VIRY.CZ

Dobrý večér,
O5 se obracím zde s prosbou:
Vícekrát mi antivirus vyhazoval hlášku že zablokoval utok z nejake adresy přesměroval mě na tuto stránku s infem o parazitov--> https://www.symantec.com/security_respo ... 15-5319-99
FlashDisk jsem projel antivirákem,vyformátoval a bohužél nic..

LOG z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jakub at 2016-01-08 16:52:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 20 GB (26%) free of 76 GB
Total RAM: 3970 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:53:00, on 8.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Windows\system32\IRMonitor.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jakub.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [hds] wscript.exe //B "C:\Users\Jakub\AppData\Local\Temp\hds.vbs"
O4 - Startup: hds.vbs
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Realtek11nCU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11800 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe"
taskeng.exe {44959218-93A5-4526-9404-80D9E515AC03}
taskeng.exe {CC8A2F68-4114-49D0-9CF9-3A0851501E60}
C:\Windows\system32\IRMonitor.exe
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open
"C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe" -onlytray
"C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe"
"C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe" -hide
"C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe"
"C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe" /H
"C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe" -hide
"C:\Windows\system32\GWX\GWX.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\wscript.exe" //B "C:\Users\Jakub\AppData\Local\Temp\hds.vbs"
"C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe" /c /a /s UserSession
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3176
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"" "--start" "--register_port" "--address" "127.0.0.1" "--port" "49331" "--pause_on_user_switching" "--depend_on_key" "SYSTEM\CurrentControlSet\Services\ESRV_SVC_WILLAMETTE" "--depend_on_value" "run" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=no output_folder='C:\ProgramData\Intel\SUR\WILLAMETTE\IntelData\userlogs' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll' "
\??\C:\Windows\system32\conhost.exe "76069688-505656815-21405535601395410786-9657591921203304156-57971878-942867918
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-735d8409-0203-40ea-be28-ef7be237aa17 -SystemEventPortName:HostProcess-c2945f15-4b53-4ff1-8c6d-89e6e6a9c7c3 -IoCancelEventPortName:HostProcess-a4c4daf6-d3ce-4d41-a6be-122f9e362002 -NonStateChangingEventPortName:HostProcess-d0c0dd22-36c6-4efa-8716-dcfbd99d4300 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c6d240cb-c171-4146-a886-9e7f8639db7e -DeviceGroupId:WpdFsGroup
"C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe" "--AUTO_START" "--start" "--address" "127.0.0.1" "--port" "49330" "--depend_on_key" "SYSTEM\CurrentControlSet\Services\ESRV_SVC_WILLAMETTE" "--depend_on_value" "run" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=w output_folder='C:\ProgramData\Intel\SUR\WILLAMETTE\IntelData' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll','process_input_options.txt' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll','service=yes' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll','pause=60000 working_dir=C:\ProgramData\Intel\SUR\WILLAMETTE\IntelData override_existing_tracing=no limit_output_by_filesize_mb=10' os='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\os_counters.txt' "
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3348.0.1067045973\721377688" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3348.1.899875474\280060481" --font-cache-shared-handle=1792 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3348.2.2031552800\1988404343" --font-cache-shared-handle=1896 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3348.3.893962478\1530759601" --font-cache-shared-handle=1892 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3348.4.801436226\482842570" --font-cache-shared-handle=2108 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3348.5.196824978\575326398" --font-cache-shared-handle=2184 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3348.7.162026461\1724845739" --font-cache-shared-handle=2696 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3348.10.1377793405\247235482" --font-cache-shared-handle=7248 /prefetch:673131151

C:\Windows\system32\sppsvc.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Jakub\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05 1038648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05 794424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-29 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-29 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05 1038648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05 794424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-11-13 173672]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2015-11-13 401512]
"Persistence"=C:\Windows\system32\igfxpers.exe [2015-11-13 444008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-12-08 8590760]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"hds"=wscript.exe //B C:\Users\Jakub\AppData\Local\Temp\hds.vbs []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-02-09 5015040]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12 49208]
""= []
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-11-09 596528]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe

C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
hds.vbs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2015-11-13 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-01-08 16:43:51 ----D---- C:\rsit
2016-01-08 16:43:51 ----D---- C:\Program Files\trend micro
2016-01-08 16:02:13 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2016-01-08 16:02:01 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll
2016-01-08 16:02:01 ----A---- C:\Windows\system32\GEARAspi64.dll
2016-01-08 16:01:26 ----D---- C:\Windows\system32\drivers\NBRTWizardx64
2016-01-08 16:01:24 ----D---- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
2016-01-08 13:41:53 ----SHD---- C:\$RECYCLE.BIN
2016-01-08 13:41:47 ----A---- C:\ComboFix.txt
2016-01-08 13:31:09 ----A---- C:\Windows\zip.exe
2016-01-08 13:31:09 ----A---- C:\Windows\SWSC.exe
2016-01-08 13:31:09 ----A---- C:\Windows\SWREG.exe
2016-01-08 13:31:09 ----A---- C:\Windows\sed.exe
2016-01-08 13:31:09 ----A---- C:\Windows\PEV.exe
2016-01-08 13:31:09 ----A---- C:\Windows\NIRCMD.exe
2016-01-08 13:31:09 ----A---- C:\Windows\MBR.exe
2016-01-08 13:31:09 ----A---- C:\Windows\grep.exe
2016-01-08 13:29:46 ----D---- C:\Qoobox
2016-01-08 13:28:56 ----D---- C:\Windows\erdnt
2016-01-07 21:55:37 ----D---- C:\Program Files (x86)\Centauri
2016-01-07 21:33:17 ----D---- C:\TEXCACHE
2016-01-07 20:57:59 ----A---- C:\Windows\system32\sdnclean64.exe
2016-01-07 20:57:57 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-01-07 20:57:51 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-01-07 14:09:09 ----D---- C:\NPE
2016-01-06 18:32:26 ----D---- C:\Farming Simulatory
2016-01-06 14:48:32 ----D---- C:\Program Files\CCleaner
2016-01-04 16:42:36 ----D---- C:\Program Files (x86)\Autodesk
2016-01-04 16:40:15 ----D---- C:\Program Files\Common Files\Macrovision Shared
2016-01-04 16:22:26 ----D---- C:\Autodesk
2016-01-02 13:39:08 ----D---- C:\Users\Jakub\AppData\Roaming\.minecraft
2015-12-29 10:15:13 ----D---- C:\Users\Jakub\AppData\Roaming\Ashampoo
2015-12-29 10:14:57 ----D---- C:\ProgramData\Ashampoo
2015-12-27 17:01:56 ----D---- C:\~$PVRTmp0$
2015-12-26 19:52:11 ----D---- C:\Intel
2015-12-26 17:02:21 ----A---- C:\Windows\PE_File.dll
2015-12-26 16:53:10 ----A---- C:\Windows\PE_Rom.dll
2015-12-26 16:48:52 ----A---- C:\Windows\system32\drivers\ndisrd.sys
2015-12-26 16:47:51 ----A---- C:\Windows\SYSWOW64\drivers\AsUpIO.sys
2015-12-26 16:47:13 ----A---- C:\Windows\SYSWOW64\drivers\UpdateHelper.dll
2015-12-26 16:45:20 ----D---- C:\ProgramData\ASUS
2015-12-26 16:44:54 ----D---- C:\Program Files (x86)\ASUS
2015-12-26 16:44:54 ----A---- C:\Windows\SYSWOW64\drivers\AsIO.sys
2015-12-26 16:44:54 ----A---- C:\Windows\SYSWOW64\AsIO.dll
2015-12-26 16:44:45 ----N---- C:\Windows\SYSWOW64\drivers\AsInsHelp64.sys
2015-12-26 16:44:45 ----N---- C:\Windows\SYSWOW64\drivers\AsInsHelp32.sys
2015-12-26 16:44:45 ----D---- C:\Windows\SYSWOW64\drivers\MFDLL
2015-12-22 16:32:55 ----D---- C:\Windows\USB Vibration
2015-12-16 18:13:01 ----D---- C:\ProgramData\FLEXnet
2015-12-16 17:56:07 ----D---- C:\Program Files\Common Files\Autodesk Shared
2015-12-16 17:56:07 ----D---- C:\Program Files\Autodesk
2015-12-16 17:54:32 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2015-12-16 17:54:32 ----A---- C:\Windows\system32\xactengine3_7.dll
2015-12-16 17:54:31 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2015-12-16 17:54:31 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2015-12-16 17:54:31 ----A---- C:\Windows\system32\d3dx10_43.dll
2015-12-16 17:54:31 ----A---- C:\Windows\system32\d3dcsx_43.dll
2015-12-16 17:54:28 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2015-12-16 17:54:28 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2015-12-16 17:54:28 ----A---- C:\Windows\system32\XAudio2_6.dll
2015-12-16 17:54:28 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2015-12-16 17:54:27 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2015-12-16 17:54:27 ----A---- C:\Windows\system32\xactengine3_6.dll
2015-12-16 17:54:26 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2015-12-16 17:54:26 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2015-12-16 17:54:26 ----A---- C:\Windows\system32\XAudio2_5.dll
2015-12-16 17:54:26 ----A---- C:\Windows\system32\xactengine3_5.dll
2015-12-16 17:54:25 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2015-12-16 17:54:25 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2015-12-16 17:54:24 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2015-12-16 17:54:24 ----A---- C:\Windows\system32\d3dcsx_42.dll
2015-12-16 17:54:23 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2015-12-16 17:54:23 ----A---- C:\Windows\system32\d3dx11_42.dll
2015-12-16 17:54:22 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2015-12-16 17:54:22 ----A---- C:\Windows\system32\D3DX9_42.dll
2015-12-16 17:54:21 ----A---- C:\Windows\system32\d3dx10_41.dll
2015-12-16 17:54:21 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2015-12-16 17:54:20 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2015-12-16 17:54:20 ----A---- C:\Windows\system32\D3DX9_41.dll
2015-12-16 17:54:19 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2015-12-16 17:54:19 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2015-12-16 17:54:19 ----A---- C:\Windows\system32\XAudio2_4.dll
2015-12-16 17:54:19 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2015-12-16 17:54:18 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2015-12-16 17:54:18 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2015-12-16 17:54:18 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2015-12-16 17:54:18 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2015-12-16 17:54:18 ----A---- C:\Windows\system32\xactengine3_4.dll
2015-12-16 17:54:18 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2015-12-16 17:54:18 ----A---- C:\Windows\system32\d3dx10_40.dll
2015-12-16 17:54:18 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2015-12-16 17:54:17 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2015-12-16 17:54:17 ----A---- C:\Windows\system32\D3DX9_40.dll
2015-12-16 17:54:16 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2015-12-16 17:54:16 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2015-12-16 17:54:16 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2015-12-16 17:54:16 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2015-12-16 17:54:16 ----A---- C:\Windows\system32\XAudio2_3.dll
2015-12-16 17:54:16 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2015-12-16 17:54:16 ----A---- C:\Windows\system32\xactengine3_3.dll
2015-12-16 17:54:16 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2015-12-16 17:54:14 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2015-12-16 17:54:14 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2015-12-16 17:54:14 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2015-12-16 17:54:14 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2015-12-16 17:54:14 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2015-12-16 17:54:14 ----A---- C:\Windows\system32\XAudio2_2.dll
2015-12-16 17:54:14 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2015-12-16 17:54:14 ----A---- C:\Windows\system32\xactengine3_2.dll
2015-12-16 17:54:14 ----A---- C:\Windows\system32\d3dx10_39.dll
2015-12-16 17:54:14 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2015-12-16 17:54:13 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2015-12-16 17:54:13 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2015-12-16 17:54:13 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2015-12-16 17:54:13 ----A---- C:\Windows\system32\XAudio2_1.dll
2015-12-16 17:54:13 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2015-12-16 17:54:13 ----A---- C:\Windows\system32\D3DX9_39.dll
2015-12-16 17:54:12 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2015-12-16 17:54:12 ----A---- C:\Windows\system32\xactengine3_1.dll
2015-12-16 17:54:11 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2015-12-16 17:54:11 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2015-12-16 17:54:10 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2015-12-16 17:54:10 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2015-12-16 17:54:10 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2015-12-16 17:54:10 ----A---- C:\Windows\system32\D3DX9_38.dll
2015-12-16 17:54:10 ----A---- C:\Windows\system32\d3dx10_38.dll
2015-12-16 17:54:10 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2015-12-16 17:54:09 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2015-12-16 17:54:09 ----A---- C:\Windows\system32\XAudio2_0.dll
2015-12-16 17:54:07 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2015-12-16 17:54:07 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2015-12-16 17:54:07 ----A---- C:\Windows\system32\xactengine3_0.dll
2015-12-16 17:54:07 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2015-12-16 17:54:06 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2015-12-16 17:54:06 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2015-12-16 17:54:06 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2015-12-16 17:54:06 ----A---- C:\Windows\system32\D3DX9_37.dll
2015-12-16 17:54:06 ----A---- C:\Windows\system32\d3dx10_37.dll
2015-12-16 17:54:06 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2015-12-16 17:54:05 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2015-12-16 17:54:05 ----A---- C:\Windows\system32\xactengine2_10.dll
2015-12-16 17:54:03 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2015-12-16 17:54:03 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2015-12-16 17:54:03 ----A---- C:\Windows\system32\d3dx10_36.dll
2015-12-16 17:54:03 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2015-12-16 17:54:02 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2015-12-16 17:54:02 ----A---- C:\Windows\system32\d3dx9_36.dll
2015-12-16 17:54:00 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2015-12-16 17:54:00 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2015-12-16 17:54:00 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2015-12-16 17:54:00 ----A---- C:\Windows\system32\xactengine2_9.dll
2015-12-16 17:54:00 ----A---- C:\Windows\system32\d3dx10_35.dll
2015-12-16 17:54:00 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2015-12-16 17:53:59 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2015-12-16 17:53:59 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2015-12-16 17:53:59 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2015-12-16 17:53:59 ----A---- C:\Windows\system32\xactengine2_8.dll
2015-12-16 17:53:59 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2015-12-16 17:53:59 ----A---- C:\Windows\system32\d3dx9_35.dll
2015-12-16 17:53:58 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2015-12-16 17:53:58 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2015-12-16 17:53:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2015-12-16 17:53:58 ----A---- C:\Windows\system32\d3dx9_34.dll
2015-12-16 17:53:58 ----A---- C:\Windows\system32\d3dx10_34.dll
2015-12-16 17:53:58 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2015-12-16 17:53:57 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2015-12-16 17:53:57 ----A---- C:\Windows\system32\xactengine2_7.dll
2015-12-16 17:53:56 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2015-12-16 17:53:56 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2015-12-16 17:53:56 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2015-12-16 17:53:56 ----A---- C:\Windows\system32\d3dx9_33.dll
2015-12-16 17:53:56 ----A---- C:\Windows\system32\d3dx10_33.dll
2015-12-16 17:53:56 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2015-12-16 17:53:55 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2015-12-16 17:53:55 ----A---- C:\Windows\system32\xactengine2_6.dll
2015-12-16 17:53:54 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2015-12-16 17:53:54 ----A---- C:\Windows\system32\xactengine2_5.dll
2015-12-16 17:53:53 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2015-12-16 17:53:53 ----A---- C:\Windows\system32\d3dx10.dll
2015-12-16 17:53:50 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2015-12-16 17:53:50 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2015-12-16 17:53:50 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2015-12-16 17:53:50 ----A---- C:\Windows\system32\xactengine2_4.dll
2015-12-16 17:53:50 ----A---- C:\Windows\system32\x3daudio1_1.dll
2015-12-16 17:53:50 ----A---- C:\Windows\system32\d3dx9_31.dll
2015-12-16 17:53:49 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2015-12-16 17:53:49 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2015-12-16 17:53:49 ----A---- C:\Windows\system32\xinput1_2.dll
2015-12-16 17:53:49 ----A---- C:\Windows\system32\xactengine2_3.dll
2015-12-16 17:53:47 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2015-12-16 17:53:47 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2015-12-16 17:53:47 ----A---- C:\Windows\system32\xinput1_1.dll
2015-12-16 17:53:47 ----A---- C:\Windows\system32\xactengine2_2.dll
2015-12-16 17:53:46 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2015-12-16 17:53:46 ----A---- C:\Windows\system32\xactengine2_1.dll
2015-12-16 17:53:42 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2015-12-16 17:53:42 ----A---- C:\Windows\system32\d3dx9_30.dll
2015-12-16 17:53:40 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2015-12-16 17:53:40 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2015-12-16 17:53:40 ----A---- C:\Windows\system32\xactengine2_0.dll
2015-12-16 17:53:40 ----A---- C:\Windows\system32\x3daudio1_0.dll
2015-12-16 17:53:39 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2015-12-16 17:53:39 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2015-12-16 17:53:39 ----A---- C:\Windows\system32\d3dx9_29.dll
2015-12-16 17:53:39 ----A---- C:\Windows\system32\d3dx9_28.dll
2015-12-16 17:53:38 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2015-12-16 17:53:38 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2015-12-16 17:53:38 ----A---- C:\Windows\system32\d3dx9_27.dll
2015-12-16 17:53:38 ----A---- C:\Windows\system32\d3dx9_26.dll
2015-12-16 17:53:37 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2015-12-16 17:53:37 ----A---- C:\Windows\system32\d3dx9_25.dll
2015-12-16 17:53:34 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2015-12-16 17:53:34 ----A---- C:\Windows\system32\d3dx9_24.dll
2015-12-16 17:47:31 ----D---- C:\Users\Jakub\AppData\Roaming\Autodesk
2015-12-16 17:47:31 ----D---- C:\ProgramData\Autodesk
2015-12-15 23:38:32 ----D---- C:\Users\Jakub\AppData\Roaming\Trimble Connect for SketchUp
2015-12-15 23:34:38 ----D---- C:\Program Files (x86)\AC3D 6.4.30
2015-12-13 13:58:36 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2015-12-13 13:56:47 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2015-12-13 13:56:41 ----D---- C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
2015-12-13 13:56:38 ----D---- C:\Program Files\DAEMON Tools Lite
2015-12-13 13:56:33 ----D---- C:\ProgramData\DAEMON Tools Lite
2015-12-10 16:12:30 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-12-10 16:12:30 ----A---- C:\Windows\system32\tzres.dll
2015-12-10 16:12:23 ----A---- C:\Windows\SYSWOW64\usp10.dll
2015-12-10 16:12:23 ----A---- C:\Windows\system32\usp10.dll
2015-12-10 16:12:21 ----A---- C:\Windows\system32\win32k.sys
2015-12-10 16:12:21 ----A---- C:\Windows\system32\DWrite.dll
2015-12-10 16:12:20 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-12-10 16:12:20 ----A---- C:\Windows\system32\user32.dll
2015-12-10 16:12:20 ----A---- C:\Windows\system32\FntCache.dll
2015-12-10 16:12:19 ----A---- C:\Windows\SYSWOW64\user32.dll
2015-12-10 16:12:08 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-12-10 16:12:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-12-10 16:12:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-12-10 16:12:08 ----A---- C:\Windows\system32\iertutil.dll
2015-12-10 16:12:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-12-10 16:12:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-12-10 16:12:07 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-12-10 16:12:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-12-10 16:12:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-12-10 16:12:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-12-10 16:12:06 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-12-10 16:12:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-12-10 16:12:06 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-12-10 16:12:06 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-12-10 16:12:06 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-12-10 16:12:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-10 16:12:06 ----A---- C:\Windows\system32\iernonce.dll
2015-12-10 16:12:06 ----A---- C:\Windows\system32\ie4uinit.exe
2015-12-10 16:12:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-12-10 16:12:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-12-10 16:12:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-12-10 16:12:04 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-12-10 16:12:04 ----A---- C:\Windows\system32\urlmon.dll
2015-12-10 16:12:04 ----A---- C:\Windows\system32\occache.dll
2015-12-10 16:12:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-12-10 16:12:04 ----A---- C:\Windows\system32\iedkcs32.dll
2015-12-10 16:12:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-12-10 16:12:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-12-10 16:12:03 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-12-10 16:12:03 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-12-10 16:12:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-10 16:12:03 ----A---- C:\Windows\system32\msfeeds.dll
2015-12-10 16:12:03 ----A---- C:\Windows\system32\dxtrans.dll
2015-12-10 16:12:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-12-10 16:12:01 ----A---- C:\Windows\system32\iesetup.dll
2015-12-10 16:12:01 ----A---- C:\Windows\system32\ieapfltr.dll
2015-12-10 16:12:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-12-10 16:12:00 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-12-10 16:12:00 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-12-10 16:12:00 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-12-10 16:12:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-12-10 16:12:00 ----A---- C:\Windows\system32\vbscript.dll
2015-12-10 16:11:59 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-12-10 16:11:59 ----A---- C:\Windows\system32\jsproxy.dll
2015-12-10 16:11:59 ----A---- C:\Windows\system32\dxtmsft.dll
2015-12-10 16:11:58 ----A---- C:\Windows\system32\mshtmled.dll
2015-12-10 16:11:58 ----A---- C:\Windows\system32\ieui.dll
2015-12-10 16:11:58 ----A---- C:\Windows\system32\ieframe.dll
2015-12-10 16:11:57 ----A---- C:\Windows\system32\webcheck.dll
2015-12-10 16:11:57 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-12-10 16:11:57 ----A---- C:\Windows\system32\jscript9diag.dll
2015-12-10 16:11:57 ----A---- C:\Windows\system32\jscript.dll
2015-12-10 16:11:57 ----A---- C:\Windows\system32\ieUnatt.exe
2015-12-10 16:11:56 ----A---- C:\Windows\system32\wininet.dll
2015-12-10 16:11:56 ----A---- C:\Windows\system32\jscript9.dll
2015-12-10 16:11:55 ----A---- C:\Windows\system32\msrating.dll
2015-12-10 16:11:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-12-10 16:11:54 ----A---- C:\Windows\system32\mshtml.dll
2015-12-10 16:09:00 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2015-12-10 16:09:00 ----A---- C:\Windows\system32\wshrm.dll
2015-12-10 16:09:00 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-10 16:08:49 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2015-12-10 16:08:49 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2015-12-10 16:08:49 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-10 16:08:49 ----A---- C:\Windows\system32\catsrvut.dll
2015-12-10 16:08:45 ----A---- C:\Windows\SYSWOW64\els.dll
2015-12-10 16:08:45 ----A---- C:\Windows\system32\els.dll

======List of files/folders modified in the last 1 month======

2016-01-08 16:49:22 ----D---- C:\Windows\Temp
2016-01-08 16:43:51 ----RD---- C:\Program Files
2016-01-08 16:33:35 ----D---- C:\Windows\system32\config
2016-01-08 16:33:02 ----A---- C:\Windows\SYSWOW64\log.txt
2016-01-08 16:28:31 ----SHD---- C:\System Volume Information
2016-01-08 16:03:00 ----D---- C:\ProgramData\Norton
2016-01-08 16:02:59 ----D---- C:\Windows\SysWOW64
2016-01-08 16:02:59 ----D---- C:\Windows\System32
2016-01-08 16:02:13 ----DC---- C:\Windows\system32\DRVSTORE
2016-01-08 16:02:13 ----D---- C:\Windows\system32\drivers
2016-01-08 16:01:24 ----RD---- C:\Program Files (x86)
2016-01-08 15:30:52 ----D---- C:\Program Files (x86)\NortonInstaller
2016-01-08 13:39:13 ----D---- C:\Windows
2016-01-08 13:39:13 ----A---- C:\Windows\system.ini
2016-01-08 13:39:07 ----D---- C:\Windows\system32\drivers\etc
2016-01-08 13:36:39 ----D---- C:\Windows\SYSWOW64\drivers
2016-01-08 13:36:39 ----D---- C:\Windows\AppPatch
2016-01-08 13:36:38 ----D---- C:\Program Files (x86)\Common Files
2016-01-08 01:42:32 ----D---- C:\ProgramData
2016-01-07 23:52:16 ----D---- C:\Windows\inf
2016-01-07 22:48:42 ----AD---- C:\ProgramData\TEMP
2016-01-07 21:53:12 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-01-07 21:05:19 ----D---- C:\Program Files\Common Files\AV
2016-01-07 20:59:24 ----D---- C:\Windows\system32\Tasks
2016-01-07 20:58:04 ----SD---- C:\ProgramData\Microsoft
2016-01-07 20:39:30 ----D---- C:\Windows\Logs
2016-01-06 18:24:30 ----D---- C:\Windows\Prefetch
2016-01-06 16:45:07 ----SHD---- C:\Windows\Installer
2016-01-06 16:44:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-01-06 16:43:51 ----D---- C:\ProgramData\ProductData
2016-01-06 14:53:24 ----D---- C:\Windows\Panther
2016-01-06 14:53:23 ----D---- C:\Windows\debug
2016-01-04 18:10:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-04 16:40:15 ----D---- C:\Program Files\Common Files
2016-01-04 16:31:56 ----RSD---- C:\Windows\assembly
2016-01-04 14:40:56 ----D---- C:\Windows\system32\NDF
2016-01-04 11:21:25 ----D---- C:\Windows\system32\LogFiles
2016-01-03 21:13:13 ----D---- C:\Fraps
2016-01-02 15:49:17 ----D---- C:\Users\Jakub\AppData\Roaming\Notepad++
2016-01-02 15:49:15 ----D---- C:\Program Files (x86)\Notepad++
2016-01-02 12:30:14 ----D---- C:\Program Files\SketchUp
2015-12-26 17:13:41 ----D---- C:\Windows\system32\catroot2
2015-12-26 17:11:39 ----SD---- C:\Users\Jakub\AppData\Roaming\Microsoft
2015-12-26 16:49:27 ----D---- C:\Windows\system32\DriverStore
2015-12-22 16:16:32 ----D---- C:\Windows\system32\wdi
2015-12-21 16:01:46 ----D---- C:\Windows\Tasks
2015-12-21 16:01:46 ----D---- C:\ProgramData\HP
2015-12-18 13:46:42 ----D---- C:\Windows\winsxs
2015-12-18 13:46:38 ----SD---- C:\Windows\SYSWOW64\GWX
2015-12-18 13:46:38 ----SD---- C:\Windows\system32\GWX
2015-12-16 17:53:43 ----D---- C:\Windows\Microsoft.NET
2015-12-15 23:30:44 ----D---- C:\Users\Jakub\AppData\Roaming\SketchUp
2015-12-15 23:30:05 ----AD---- C:\ProgramData\Reprise
2015-12-15 23:29:23 ----D---- C:\ProgramData\SketchUp
2015-12-15 19:07:36 ----D---- C:\Windows\rescache
2015-12-11 15:08:13 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-12-11 15:08:13 ----D---- C:\Windows\system32\cs-CZ
2015-12-11 15:08:11 ----D---- C:\Windows\ehome
2015-12-11 15:08:08 ----D---- C:\Program Files\Internet Explorer
2015-12-11 15:08:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-12-11 15:08:06 ----D---- C:\Windows\system32\en-US
2015-12-11 15:08:03 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-10 19:24:19 ----D---- C:\Program Files\Microsoft Silverlight
2015-12-10 19:24:19 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 19:22:03 ----D---- C:\Windows\system32\MRT
2015-12-10 19:15:10 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymEFASI;Symantec Extended File Attributes (SI); C:\Windows\system32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [2015-11-12 1621232]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-08-22 15232]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2013-01-15 14464]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\BASHDefs\20160104.001\BHDrvx64.sys [2015-10-22 1665608]
R1 ccSet_N360;N360 Settings Manager; C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys [2015-09-23 173808]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2015-11-12 498512]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-11-13 26528]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\IPSDefs\20160107.001\IDSvia64.sys [2015-11-19 767224]
R1 ndisrd;WinpkFilter LightWeight Filter; C:\Windows\system32\DRIVERS\ndisrd.sys [2013-02-21 32840]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS [2015-09-23 50936]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS [2015-09-23 297720]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS [2015-11-12 577768]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-12-13 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2015-12-13 46392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2015-11-12 157520]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-07-26 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-11-13 5375448]
R3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2015-11-14 165504]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160107.051\ENG64.SYS [2015-10-16 138488]
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160107.051\EX64.SYS [2015-10-16 2148080]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-12-04 1026304]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTWlanU.sys [2015-11-13 2990808]
R3 semav6msr64;semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [2015-06-04 21984]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS [2015-11-12 928496]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2015-11-19 111344]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2015-11-13 689840]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\combofix\catchme.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-07-13 748648]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 xhunter1;xhunter1; \??\C:\Windows\xhunter1.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2015-12-26 920736]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2015-12-26 951936]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2015-12-26 149120]
R2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe [2015-12-26 1475200]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2015-09-14 414360]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-05-10 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-05-15 277784]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe [2015-11-20 282016]
R2 Realtek11nCU;Realtek11nCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2010-04-16 36864]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 SystemUsageReportSvc_WILLAMETTE;Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [2015-09-14 112792]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-05-15 363800]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2015-11-13 27768]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13 144200]
S2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-06 269504]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-11-13 280680]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-11-30 1368408]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2016-01-04 1471352]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-08 114688]
S3 USER_ESRV_SVC_WILLAMETTE;User Energy Server Service WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2015-09-14 414360]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-11-13 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Krasny den Vam preju

Mate tam cerva

Mate problemy s flash disky?

Protoze jste pri spusteni ComboFixu souhlasil s podminkami uziti, jen se ujistim, ze jste osoba pro praci s nim vyskolena nebo Vam alespon osoba zkusena asistovala. Poprosim Vas o obsah logu z CF (je v C:\ComboFix.txt). CF mimochodem castecne smazal stopy po haveti, takze logy z RSIT/FRST maji mensi vypovidaci hodnotu. Na tento typ haveti byva CF kratky.

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Cleaning
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Zde log z CF:

ComboFix 16-01-07.01 - Jakub 08.01.2016 13:32:44.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3970.2367 [GMT 1:00]
Spuštěný z: c:\users\Jakub\Downloads\ComboFix.exe
AV: Norton 360 *Enabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
FW: Norton 360 *Enabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
SP: Norton 360 *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\AF15BDAEX.dll
c:\windows\SysWow64\systeminfo.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-12-08 do 2016-01-08 )))))))))))))))))))))))))))))))
.
.
2016-01-08 12:39 . 2016-01-08 12:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-01-08 00:40 . 2015-12-12 23:41 107557 ----a-w- c:\users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hds.vbs
2016-01-07 20:55 . 2016-01-07 22:50 -------- d-----w- c:\program files (x86)\Centauri
2016-01-07 20:33 . 2016-01-07 20:33 -------- d-----w- C:\TEXCACHE
2016-01-07 20:31 . 2016-01-07 20:31 -------- d-----w- c:\users\Jakub\TYPHOON
2016-01-07 19:57 . 2013-09-20 09:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2016-01-07 19:57 . 2016-01-07 21:15 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2016-01-07 19:57 . 2016-01-07 20:21 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2016-01-07 13:09 . 2016-01-07 19:21 -------- d-----w- C:\NPE
2016-01-07 13:01 . 2016-01-08 00:42 -------- d-----w- c:\users\Jakub\AppData\Local\NPE
2016-01-06 17:32 . 2016-01-06 18:14 -------- d-----w- C:\Farming Simulatory
2016-01-06 13:48 . 2016-01-06 13:50 -------- d-----w- c:\program files\CCleaner
2016-01-04 15:42 . 2016-01-04 15:42 -------- d-----w- c:\program files (x86)\Autodesk
2016-01-04 15:40 . 2016-01-04 15:40 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2016-01-04 15:22 . 2016-01-04 15:22 -------- d-----w- C:\Autodesk
2016-01-04 13:41 . 2016-01-04 13:41 -------- d-----w- c:\users\Jakub\AppData\Local\Diagnostics
2016-01-04 12:38 . 2016-01-04 12:38 -------- d-----w- c:\users\Jakub\AppData\Local\backburner
2016-01-02 12:39 . 2016-01-04 14:58 -------- d-----w- c:\users\Jakub\AppData\Roaming\.minecraft
2015-12-29 09:15 . 2015-12-29 09:15 -------- d-----w- c:\users\Jakub\AppData\Roaming\Ashampoo
2015-12-29 09:15 . 2015-12-29 09:15 -------- d-----w- c:\users\Jakub\AppData\Local\ashampoo
2015-12-29 09:14 . 2016-01-06 18:04 -------- d-----w- c:\programdata\Ashampoo
2015-12-27 16:01 . 2015-12-27 16:01 -------- d-----w- C:\~$PVRTmp0$
2015-12-26 18:52 . 2015-12-26 18:52 -------- d-----w- C:\Intel
2015-12-26 16:02 . 2015-12-26 16:02 4272768 ----a-w- c:\windows\PE_File.dll
2015-12-26 15:53 . 2015-12-28 13:58 4207232 ----a-w- c:\windows\PE_Rom.dll
2015-12-26 15:48 . 2013-02-21 10:40 32840 ----a-w- c:\windows\system32\drivers\ndisrd.sys
2015-12-26 15:47 . 2013-01-15 09:52 14464 ----a-w- c:\windows\SysWow64\drivers\AsUpIO.sys
2015-12-26 15:47 . 2008-12-02 19:05 184320 ----a-w- c:\windows\SysWow64\drivers\UpdateHelper.dll
2015-12-26 15:45 . 2015-12-26 15:45 -------- d-----w- c:\programdata\ASUS
2015-12-26 15:44 . 2015-12-26 15:48 -------- d-----w- c:\program files (x86)\ASUS
2015-12-26 15:44 . 2012-08-22 15:54 15232 ----a-w- c:\windows\SysWow64\drivers\AsIO.sys
2015-12-26 15:44 . 2010-06-29 13:41 28672 ----a-w- c:\windows\SysWow64\AsIO.dll
2015-12-26 15:44 . 2015-12-26 15:44 -------- d-----w- c:\windows\SysWow64\drivers\MFDLL
2015-12-26 15:44 . 2008-01-04 12:34 11832 ------w- c:\windows\SysWow64\drivers\AsInsHelp64.sys
2015-12-26 15:44 . 2008-01-04 12:34 10216 ------w- c:\windows\SysWow64\drivers\AsInsHelp32.sys
2015-12-22 15:32 . 2015-12-22 15:32 -------- d-----w- c:\windows\USB Vibration
2015-12-22 15:32 . 2006-02-07 14:39 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2015-12-22 15:32 . 2002-08-05 09:46 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll
2015-12-22 15:32 . 2002-08-02 02:10 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe
2015-12-22 15:32 . 2002-08-02 01:20 634880 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll
2015-12-22 15:32 . 2002-08-02 01:20 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll
2015-12-22 15:32 . 2002-08-02 01:20 151552 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll
2015-12-22 15:32 . 2015-12-22 15:32 159876 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll
2015-12-22 15:32 . 2015-12-22 15:32 270468 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll
2015-12-16 17:13 . 2015-12-16 17:18 -------- d-----w- c:\programdata\FLEXnet
2015-12-16 17:12 . 2015-12-16 17:12 -------- d-----w- c:\users\Jakub\AppData\Local\Autodesk
2015-12-16 17:00 . 2015-12-16 17:00 -------- d-----w- c:\program files (x86)\Common Files\Autodesk Shared
2015-12-16 16:56 . 2016-01-04 15:44 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2015-12-16 16:56 . 2016-01-04 15:41 -------- d-----w- c:\program files\Autodesk
2015-12-16 16:53 . 2007-10-22 02:37 17928 ----a-w- c:\windows\SysWow64\X3DAudio1_2.dll
2015-12-16 16:47 . 2015-12-16 17:22 -------- d-----w- c:\users\Jakub\AppData\Roaming\Autodesk
2015-12-16 16:47 . 2015-12-16 17:22 -------- d-----w- c:\programdata\Autodesk
2015-12-15 22:38 . 2015-12-15 22:38 -------- d-----w- c:\users\Jakub\AppData\Roaming\Trimble Connect for SketchUp
2015-12-15 22:34 . 2015-12-15 22:34 -------- d-----w- c:\program files (x86)\AC3D 6.4.30
2015-12-13 13:17 . 2015-12-17 13:56 -------- d-----w- c:\users\Jakub\AppData\Local\Disc_Soft_Ltd
2015-12-13 12:58 . 2015-12-13 12:58 46392 ----a-w- c:\windows\system32\drivers\dtliteusbbus.sys
2015-12-13 12:56 . 2015-12-13 12:56 30264 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2015-12-13 12:56 . 2016-01-07 21:56 -------- d-----w- c:\users\Jakub\AppData\Roaming\DAEMON Tools Lite
2015-12-13 12:56 . 2015-12-13 13:17 -------- d-----w- c:\program files\DAEMON Tools Lite
2015-12-13 12:56 . 2015-12-13 12:56 -------- d-----w- c:\programdata\DAEMON Tools Lite
2015-12-10 15:11 . 2015-11-11 20:52 235208 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2015-12-10 15:09 . 2015-11-05 19:05 17408 ----a-w- c:\windows\system32\wshrm.dll
2015-12-10 15:09 . 2015-11-05 19:02 14848 ----a-w- c:\windows\SysWow64\wshrm.dll
2015-12-10 15:09 . 2015-11-05 09:53 146944 ----a-w- c:\windows\system32\drivers\rmcast.sys
2015-12-10 15:08 . 2015-11-11 18:53 1735680 ----a-w- c:\windows\system32\comsvcs.dll
2015-12-10 15:08 . 2015-11-11 18:53 525312 ----a-w- c:\windows\system32\catsrvut.dll
2015-12-10 15:08 . 2015-11-11 18:39 1242624 ----a-w- c:\windows\SysWow64\comsvcs.dll
2015-12-10 15:08 . 2015-11-11 18:39 487936 ----a-w- c:\windows\SysWow64\catsrvut.dll
2015-12-10 15:08 . 2015-11-03 19:04 241664 ----a-w- c:\windows\system32\els.dll
2015-12-10 15:08 . 2015-11-03 18:55 179712 ----a-w- c:\windows\SysWow64\els.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-06 15:44 . 2015-11-13 20:49 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-01-06 15:44 . 2015-11-13 20:49 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-10 18:15 . 2015-11-14 13:46 140158008 ----a-w- c:\windows\system32\MRT.exe
2015-12-04 15:01 . 2015-12-04 15:01 82544 ----a-w- c:\windows\system32\RtNicProp64.dll
2015-12-04 15:01 . 2015-12-04 15:01 1026304 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2015-12-04 15:01 . 2015-11-13 14:20 116304 ----a-w- c:\windows\system32\RTNUninst64.dll
2015-11-29 17:20 . 2015-11-29 17:20 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-11-20 18:54 . 2015-12-06 13:22 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-11-20 18:54 . 2015-12-06 13:22 37888 ----a-w- c:\windows\system32\wups2.dll
2015-11-20 18:54 . 2015-12-06 13:22 36864 ----a-w- c:\windows\system32\wups.dll
2015-11-20 18:54 . 2015-12-06 13:22 3170304 ----a-w- c:\windows\system32\wucltux.dll
2015-11-20 18:54 . 2015-12-06 13:22 2609152 ----a-w- c:\windows\system32\wuaueng.dll
2015-11-20 18:54 . 2015-12-06 13:22 192512 ----a-w- c:\windows\system32\wuwebv.dll
2015-11-20 18:54 . 2015-12-06 13:22 709632 ----a-w- c:\windows\system32\wuapi.dll
2015-11-20 18:54 . 2015-12-06 13:22 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-11-20 18:54 . 2015-12-06 13:22 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-11-20 18:54 . 2015-12-06 13:22 37888 ----a-w- c:\windows\system32\wuapp.exe
2015-11-20 18:54 . 2015-12-06 13:22 140288 ----a-w- c:\windows\system32\wuauclt.exe
2015-11-20 18:34 . 2015-12-06 13:22 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-11-20 18:34 . 2015-12-06 13:22 30208 ----a-w- c:\windows\SysWow64\wups.dll
2015-11-20 18:34 . 2015-12-06 13:22 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-11-20 18:34 . 2015-12-06 13:22 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-11-20 18:33 . 2015-12-06 13:22 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-11-19 18:17 . 2015-11-13 15:59 111344 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2015-11-15 14:34 . 2015-11-15 14:34 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2015-11-15 14:33 . 2015-11-15 14:33 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2015-11-14 13:35 . 2015-11-14 13:35 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-11-14 13:35 . 2015-11-14 13:35 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-11-14 13:35 . 2015-11-14 13:35 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-11-14 13:35 . 2015-11-14 13:35 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-11-14 13:35 . 2015-11-14 13:35 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-11-14 13:35 . 2015-11-14 13:35 81408 ----a-w- c:\windows\system32\icardie.dll
2015-11-14 13:35 . 2015-11-14 13:35 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-11-14 13:35 . 2015-11-14 13:35 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-11-14 13:35 . 2015-11-14 13:35 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-11-14 13:35 . 2015-11-14 13:35 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-11-14 13:35 . 2015-11-14 13:35 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-11-14 13:35 . 2015-11-14 13:35 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-11-14 13:35 . 2015-11-14 13:35 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-11-14 13:35 . 2015-11-14 13:35 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-11-14 13:35 . 2015-11-14 13:35 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-11-14 13:35 . 2015-11-14 13:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-11-14 13:35 . 2015-11-14 13:35 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-11-14 13:35 . 2015-11-14 13:35 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-11-14 13:35 . 2015-11-14 13:35 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-11-14 13:35 . 2015-11-14 13:35 247808 ----a-w- c:\windows\system32\msls31.dll
2015-11-14 13:35 . 2015-11-14 13:35 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-11-14 13:35 . 2015-11-14 13:35 235520 ----a-w- c:\windows\system32\url.dll
2015-11-14 13:35 . 2015-11-14 13:35 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-11-14 13:35 . 2015-11-14 13:35 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-11-14 13:35 . 2015-11-14 13:35 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-11-14 13:35 . 2015-11-14 13:35 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-11-14 13:35 . 2015-11-14 13:35 143872 ----a-w- c:\windows\system32\wextract.exe
2015-11-14 13:35 . 2015-11-14 13:35 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-11-14 13:35 . 2015-11-14 13:35 13824 ----a-w- c:\windows\system32\mshta.exe
2015-11-14 13:35 . 2015-11-14 13:35 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-11-14 13:35 . 2015-11-14 13:35 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-11-14 13:35 . 2015-11-14 13:35 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-11-14 13:35 . 2015-11-14 13:35 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-11-14 13:35 . 2015-11-14 13:35 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-11-14 13:35 . 2015-11-14 13:35 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-11-14 13:35 . 2015-11-14 13:35 101376 ----a-w- c:\windows\system32\inseng.dll
2015-11-14 12:50 . 2015-11-14 12:50 73728 ----a-w- c:\windows\SysWow64\AF9100EX.dll
2015-11-14 12:50 . 2015-11-14 12:50 73728 ----a-w- c:\windows\system32\AF9100EX.dll
2015-11-14 12:50 . 2015-11-14 12:50 126 ----a-w- c:\windows\system32\AF15IRTBL.bin
2015-11-14 12:50 . 2015-11-14 12:50 114688 ----a-w- c:\windows\system32\IRMonitor.exe
2015-11-14 12:50 . 2015-11-14 12:50 165504 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
2015-11-14 12:50 . 2015-11-14 12:44 73728 ----a-w- c:\windows\system32\AF15BDAEX.dll
2015-11-14 09:20 . 2012-07-17 13:37 24288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-11-13 20:43 . 2015-11-13 20:43 530968 ----a-w- c:\windows\system32\iglhsip64.dll
2015-11-13 20:43 . 2015-11-13 20:43 525800 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2015-11-13 20:43 . 2015-11-13 20:43 513640 ----a-w- c:\windows\system32\igfxsrvc.exe
2015-11-13 20:43 . 2015-11-13 20:43 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2015-11-13 20:43 . 2015-11-13 20:43 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2015-11-13 20:43 . 2015-11-13 20:43 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2015-11-13 20:43 . 2015-11-13 20:43 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2015-11-13 20:43 . 2015-11-13 20:43 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2015-11-13 20:43 . 2015-11-13 20:43 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2015-11-13 20:43 . 2015-11-13 20:43 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2015-11-13 20:43 . 2015-11-13 20:43 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2015-11-13 20:43 . 2015-11-13 20:43 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2015-11-13 20:43 . 2015-11-13 20:43 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2015-11-13 20:43 . 2015-11-13 20:43 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2015-11-13 20:43 . 2015-11-13 20:43 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
2015-11-13 20:43 . 2015-11-13 20:43 410112 ----a-w- c:\windows\system32\igfxTMM.dll
2015-11-13 20:43 . 2015-11-13 20:43 280680 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2015-11-13 20:43 . 2015-11-13 20:43 272928 ----a-w- c:\windows\system32\igvpkrng600.bin
2015-11-13 20:43 . 2015-11-13 20:43 220432 ----a-w- c:\windows\system32\iglhcp64.dll
2015-11-13 20:43 . 2015-11-13 20:43 184352 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2015-11-13 20:43 . 2015-11-13 20:43 173672 ----a-w- c:\windows\system32\igfxtray.exe
2015-11-13 20:43 . 2015-11-13 20:43 116224 ----a-w- c:\windows\system32\igfxCoIn_v4229.dll
2015-11-13 20:43 . 2015-11-13 14:22 64000 ----a-w- c:\windows\system32\igfxsrvc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-11-14 09:10 223432 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-11-14 09:10 223432 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-11-14 09:10 223432 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-12-08 8590760]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
"hds"="wscript.exe" [2013-10-12 141824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-02-09 5015040]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-11-09 596528]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
.
c:\users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
hds.vbs [2015-12-13 107557]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TMMonitor.lnk - c:\program files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2015-11-21 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192cu.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USER_ESRV_SVC_WILLAMETTE;User Energy Server Service WILLAMETTE;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
S0 SymEFASI;Symantec Extended File Attributes (SI);c:\windows\system32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\BASHDefs\20160104.001\BHDrvx64.sys;c:\program files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\BASHDefs\20160104.001\BHDrvx64.sys [x]
S1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1605050.00F\ccSetx64.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\IPSDefs\20160106.001\IDSvia64.sys;c:\program files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\IPSDefs\20160106.001\IDSvia64.sys [x]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1605050.00F\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1605050.00F\SYMNETS.SYS [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\22.5.5.15\N360.exe;c:\program files (x86)\Norton 360\Engine\22.5.5.15\N360.exe [x]
S2 Realtek11nCU;Realtek11nCU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 SystemUsageReportSvc_WILLAMETTE;Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE;c:\program files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe;c:\program files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTWlanU.sys;c:\windows\SYSNATIVE\DRIVERS\RTWlanU.sys [x]
S3 semav6msr64;semav6msr64;c:\windows\system32\drivers\semav6msr64.sys;c:\windows\SYSNATIVE\drivers\semav6msr64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-16 21:33 1000264 ----a-w- c:\program files (x86)\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-01-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-13 15:44]
.
2016-01-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13 15:17]
.
2016-01-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13 15:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-11-14 09:10 262344 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-11-14 09:10 262344 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-11-14 09:10 262344 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-11-13 173672]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-11-13 401512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-11-13 444008]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
.
------- Asociace souborů -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Notify-SDWinLogon - SDWinLogon.dll
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\22.5.5.15\N360.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\22.5.5.15\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton 360\Engine\22.5.5.15;c:\program files (x86)\Norton 360\Engine64\22.5.5.15"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-01-08 13:41:44
ComboFix-quarantined-files.txt 2016-01-08 12:41
.
Před spuštěním: Volných bajtů: 22 777 778 176
Po spuštění: Volných bajtů: 22 251 769 856
.
- - End Of File - - C9954EC3F3A2C90818DC060E3CE41DCF
A36C5E4F47E84449FF07ED3517B43A31

ADW LOG:
# AdwCleaner v5.028 - Logfile created 08/01/2016 at 17:42:17
# Updated 04/01/2016 by Xplode
# Database : 2016-01-04.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Jakub - JAKUB-PC
# Running from : C:\Users\Jakub\Downloads\adwcleaner_5.028.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [682 bytes] ##########

Pokud jeste nemate, presunte ComboFix na plochu.

Otevrete Poznamkovy blok (Start -> Spustit -> notepad)

zkopirujte do nej skript nize a ulozte na plochu jako CFScript (Typ souboru: Textovy dokument)

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hds"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SDTray"=-

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hds.vbs

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Tento CFScript.txt chytte, doslova pretahnete nad ikonu ComboFixu a pustte.
Po restartu na Vas vyskoci log, jehoz obsah mi vlozte do dalsi odpovedi.

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou Windows. V tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Log z CF:

ComboFix 16-01-07.01 - Jakub 08.01.2016 18:39:32.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3970.1910 [GMT 1:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jakub\Desktop\CFScript.txt
AV: Norton 360 *Enabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
FW: Norton 360 *Enabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
SP: Norton 360 *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hds.vbs"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hds.vbs
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-12-08 do 2016-01-08 )))))))))))))))))))))))))))))))
.
.
2016-01-08 17:45 . 2016-01-08 17:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-01-08 16:15 . 2016-01-08 16:42 -------- d-----w- C:\AdwCleaner
2016-01-08 15:43 . 2016-01-08 15:52 -------- d-----w- c:\program files\trend micro
2016-01-08 15:43 . 2016-01-08 15:44 -------- d-----w- C:\rsit
2016-01-08 15:02 . 2012-07-26 05:32 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2016-01-08 15:02 . 2012-07-26 05:32 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2016-01-08 15:02 . 2012-07-26 05:32 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2016-01-08 15:01 . 2016-01-08 15:01 -------- d-----w- c:\windows\system32\drivers\NBRTWizardx64
2016-01-08 15:01 . 2016-01-08 15:01 -------- d-----w- c:\program files (x86)\Norton Bootable Recovery Tool Wizard
2016-01-07 20:55 . 2016-01-07 22:50 -------- d-----w- c:\program files (x86)\Centauri
2016-01-07 20:33 . 2016-01-07 20:33 -------- d-----w- C:\TEXCACHE
2016-01-07 20:31 . 2016-01-07 20:31 -------- d-----w- c:\users\Jakub\TYPHOON
2016-01-07 19:57 . 2013-09-20 09:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2016-01-07 19:57 . 2016-01-07 21:15 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2016-01-07 19:57 . 2016-01-07 20:21 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2016-01-07 13:09 . 2016-01-07 19:21 -------- d-----w- C:\NPE
2016-01-07 13:01 . 2016-01-08 14:09 -------- d-----w- c:\users\Jakub\AppData\Local\NPE
2016-01-06 17:32 . 2016-01-06 18:14 -------- d-----w- C:\Farming Simulatory
2016-01-06 13:48 . 2016-01-06 13:50 -------- d-----w- c:\program files\CCleaner
2016-01-04 15:42 . 2016-01-04 15:42 -------- d-----w- c:\program files (x86)\Autodesk
2016-01-04 15:40 . 2016-01-04 15:40 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2016-01-04 15:22 . 2016-01-04 15:22 -------- d-----w- C:\Autodesk
2016-01-04 13:41 . 2016-01-04 13:41 -------- d-----w- c:\users\Jakub\AppData\Local\Diagnostics
2016-01-04 12:38 . 2016-01-04 12:38 -------- d-----w- c:\users\Jakub\AppData\Local\backburner
2016-01-02 12:39 . 2016-01-04 14:58 -------- d-----w- c:\users\Jakub\AppData\Roaming\.minecraft
2015-12-29 09:15 . 2015-12-29 09:15 -------- d-----w- c:\users\Jakub\AppData\Roaming\Ashampoo
2015-12-29 09:15 . 2015-12-29 09:15 -------- d-----w- c:\users\Jakub\AppData\Local\ashampoo
2015-12-29 09:14 . 2016-01-06 18:04 -------- d-----w- c:\programdata\Ashampoo
2015-12-27 16:01 . 2015-12-27 16:01 -------- d-----w- C:\~$PVRTmp0$
2015-12-26 18:52 . 2015-12-26 18:52 -------- d-----w- C:\Intel
2015-12-26 16:02 . 2015-12-26 16:02 4272768 ----a-w- c:\windows\PE_File.dll
2015-12-26 15:53 . 2015-12-28 13:58 4207232 ----a-w- c:\windows\PE_Rom.dll
2015-12-26 15:48 . 2013-02-21 10:40 32840 ----a-w- c:\windows\system32\drivers\ndisrd.sys
2015-12-26 15:47 . 2013-01-15 09:52 14464 ----a-w- c:\windows\SysWow64\drivers\AsUpIO.sys
2015-12-26 15:47 . 2008-12-02 19:05 184320 ----a-w- c:\windows\SysWow64\drivers\UpdateHelper.dll
2015-12-26 15:45 . 2015-12-26 15:45 -------- d-----w- c:\programdata\ASUS
2015-12-26 15:44 . 2015-12-26 15:48 -------- d-----w- c:\program files (x86)\ASUS
2015-12-26 15:44 . 2012-08-22 15:54 15232 ----a-w- c:\windows\SysWow64\drivers\AsIO.sys
2015-12-26 15:44 . 2010-06-29 13:41 28672 ----a-w- c:\windows\SysWow64\AsIO.dll
2015-12-26 15:44 . 2015-12-26 15:44 -------- d-----w- c:\windows\SysWow64\drivers\MFDLL
2015-12-26 15:44 . 2008-01-04 12:34 11832 ------w- c:\windows\SysWow64\drivers\AsInsHelp64.sys
2015-12-26 15:44 . 2008-01-04 12:34 10216 ------w- c:\windows\SysWow64\drivers\AsInsHelp32.sys
2015-12-22 15:32 . 2015-12-22 15:32 -------- d-----w- c:\windows\USB Vibration
2015-12-22 15:32 . 2006-02-07 14:39 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2015-12-22 15:32 . 2002-08-05 09:46 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll
2015-12-22 15:32 . 2002-08-02 02:10 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe
2015-12-22 15:32 . 2002-08-02 01:20 634880 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll
2015-12-22 15:32 . 2002-08-02 01:20 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll
2015-12-22 15:32 . 2002-08-02 01:20 151552 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll
2015-12-22 15:32 . 2015-12-22 15:32 159876 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll
2015-12-22 15:32 . 2015-12-22 15:32 270468 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll
2015-12-16 17:13 . 2015-12-16 17:18 -------- d-----w- c:\programdata\FLEXnet
2015-12-16 17:12 . 2015-12-16 17:12 -------- d-----w- c:\users\Jakub\AppData\Local\Autodesk
2015-12-16 17:00 . 2015-12-16 17:00 -------- d-----w- c:\program files (x86)\Common Files\Autodesk Shared
2015-12-16 16:56 . 2016-01-04 15:44 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2015-12-16 16:56 . 2016-01-04 15:41 -------- d-----w- c:\program files\Autodesk
2015-12-16 16:53 . 2007-10-22 02:37 21000 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2015-12-16 16:47 . 2015-12-16 17:22 -------- d-----w- c:\users\Jakub\AppData\Roaming\Autodesk
2015-12-16 16:47 . 2015-12-16 17:22 -------- d-----w- c:\programdata\Autodesk
2015-12-15 22:38 . 2015-12-15 22:38 -------- d-----w- c:\users\Jakub\AppData\Roaming\Trimble Connect for SketchUp
2015-12-15 22:34 . 2015-12-15 22:34 -------- d-----w- c:\program files (x86)\AC3D 6.4.30
2015-12-13 13:17 . 2015-12-17 13:56 -------- d-----w- c:\users\Jakub\AppData\Local\Disc_Soft_Ltd
2015-12-13 12:58 . 2015-12-13 12:58 46392 ----a-w- c:\windows\system32\drivers\dtliteusbbus.sys
2015-12-13 12:56 . 2015-12-13 12:56 30264 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2015-12-13 12:56 . 2016-01-07 21:56 -------- d-----w- c:\users\Jakub\AppData\Roaming\DAEMON Tools Lite
2015-12-13 12:56 . 2015-12-13 13:17 -------- d-----w- c:\program files\DAEMON Tools Lite
2015-12-13 12:56 . 2015-12-13 12:56 -------- d-----w- c:\programdata\DAEMON Tools Lite
2015-12-10 15:11 . 2015-11-11 20:52 235208 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2015-12-10 15:09 . 2015-11-05 19:05 17408 ----a-w- c:\windows\system32\wshrm.dll
2015-12-10 15:09 . 2015-11-05 09:53 146944 ----a-w- c:\windows\system32\drivers\rmcast.sys
2015-12-10 15:08 . 2015-11-11 18:53 1735680 ----a-w- c:\windows\system32\comsvcs.dll
2015-12-10 15:08 . 2015-11-11 18:53 525312 ----a-w- c:\windows\system32\catsrvut.dll
2015-12-10 15:08 . 2015-11-11 18:39 1242624 ----a-w- c:\windows\SysWow64\comsvcs.dll
2015-12-10 15:08 . 2015-11-11 18:39 487936 ----a-w- c:\windows\SysWow64\catsrvut.dll
2015-12-10 15:08 . 2015-11-03 19:04 241664 ----a-w- c:\windows\system32\els.dll
2015-12-10 15:08 . 2015-11-03 18:55 179712 ----a-w- c:\windows\SysWow64\els.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-06 15:44 . 2015-11-13 20:49 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-01-06 15:44 . 2015-11-13 20:49 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-10 18:15 . 2015-11-14 13:46 140158008 ----a-w- c:\windows\system32\MRT.exe
2015-12-04 15:01 . 2015-12-04 15:01 82544 ----a-w- c:\windows\system32\RtNicProp64.dll
2015-12-04 15:01 . 2015-12-04 15:01 1026304 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2015-12-04 15:01 . 2015-11-13 14:20 116304 ----a-w- c:\windows\system32\RTNUninst64.dll
2015-11-29 17:20 . 2015-11-29 17:20 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-11-20 18:54 . 2015-12-06 13:22 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-11-20 18:54 . 2015-12-06 13:22 37888 ----a-w- c:\windows\system32\wups2.dll
2015-11-20 18:54 . 2015-12-06 13:22 36864 ----a-w- c:\windows\system32\wups.dll
2015-11-20 18:54 . 2015-12-06 13:22 3170304 ----a-w- c:\windows\system32\wucltux.dll
2015-11-20 18:54 . 2015-12-06 13:22 2609152 ----a-w- c:\windows\system32\wuaueng.dll
2015-11-20 18:54 . 2015-12-06 13:22 192512 ----a-w- c:\windows\system32\wuwebv.dll
2015-11-20 18:54 . 2015-12-06 13:22 709632 ----a-w- c:\windows\system32\wuapi.dll
2015-11-20 18:54 . 2015-12-06 13:22 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-11-20 18:54 . 2015-12-06 13:22 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-11-20 18:54 . 2015-12-06 13:22 37888 ----a-w- c:\windows\system32\wuapp.exe
2015-11-20 18:54 . 2015-12-06 13:22 140288 ----a-w- c:\windows\system32\wuauclt.exe
2015-11-20 18:34 . 2015-12-06 13:22 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-11-20 18:34 . 2015-12-06 13:22 30208 ----a-w- c:\windows\SysWow64\wups.dll
2015-11-20 18:34 . 2015-12-06 13:22 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-11-20 18:34 . 2015-12-06 13:22 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-11-20 18:33 . 2015-12-06 13:22 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-11-19 18:17 . 2015-11-13 15:59 111344 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2015-11-15 14:34 . 2015-11-15 14:34 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2015-11-15 14:33 . 2015-11-15 14:33 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2015-11-14 13:35 . 2015-11-14 13:35 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-11-14 13:35 . 2015-11-14 13:35 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-11-14 13:35 . 2015-11-14 13:35 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-11-14 13:35 . 2015-11-14 13:35 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-11-14 13:35 . 2015-11-14 13:35 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-11-14 13:35 . 2015-11-14 13:35 81408 ----a-w- c:\windows\system32\icardie.dll
2015-11-14 13:35 . 2015-11-14 13:35 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-11-14 13:35 . 2015-11-14 13:35 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-11-14 13:35 . 2015-11-14 13:35 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-11-14 13:35 . 2015-11-14 13:35 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-11-14 13:35 . 2015-11-14 13:35 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-11-14 13:35 . 2015-11-14 13:35 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-11-14 13:35 . 2015-11-14 13:35 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-11-14 13:35 . 2015-11-14 13:35 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-11-14 13:35 . 2015-11-14 13:35 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-11-14 13:35 . 2015-11-14 13:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-11-14 13:35 . 2015-11-14 13:35 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-11-14 13:35 . 2015-11-14 13:35 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-11-14 13:35 . 2015-11-14 13:35 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-11-14 13:35 . 2015-11-14 13:35 247808 ----a-w- c:\windows\system32\msls31.dll
2015-11-14 13:35 . 2015-11-14 13:35 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-11-14 13:35 . 2015-11-14 13:35 235520 ----a-w- c:\windows\system32\url.dll
2015-11-14 13:35 . 2015-11-14 13:35 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-11-14 13:35 . 2015-11-14 13:35 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-11-14 13:35 . 2015-11-14 13:35 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-11-14 13:35 . 2015-11-14 13:35 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-11-14 13:35 . 2015-11-14 13:35 143872 ----a-w- c:\windows\system32\wextract.exe
2015-11-14 13:35 . 2015-11-14 13:35 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-11-14 13:35 . 2015-11-14 13:35 13824 ----a-w- c:\windows\system32\mshta.exe
2015-11-14 13:35 . 2015-11-14 13:35 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-11-14 13:35 . 2015-11-14 13:35 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-11-14 13:35 . 2015-11-14 13:35 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-11-14 13:35 . 2015-11-14 13:35 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-11-14 13:35 . 2015-11-14 13:35 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-11-14 13:35 . 2015-11-14 13:35 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-11-14 13:35 . 2015-11-14 13:35 101376 ----a-w- c:\windows\system32\inseng.dll
2015-11-14 12:50 . 2015-11-14 12:50 73728 ----a-w- c:\windows\SysWow64\AF9100EX.dll
2015-11-14 12:50 . 2015-11-14 12:50 73728 ----a-w- c:\windows\system32\AF9100EX.dll
2015-11-14 12:50 . 2015-11-14 12:50 126 ----a-w- c:\windows\system32\AF15IRTBL.bin
2015-11-14 12:50 . 2015-11-14 12:50 114688 ----a-w- c:\windows\system32\IRMonitor.exe
2015-11-14 12:50 . 2015-11-14 12:50 165504 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
2015-11-14 12:50 . 2015-11-14 12:44 73728 ----a-w- c:\windows\system32\AF15BDAEX.dll
2015-11-14 09:20 . 2012-07-17 13:37 24288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-11-13 20:43 . 2015-11-13 20:43 530968 ----a-w- c:\windows\system32\iglhsip64.dll
2015-11-13 20:43 . 2015-11-13 20:43 525800 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2015-11-13 20:43 . 2015-11-13 20:43 513640 ----a-w- c:\windows\system32\igfxsrvc.exe
2015-11-13 20:43 . 2015-11-13 20:43 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2015-11-13 20:43 . 2015-11-13 20:43 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2015-11-13 20:43 . 2015-11-13 20:43 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2015-11-13 20:43 . 2015-11-13 20:43 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2015-11-13 20:43 . 2015-11-13 20:43 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2015-11-13 20:43 . 2015-11-13 20:43 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2015-11-13 20:43 . 2015-11-13 20:43 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2015-11-13 20:43 . 2015-11-13 20:43 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2015-11-13 20:43 . 2015-11-13 20:43 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2015-11-13 20:43 . 2015-11-13 20:43 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2015-11-13 20:43 . 2015-11-13 20:43 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2015-11-13 20:43 . 2015-11-13 20:43 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2015-11-13 20:43 . 2015-11-13 20:43 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
2015-11-13 20:43 . 2015-11-13 20:43 410112 ----a-w- c:\windows\system32\igfxTMM.dll
2015-11-13 20:43 . 2015-11-13 20:43 280680 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2015-11-13 20:43 . 2015-11-13 20:43 272928 ----a-w- c:\windows\system32\igvpkrng600.bin
2015-11-13 20:43 . 2015-11-13 20:43 220432 ----a-w- c:\windows\system32\iglhcp64.dll
2015-11-13 20:43 . 2015-11-13 20:43 184352 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2015-11-13 20:43 . 2015-11-13 20:43 173672 ----a-w- c:\windows\system32\igfxtray.exe
2015-11-13 20:43 . 2015-11-13 20:43 116224 ----a-w- c:\windows\system32\igfxCoIn_v4229.dll
2015-11-13 20:43 . 2015-11-13 14:22 64000 ----a-w- c:\windows\system32\igfxsrvc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-11-14 09:10 223432 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-11-14 09:10 223432 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-11-14 09:10 223432 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-12-08 8590760]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-02-09 5015040]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-11-09 596528]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TMMonitor.lnk - c:\program files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2015-11-21 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192cu.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USER_ESRV_SVC_WILLAMETTE;User Energy Server Service WILLAMETTE;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
S0 SymEFASI;Symantec Extended File Attributes (SI);c:\windows\system32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\BASHDefs\20160104.001\BHDrvx64.sys;c:\program files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\BASHDefs\20160104.001\BHDrvx64.sys [x]
S1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1605050.00F\ccSetx64.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\IPSDefs\20160107.001\IDSvia64.sys;c:\program files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\IPSDefs\20160107.001\IDSvia64.sys [x]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1605050.00F\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1605050.00F\SYMNETS.SYS [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\22.5.5.15\N360.exe;c:\program files (x86)\Norton 360\Engine\22.5.5.15\N360.exe [x]
S2 Realtek11nCU;Realtek11nCU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 SystemUsageReportSvc_WILLAMETTE;Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE;c:\program files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe;c:\program files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTWlanU.sys;c:\windows\SYSNATIVE\DRIVERS\RTWlanU.sys [x]
S3 semav6msr64;semav6msr64;c:\windows\system32\drivers\semav6msr64.sys;c:\windows\SYSNATIVE\drivers\semav6msr64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-16 21:33 1000264 ----a-w- c:\program files (x86)\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-01-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-13 15:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-11-14 09:10 262344 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-11-14 09:10 262344 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-11-14 09:10 262344 ----a-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-11-13 173672]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-11-13 401512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-11-13 444008]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Notify-SDWinLogon - SDWinLogon.dll
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\22.5.5.15\N360.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\22.5.5.15\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton 360\Engine\22.5.5.15;c:\program files (x86)\Norton 360\Engine64\22.5.5.15"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\system32\IRMonitor.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe
c:\program files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2016-01-08 18:54:32 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-01-08 17:54
ComboFix2.txt 2016-01-08 12:41
.
Před spuštěním: Volných bajtů: 20 741 550 080
Po spuštění: Volných bajtů: 22 829 010 944
.
- - End Of File - - B993292769C6A46FAACD5C2C493CC820
A36C5E4F47E84449FF07ED3517B43A31

Mate problemy s flash disky?

Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.

Log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-01-2015
Ran by Jakub (administrator) on JAKUB-PC (08-01-2016 19:36:25)
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ITE Tech. Inc.) C:\Windows\System32\IRMonitor.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-766309723-63288475-3242401974-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-766309723-63288475-3242401974-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2015-11-21]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{BBD526AC-6DF7-4AAB-B4C6-29FECD2A0148}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-766309723-63288475-3242401974-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-766309723-63288475-3242401974-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-29] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-29] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.4.24\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.4.24\coFFAddon [2015-12-15]
FF HKLM-x32\...\Firefox\Extensions: [{40211632-250D-4B8C-B04E-DA45BAE6DF8C}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\coFFPlgn => not found
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.4.24\coFFAddon

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\gcswf32.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\gears.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Norton Security Toolbar) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-11-19]
CHR Extension: (Orange Kitten) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchgkbjeniiiodldcplggoiiipgnjfih [2015-11-27]
CHR Extension: (AdBlock) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-05]
CHR Extension: (Norton Identity Safe) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-11-13]
CHR Extension: (Norton Safe) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-11-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-13]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-28]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-28]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2015-12-26] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2015-12-26] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2015-12-26] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe [1475200 2015-12-26] (ASUSTeK Computer Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1368408 2015-11-30] (Disc Soft Ltd)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [414360 2015-09-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe [282016 2015-11-20] (Symantec Corporation)
R2 Realtek11nCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [112792 2015-09-14] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [414360 2015-09-14] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2015-11-13] (VIA Technologies, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\BASHDefs\20160104.001\BHDrvx64.sys [1665608 2015-10-22] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys [173808 2015-09-23] (Symantec Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-12-13] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [46392 2015-12-13] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-12] (Symantec Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-11-13] (REALiX(tm))
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\IPSDefs\20160107.001\IDSvia64.sys [767224 2015-11-19] (Symantec Corporation)
R3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2015-11-14] (ITE )
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160108.004\ENG64.SYS [138488 2015-10-16] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.4.24\Definitions\VirusDefs\20160108.004\EX64.SYS [2148080 2015-10-16] (Symantec Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-07-13] (Realtek Semiconductor Corporation )
R3 RtlWlanu; C:\Windows\System32\DRIVERS\RTWlanU.sys [2990808 2015-11-13] (Realtek Semiconductor Corporation )
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS [50936 2015-09-23] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-11-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS [297720 2015-09-23] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-08 19:36 - 2016-01-08 19:36 - 00019296 _____ C:\Users\Jakub\Desktop\FRST.txt
2016-01-08 19:35 - 2016-01-08 19:36 - 00000000 ____D C:\FRST
2016-01-08 19:35 - 2016-01-08 19:35 - 02370560 _____ (Farbar) C:\Users\Jakub\Desktop\frst64.exe
2016-01-08 18:54 - 2016-01-08 18:54 - 00032478 _____ C:\ComboFix.txt
2016-01-08 18:35 - 2016-01-08 18:35 - 00000000 ____D C:\Users\Jakub\Desktop\Nová složka
2016-01-08 18:34 - 2016-01-08 18:34 - 05646860 ____R (Swearware) C:\Users\Jakub\Desktop\ComboFix.exe
2016-01-08 17:15 - 2016-01-08 17:42 - 00000000 ____D C:\AdwCleaner
2016-01-08 17:13 - 2016-01-08 17:13 - 01749504 _____ C:\Users\Jakub\Downloads\adwcleaner_5.028.exe
2016-01-08 16:43 - 2016-01-08 16:52 - 00000000 ____D C:\Program Files\trend micro
2016-01-08 16:43 - 2016-01-08 16:44 - 00000000 ____D C:\rsit
2016-01-08 16:42 - 2016-01-08 16:43 - 01222144 _____ C:\Users\Jakub\Downloads\RSITx64.exe
2016-01-08 16:02 - 2012-07-26 06:32 - 00125872 _____ (GEAR Software Inc.) C:\Windows\system32\GEARAspi64.dll
2016-01-08 16:02 - 2012-07-26 06:32 - 00106928 _____ (GEAR Software Inc.) C:\Windows\SysWOW64\GEARAspi.dll
2016-01-08 16:02 - 2012-07-26 06:32 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2016-01-08 16:01 - 2016-01-08 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
2016-01-08 16:01 - 2016-01-08 16:01 - 00000000 ____D C:\Windows\system32\Drivers\NBRTWizardx64
2016-01-08 16:01 - 2016-01-08 16:01 - 00000000 ____D C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
2016-01-08 15:09 - 2016-01-08 16:03 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2016-01-08 15:09 - 2016-01-08 15:09 - 01110992 _____ (Symantec Corporation) C:\Users\Jakub\Downloads\NBRT-Retail-Downloader.exe
2016-01-08 15:09 - 2016-01-08 15:09 - 00001332 _____ C:\Users\Jakub\Desktop\Norton Installation Files.lnk
2016-01-08 15:05 - 2016-01-08 15:08 - 03088296 _____ (Symantec Corporation) C:\Users\Jakub\Downloads\NPE.exe
2016-01-08 13:31 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-01-08 13:31 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-01-08 13:31 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-01-08 13:31 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-01-08 13:31 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-01-08 13:31 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-01-08 13:31 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-01-08 13:31 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-01-08 13:29 - 2016-01-08 18:54 - 00000000 ____D C:\Qoobox
2016-01-08 13:28 - 2016-01-08 18:45 - 00000000 ____D C:\Windows\erdnt
2016-01-07 22:54 - 2016-01-07 22:54 - 00169630 _____ C:\Users\Jakub\Desktop\nože.obj
2016-01-07 22:54 - 2016-01-07 22:54 - 00000213 _____ C:\Users\Jakub\Desktop\nože.mtl
2016-01-07 22:49 - 2016-01-07 22:49 - 00039355 _____ C:\Users\Jakub\Desktop\noze.3ds
2016-01-07 22:48 - 2016-01-07 22:48 - 00201446 _____ C:\Users\Jakub\Desktop\noze.obj
2016-01-07 22:47 - 2016-01-07 22:47 - 00003048 _____ C:\Users\Jakub\Desktop\aopist.i3d.shapes
2016-01-07 22:47 - 2016-01-07 22:47 - 00001269 _____ C:\Users\Jakub\Desktop\aopist.i3d
2016-01-07 22:46 - 2016-01-07 22:46 - 04194432 _____ C:\Users\Jakub\Desktop\AO_pist_two.dds
2016-01-07 22:41 - 2016-01-07 22:41 - 04194432 _____ C:\Users\Jakub\Desktop\AO_pist_one.dds
2016-01-07 22:40 - 2016-01-07 22:40 - 00007296 _____ C:\Users\Jakub\Desktop\pistao.i3d.shapes
2016-01-07 22:40 - 2016-01-07 22:40 - 00001261 _____ C:\Users\Jakub\Desktop\pistao.i3d
2016-01-07 21:57 - 2016-01-07 22:14 - 00000000 ____D C:\Users\Jakub\Documents\hl3
2016-01-07 21:57 - 2016-01-07 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Centauri
2016-01-07 21:55 - 2016-01-07 23:50 - 00000000 ____D C:\Program Files (x86)\Centauri
2016-01-07 21:45 - 2016-01-07 21:45 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-01-07 21:33 - 2016-01-07 21:33 - 00000000 ____D C:\TEXCACHE
2016-01-07 21:31 - 2016-01-07 21:31 - 00000000 ____D C:\Users\Jakub\TYPHOON
2016-01-07 21:05 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-01-07 20:59 - 2016-01-07 20:59 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-01-07 20:58 - 2016-01-07 20:58 - 00001387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-01-07 20:58 - 2016-01-07 20:58 - 00001375 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-01-07 20:58 - 2016-01-07 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-01-07 20:57 - 2016-01-07 22:15 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-01-07 20:57 - 2016-01-07 21:21 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-01-07 20:57 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-01-07 14:32 - 2016-01-07 14:32 - 00000000 _____ C:\Users\Jakub\Desktop\-6548965770086008513.txt
2016-01-07 14:09 - 2016-01-07 20:21 - 00000000 ____D C:\NPE
2016-01-07 14:01 - 2016-01-08 15:09 - 00000000 ____D C:\Users\Jakub\AppData\Local\NPE
2016-01-06 23:28 - 2016-01-06 23:50 - 00000000 ____D C:\Users\Jakub\Desktop\Farming Models
2016-01-06 19:18 - 2016-01-06 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2015
2016-01-06 19:12 - 2016-01-06 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2013
2016-01-06 18:41 - 2016-01-06 19:42 - 00000000 ____D C:\Users\Jakub\Desktop\Farmingy
2016-01-06 18:32 - 2016-01-06 19:14 - 00000000 ____D C:\Farming Simulatory
2016-01-06 14:48 - 2016-01-06 14:50 - 00000000 ____D C:\Program Files\CCleaner
2016-01-06 14:48 - 2016-01-06 14:48 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-01-06 14:48 - 2016-01-06 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-04 17:33 - 2016-01-04 17:33 - 00000000 ____D C:\Users\Jakub\Documents\maya
2016-01-04 16:42 - 2016-01-04 16:42 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-01-04 16:40 - 2016-01-04 16:40 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2016-01-04 16:22 - 2016-01-04 16:22 - 00000000 ____D C:\Autodesk
2016-01-04 13:38 - 2016-01-04 13:38 - 00000000 ____D C:\Users\Jakub\AppData\Local\backburner
2016-01-03 15:12 - 2015-12-29 10:22 - 1617428480 _____ C:\Users\Public\Documents\FS13.iso
2016-01-03 15:12 - 2015-12-29 10:18 - 2052915200 _____ C:\Users\Public\Documents\FS15.iso
2016-01-02 20:51 - 2016-01-02 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-01-02 13:39 - 2016-01-04 15:58 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\.minecraft
2015-12-29 10:15 - 2015-12-29 10:15 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Ashampoo
2015-12-29 10:15 - 2015-12-29 10:15 - 00000000 ____D C:\Users\Jakub\AppData\Local\ashampoo
2015-12-29 10:14 - 2016-01-06 19:04 - 00000000 ____D C:\ProgramData\Ashampoo
2015-12-27 17:01 - 2015-12-27 17:01 - 00000000 ____D C:\~$PVRTmp0$
2015-12-26 19:52 - 2015-12-26 19:52 - 00000000 ____D C:\Intel
2015-12-26 17:02 - 2015-12-26 17:02 - 04272768 _____ C:\Windows\PE_File.dll
2015-12-26 16:53 - 2015-12-28 14:58 - 04207232 _____ C:\Windows\PE_Rom.dll
2015-12-26 16:53 - 2015-12-28 14:58 - 00000000 _____ C:\Windows\Path.idx
2015-12-26 16:52 - 2015-12-26 16:52 - 00000000 _____ C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_P8H61-MX R2.0.alu
2015-12-26 16:48 - 2013-02-21 11:40 - 00032840 _____ (NT Kernel Resources) C:\Windows\system32\Drivers\ndisrd.sys
2015-12-26 16:47 - 2015-12-26 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-12-26 16:47 - 2013-01-15 10:52 - 00014464 _____ C:\Windows\SysWOW64\Drivers\AsUpIO.sys
2015-12-26 16:47 - 2008-12-02 20:05 - 00184320 _____ (ASUSTeK) C:\Windows\SysWOW64\Drivers\UpdateHelper.dll
2015-12-26 16:45 - 2015-12-26 16:45 - 00000000 ____D C:\ProgramData\ASUS
2015-12-26 16:44 - 2015-12-26 16:48 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-12-26 16:44 - 2015-12-26 16:44 - 00000000 ____D C:\Windows\SysWOW64\Drivers\MFDLL
2015-12-26 16:44 - 2012-08-22 16:54 - 00015232 _____ C:\Windows\SysWOW64\Drivers\AsIO.sys
2015-12-26 16:44 - 2010-06-29 14:41 - 00028672 _____ (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll
2015-12-26 16:44 - 2008-01-04 13:34 - 00011832 ____N C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2015-12-26 16:44 - 2008-01-04 13:34 - 00010216 ____N C:\Windows\SysWOW64\Drivers\AsInsHelp32.sys
2015-12-22 16:32 - 2015-12-22 16:32 - 00000000 ____D C:\Windows\USB Vibration
2015-12-18 10:44 - 2015-12-18 10:44 - 00000000 _____ C:\Users\Jakub\AppData\Local\{1EF8E7CD-1A84-4FEA-88E4-0DB571012355}
2015-12-16 20:38 - 2016-01-07 22:45 - 00000000 ____D C:\Users\Jakub\Desktop\.mayaSwatches
2015-12-16 19:37 - 2015-12-16 19:37 - 00000000 ____D C:\Users\Jakub\Desktop\Keyboard
2015-12-16 18:13 - 2015-12-16 18:18 - 00000000 ____D C:\ProgramData\FLEXnet
2015-12-16 18:12 - 2015-12-16 18:12 - 00000000 ____D C:\Users\Jakub\AppData\Local\Autodesk
2015-12-16 18:00 - 2016-01-04 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-12-16 17:56 - 2016-01-04 16:44 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2015-12-16 17:56 - 2016-01-04 16:41 - 00000000 ____D C:\Program Files\Autodesk
2015-12-16 17:54 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-12-16 17:54 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-12-16 17:54 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-12-16 17:54 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-12-16 17:54 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-12-16 17:54 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-12-16 17:54 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-12-16 17:54 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-12-16 17:54 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-12-16 17:54 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-12-16 17:54 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-12-16 17:54 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-12-16 17:54 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-12-16 17:54 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-12-16 17:54 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-12-16 17:54 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-12-16 17:54 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-12-16 17:54 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-12-16 17:54 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-12-16 17:54 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-12-16 17:54 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-12-16 17:54 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-12-16 17:54 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-12-16 17:54 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-12-16 17:54 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-12-16 17:54 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-12-16 17:54 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-12-16 17:54 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-12-16 17:54 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-12-16 17:54 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-12-16 17:54 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-12-16 17:54 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-12-16 17:54 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-12-16 17:54 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-12-16 17:54 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-12-16 17:54 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-12-16 17:54 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-12-16 17:54 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-12-16 17:54 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-12-16 17:54 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-12-16 17:54 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-12-16 17:54 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-12-16 17:54 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-12-16 17:54 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-12-16 17:54 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-12-16 17:54 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-12-16 17:54 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-12-16 17:54 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-12-16 17:54 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-12-16 17:54 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-12-16 17:54 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-12-16 17:54 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-12-16 17:54 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-12-16 17:54 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-12-16 17:54 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-12-16 17:54 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-12-16 17:54 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-12-16 17:54 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-12-16 17:54 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-12-16 17:54 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-12-16 17:54 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-12-16 17:54 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-12-16 17:54 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-12-16 17:54 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-12-16 17:54 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-12-16 17:54 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-12-16 17:54 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-12-16 17:54 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-12-16 17:54 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-12-16 17:54 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-12-16 17:54 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-12-16 17:54 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-12-16 17:54 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-12-16 17:54 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-12-16 17:54 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-12-16 17:54 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-12-16 17:54 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-12-16 17:54 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-12-16 17:54 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-12-16 17:54 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-12-16 17:54 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-12-16 17:54 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-12-16 17:54 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-12-16 17:54 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-12-16 17:54 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-12-16 17:54 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-12-16 17:54 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-12-16 17:54 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-12-16 17:54 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-12-16 17:54 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-12-16 17:54 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-12-16 17:54 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-12-16 17:54 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-12-16 17:54 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-12-16 17:54 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-12-16 17:54 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-12-16 17:54 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-12-16 17:54 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-12-16 17:54 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-12-16 17:54 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-12-16 17:54 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-12-16 17:54 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-12-16 17:53 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-12-16 17:53 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-12-16 17:53 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-12-16 17:53 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-12-16 17:53 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-12-16 17:53 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-12-16 17:53 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-12-16 17:53 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-12-16 17:53 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-12-16 17:53 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-12-16 17:53 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-12-16 17:53 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-12-16 17:53 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-12-16 17:53 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-12-16 17:53 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-12-16 17:53 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-12-16 17:53 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-12-16 17:53 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-12-16 17:53 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-12-16 17:53 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-12-16 17:53 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-12-16 17:53 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-12-16 17:53 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-12-16 17:53 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-12-16 17:53 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-12-16 17:53 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-12-16 17:53 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-12-16 17:53 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-12-16 17:53 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-12-16 17:53 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-12-16 17:53 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-12-16 17:53 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-12-16 17:53 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-12-16 17:53 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-12-16 17:53 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-12-16 17:53 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-12-16 17:53 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-12-16 17:53 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-12-16 17:53 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-12-16 17:53 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-12-16 17:53 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-12-16 17:53 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-12-16 17:53 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-12-16 17:53 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-12-16 17:53 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-12-16 17:53 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-12-16 17:53 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-12-16 17:53 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-12-16 17:53 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-12-16 17:53 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-12-16 17:53 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-12-16 17:53 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-12-16 17:53 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-12-16 17:53 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-12-16 17:53 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-12-16 17:53 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-12-16 17:53 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-12-16 17:53 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-12-16 17:53 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-12-16 17:53 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-12-16 17:47 - 2015-12-16 18:22 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Autodesk
2015-12-16 17:47 - 2015-12-16 18:22 - 00000000 ____D C:\ProgramData\Autodesk
2015-12-15 23:38 - 2015-12-15 23:38 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Trimble Connect for SketchUp
2015-12-15 23:34 - 2015-12-15 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3D 6.4.30
2015-12-15 23:34 - 2015-12-15 23:34 - 00000000 ____D C:\Program Files (x86)\AC3D 6.4.30
2015-12-15 23:29 - 2015-12-15 23:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2016
2015-12-13 14:17 - 2015-12-17 14:56 - 00000000 ____D C:\Users\Jakub\AppData\Local\Disc_Soft_Ltd
2015-12-13 14:00 - 2015-12-13 14:00 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2015-12-13 13:58 - 2015-12-13 13:58 - 00046392 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2015-12-13 13:56 - 2016-01-07 22:56 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
2015-12-13 13:56 - 2015-12-13 14:17 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2015-12-13 13:56 - 2015-12-13 13:56 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-12-13 13:56 - 2015-12-13 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-12-13 13:56 - 2015-12-13 13:56 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-12-13 13:36 - 2016-01-05 23:31 - 00000000 ____D C:\Users\Jakub\Desktop\Hry
2015-12-13 13:35 - 2016-01-06 23:50 - 00000000 ____D C:\Users\Jakub\Desktop\Programy
2015-12-10 16:12 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-10 16:12 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-10 16:12 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-10 16:12 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-10 16:12 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-10 16:12 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-10 16:12 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-10 16:12 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-10 16:12 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-10 16:12 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-10 16:12 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-10 16:12 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-10 16:12 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-10 16:12 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-10 16:12 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-10 16:12 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-10 16:12 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-10 16:12 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-10 16:12 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-10 16:12 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-10 16:12 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-10 16:12 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-10 16:12 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-10 16:12 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-10 16:12 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-10 16:12 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-10 16:12 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-10 16:12 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-10 16:12 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-10 16:12 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-10 16:12 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-10 16:12 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-10 16:12 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-10 16:12 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-10 16:12 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-10 16:12 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-10 16:12 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-10 16:12 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-10 16:12 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-10 16:12 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-10 16:12 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-10 16:12 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-10 16:12 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-10 16:12 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-10 16:12 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-10 16:12 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-10 16:12 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-10 16:12 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-10 16:12 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-10 16:12 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-10 16:12 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-10 16:12 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-10 16:12 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-10 16:12 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-10 16:12 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-10 16:12 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-10 16:11 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-10 16:11 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-10 16:11 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-10 16:11 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-10 16:11 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-10 16:11 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-10 16:11 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-10 16:11 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-10 16:11 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-10 16:11 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-10 16:11 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-10 16:11 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-10 16:11 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-10 16:11 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-10 16:11 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-10 16:11 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-10 16:11 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-10 16:11 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-10 16:09 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-10 16:09 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-10 16:09 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-10 16:08 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-10 16:08 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-10 16:08 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-10 16:08 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-10 16:08 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-10 16:08 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-08 19:36 - 2015-11-13 21:49 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-08 19:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-08 18:59 - 2009-07-14 05:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-08 18:59 - 2009-07-14 05:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-08 18:48 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-01-08 18:47 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-08 17:47 - 2015-11-13 16:06 - 00003242 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-01-08 17:47 - 2015-11-13 16:06 - 00002874 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Jakub)
2016-01-08 16:31 - 2015-11-15 14:21 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-01-08 16:03 - 2015-11-13 16:58 - 00000000 ____D C:\ProgramData\Norton
2016-01-08 15:30 - 2015-11-13 16:58 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-01-07 23:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-07 22:49 - 2015-11-28 14:26 - 00006958 _____ C:\Users\Jakub\ac3dprefs.txt
2016-01-07 22:48 - 2015-11-28 14:24 - 00000000 ____D C:\ProgramData\TEMP
2016-01-07 21:53 - 2015-11-13 15:20 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-07 21:47 - 2015-11-13 15:08 - 00000000 ____D C:\Users\Jakub\AppData\Local\VirtualStore
2016-01-07 21:40 - 2015-11-15 17:21 - 00000000 ____D C:\Users\Jakub\AppData\Local\CrashDumps
2016-01-07 21:31 - 2015-11-13 15:08 - 00000000 ____D C:\Users\Jakub
2016-01-07 21:05 - 2015-11-15 14:20 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-07 14:01 - 2015-11-16 13:49 - 00000000 ____D C:\Users\Public\Downloads\Norton
2016-01-06 23:37 - 2015-11-13 22:30 - 00000000 ____D C:\Users\Jakub\Documents\My Games
2016-01-06 20:39 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-06 16:44 - 2015-11-13 21:49 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-06 16:44 - 2015-11-13 21:49 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-06 16:44 - 2015-11-13 21:49 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-06 16:43 - 2015-11-13 16:06 - 00000000 ____D C:\ProgramData\ProductData
2016-01-06 14:53 - 2015-11-13 15:01 - 00000000 ____D C:\Windows\Panther
2016-01-04 18:10 - 2011-04-12 09:34 - 00668138 _____ C:\Windows\system32\perfh005.dat
2016-01-04 18:10 - 2011-04-12 09:34 - 00140798 _____ C:\Windows\system32\perfc005.dat
2016-01-04 18:10 - 2009-07-14 06:13 - 01582262 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-04 14:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-03 21:13 - 2015-11-15 21:07 - 00000000 ____D C:\Fraps
2016-01-02 15:49 - 2015-11-13 23:06 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Notepad++
2016-01-02 15:49 - 2015-11-13 23:06 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-01-02 12:30 - 2015-11-14 11:02 - 00000000 ____D C:\Program Files\SketchUp
2015-12-26 16:48 - 2015-11-13 15:14 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2015-12-24 13:26 - 2009-07-14 06:08 - 00032566 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-21 16:01 - 2015-11-13 15:43 - 00000000 ____D C:\ProgramData\HP
2015-12-18 13:46 - 2015-11-14 15:25 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 13:46 - 2015-11-14 15:25 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-16 20:38 - 2015-11-14 10:08 - 00000000 ____D C:\Users\Jakub\AppData\Local\Windows Live
2015-12-15 23:30 - 2015-11-14 11:05 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\SketchUp
2015-12-15 23:30 - 2015-11-14 11:03 - 00000000 ____D C:\ProgramData\Reprise
2015-12-15 23:29 - 2015-11-14 11:02 - 00000000 ____D C:\ProgramData\SketchUp
2015-12-15 19:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-11 15:11 - 2009-07-14 05:45 - 00294136 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-10 19:25 - 2015-11-22 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 19:24 - 2015-11-22 16:27 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 19:24 - 2015-11-22 16:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 19:22 - 2015-11-14 14:46 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 19:15 - 2015-11-14 14:46 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2015-11-19 18:19 - 2015-11-19 18:19 - 0000000 _____ () C:\Users\Jakub\AppData\Local\{179493FC-EA70-4C7D-AD2A-BBB7C488BB73}
2015-12-18 10:44 - 2015-12-18 10:44 - 0000000 _____ () C:\Users\Jakub\AppData\Local\{1EF8E7CD-1A84-4FEA-88E4-0DB571012355}
2015-11-24 16:21 - 2015-11-24 16:21 - 0000000 _____ () C:\Users\Jakub\AppData\Local\{3F971C74-BD79-4B3F-8736-E143A403797F}
2015-11-25 20:32 - 2015-11-25 20:32 - 0000000 _____ () C:\Users\Jakub\AppData\Local\{7B03FC14-7A47-4EB5-9288-867B4F7DDE4F}
2015-11-30 18:30 - 2015-11-30 18:30 - 0000000 _____ () C:\Users\Jakub\AppData\Local\{8E0BC32A-9364-4988-895B-12A7382041EE}
2015-11-17 10:33 - 2015-11-17 10:33 - 0000000 _____ () C:\Users\Jakub\AppData\Local\{EE2BE4A8-3CB7-466A-87C8-BB122A6A1773}
2015-11-14 18:40 - 2015-11-15 21:13 - 0001535 _____ () C:\ProgramData\LmeUSB.log
2015-11-14 18:40 - 2015-11-15 21:13 - 0001533 _____ () C:\ProgramData\LSDmbTH.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-01-04 13:55

==================== End of FRST.txt ============================

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-766309723-63288475-3242401974-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\gcswf32.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\gears.dll => No File
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
C:\Windows\xhunter1.sys
2016-01-08 17:15 - 2016-01-08 17:42 - 00000000 ____D C:\AdwCleaner
2016-01-08 17:13 - 2016-01-08 17:13 - 01749504 _____ C:\Users\Jakub\Downloads\adwcleaner_5.028.exe
2016-01-08 16:43 - 2016-01-08 16:52 - 00000000 ____D C:\Program Files\trend micro
2016-01-08 16:43 - 2016-01-08 16:44 - 00000000 ____D C:\rsit
2016-01-08 16:42 - 2016-01-08 16:43 - 01222144 _____ C:\Users\Jakub\Downloads\RSITx64.exe
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm
AlternateDataStreams: C:\ProgramData\TEMP:64217CD0
EmptyTemp:
End

Přikládám log

Fix result of Farbar Recovery Scan Tool (x64) Version:07-01-2015
Ran by Jakub (2016-01-08 20:32:15) Run:1
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-766309723-63288475-3242401974-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\gcswf32.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\gears.dll => No File
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
C:\Windows\xhunter1.sys
2016-01-08 17:15 - 2016-01-08 17:42 - 00000000 ____D C:\AdwCleaner
2016-01-08 17:13 - 2016-01-08 17:13 - 01749504 _____ C:\Users\Jakub\Downloads\adwcleaner_5.028.exe
2016-01-08 16:43 - 2016-01-08 16:52 - 00000000 ____D C:\Program Files\trend micro
2016-01-08 16:43 - 2016-01-08 16:44 - 00000000 ____D C:\rsit
2016-01-08 16:42 - 2016-01-08 16:43 - 01222144 _____ C:\Users\Jakub\Downloads\RSITx64.exe
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm
AlternateDataStreams: C:\ProgramData\TEMP:64217CD0
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-766309723-63288475-3242401974-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSuggestURL => removed successfully
C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\gcswf32.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\gears.dll => not found.
xhunter1 => service removed successfully
"C:\Windows\xhunter1.sys" => not found.
C:\AdwCleaner => moved successfully
C:\Users\Jakub\Downloads\adwcleaner_5.028.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\Jakub\Downloads\RSITx64.exe => moved successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS removed successfully.
C:\ProgramData\TEMP => ":64217CD0" ADS removed successfully.
EmptyTemp: => 76.3 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 20:32:37 ====

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

Mnohokrát děkuji,poslední krok proveden

Přejí pěkný zbytek dne
Jakub

Nemate zac, rad jsem pomohl

Mejte se krasne a treba zase nekdy

VIRY.CZ

Havěť či jiný parazit.. ? Prosím o pomoc

Havěť či jiný parazit.. ? Prosím o pomoc

Re: Havěť či jiný parazit.. ? Prosím o pomoc

Re: Havěť či jiný parazit.. ? Prosím o pomoc

Re: Havěť či jiný parazit.. ? Prosím o pomoc

Re: Havěť či jiný parazit.. ? Prosím o pomoc

Re: Havěť či jiný parazit.. ? Prosím o pomoc

Re: Havěť či jiný parazit.. ? Prosím o pomoc

Re: Havěť či jiný parazit.. ? Prosím o pomoc

Re: Havěť či jiný parazit.. ? Prosím o pomoc

Re: Havěť či jiný parazit.. ? Prosím o pomoc

Re: Havěť či jiný parazit.. ? Prosím o pomoc

Re: Havěť či jiný parazit.. ? Prosím o pomoc

Re: Havěť či jiný parazit.. ? Prosím o pomoc