-FFAC811821E3}" => key removed successfully
C:\WINDOWS\System32\Tasks\{F5F06FC8-DDEA-43B5-88B3-A72B32228E4E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F5F06FC8-DDEA-43B5-88B3-A72B32228E4E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9D4BD75-250A-4423-B91C-D9D65DAD2889}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9D4BD75-250A-4423-B91C-D9D65DAD2889}" => key removed successfully
C:\WINDOWS\System32\Tasks\{117FCCA9-69D1-4060-8AFF-AEE7721EAA83} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{117FCCA9-69D1-4060-8AFF-AEE7721EAA83}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DE8E470B-B711-49EF-92B8-C1C568EBAB23}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE8E470B-B711-49EF-92B8-C1C568EBAB23}" => key removed successfully
C:\WINDOWS\System32\Tasks\Trigger KMS Activation => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trigger KMS Activation" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully

========================= File: %WinDir%\SECOH-QAD.exe ========================

"%WinDir%\SECOH-QAD.exe" => not found.
====== End of File: ======

EmptyTemp: => 427.4 MB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 21:49:05 ====

#10 Příspěvek od **altrok** » 27 srp 2015 21:04

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

Vicious · #11 Příspěvek od **Vicious** » 28 srp 2015 07:21

Díky moc.

#12 Příspěvek od **altrok** » 28 srp 2015 08:20

Nemate zac, rad jsem pomohl

Mejte se krasne a treba zase nekdy

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu