kontrola logu ( Systém Windows nemá přístup... + antivir)
Napsal: 05 čer 2016 12:07
Zdravím,
před pár minutami jsem se se snažil nainstalovat jednu hru, ale setup.exe se nespustil, jen zmizel s hláškou "Systém Windows nemá přístup k určenému zařízení......"
+ antivir pravděpodobně nereaguje...
Pokud se jedná o planý poplach a pc je čistý, omlouvám se za spam..
Pc jsem ještě ani nerestartoval. Bojím se, že ho už nezapnu
Vkládám log z FRST a z RSIT
Ten FRST Launcher nejde stáhnout
log z FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-06-2016
Ran by Anton (administrator) on TONY (05-06-2016 13:14:56)
Running from C:\Users\Anton\Desktop
Loaded Profiles: Anton (Available Profiles: Anton)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\nav.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Programy\Razer Game Booster\RzKLService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\nav.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [AGEIA PhysX SysTray] => C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe [339968 2006-08-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\Run: [DAEMON Tools Lite] => "C:\Users\Anton\Desktop\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {2156a9fb-7994-11e5-8261-acb57daa8b50} - "J:\fscommand\LS_Start_Launch.cmd"
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {2156aefa-7994-11e5-8261-acb57daa8b50} - "F:\setup.exe"
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {2a3ae1ec-b3ef-11e4-8252-806e6f6e6963} - "E:\autorun.exe"
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {cad7f8e5-eb87-11e5-827d-acb57daa8b50} - "I:\_aom.exe"
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-02-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2014 Rychlé spuštění.lnk [2015-10-29]
ShortcutTarget: SolidWorks 2014 Rychlé spuštění.lnk -> C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Nástroj pro stahování na pozadí.lnk [2015-10-29]
ShortcutTarget: SolidWorks Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SolidWorks\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar17.lnk [2016-01-11]
ShortcutTarget: Sidebar17.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-3113116595-2999987527-3303187697-1001] => hxxp://unstopp.me/wpad.dat?c5b648b4075e6b646d08943929ec467e4892169
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2D661260-C0ED-45C5-A9DE-A77C0EB44ADE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C0278D2-9D48-4008-80B4-540F817CBB5C}: [DhcpNameServer] 192.168.24.1
ManualProxies: 0hxxp://unstopp.me/wpad.dat?c5b648b4075e6b646d08943929ec467e4892169
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programy\Java\bin\ssv.dll [2015-12-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programy\Java\bin\jp2ssv.dll [2015-12-12] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default
FF Homepage: hxxps://cs-cz.facebook.com/
about:preferences#general
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Programy\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Programy\Java\bin\dtplugin\npDeployJava1.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Programy\Java\bin\plugin2\npjp2.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default\searchplugins\McSiteAdvisor.xml [2015-12-12]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon [2016-04-02]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon
Chrome:
=======
CHR Profile: C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-23]
CHR Extension: (Dokumenty Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-23]
CHR Extension: (Disk Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2016-06-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-23]
CHR Extension: (GeoProxy) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pooljnboifbodgifngpppfklhifechoe [2015-12-27]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-22]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel & Associates)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe [289080 2016-02-26] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; D:\Hry\Origin\OriginClientService.exe [2120712 2016-05-21] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-01-30] ()
R2 RzKLService; C:\Programy\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-10-29] (SolidWorks) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-09-19] (ASUS Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7546544 2015-02-14] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\BASHDefs\20160521.001\BHDrvx64.sys [1832176 2016-05-13] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1606000.08E\ccSetx64.sys [173808 2015-09-24] (Symantec Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-10-24] (DT Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-05] (Symantec Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\IPSDefs\20160527.001\IDSvia64.sys [876248 2016-05-26] (Symantec Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-08-10] (McAfee, Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\VirusDefs\20160528.001\ENG64.SYS [138456 2016-05-19] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\VirusDefs\20160528.001\EX64.SYS [2148056 2016-05-19] (Symantec Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2016-03-19] () [File not signed]
R1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1606000.08E\SRTSP64.SYS [928504 2016-02-24] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1606000.08E\SRTSPX64.SYS [50936 2015-09-24] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NAVx64\1606000.08E\SYMEFASI64.SYS [1621232 2016-02-24] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1606000.08E\SymELAM.sys [24192 2015-09-24] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-12-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1606000.08E\Ironx64.SYS [295664 2016-02-24] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1606000.08E\SYMNETS.SYS [577768 2016-02-24] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-05 13:14 - 2016-06-05 13:15 - 00021406 _____ C:\Users\Anton\Desktop\FRST.txt
2016-06-05 13:14 - 2016-06-05 13:14 - 00000000 ____D C:\FRST
2016-06-05 12:54 - 2016-06-05 12:55 - 00000000 ____D C:\rsit
2016-06-05 12:54 - 2016-06-05 12:55 - 00000000 ____D C:\Program Files\trend micro
2016-06-05 12:52 - 2016-06-05 12:52 - 01222144 _____ C:\Users\Anton\Desktop\RSITx64.exe
2016-06-05 12:51 - 2016-06-05 12:51 - 02384384 _____ (Farbar) C:\Users\Anton\Desktop\FRST64.exe
2016-05-28 20:55 - 2016-06-05 12:27 - 1465930410 _____ C:\Users\Anton\Downloads\Old Dogs (2009) DVDRip by fazza.avi
2016-05-28 20:54 - 2016-06-04 21:45 - 895387648 ____R C:\Users\Anton\Downloads\MiB3.avi
2016-05-23 19:29 - 2016-05-23 19:29 - 01777544 _____ C:\Users\Anton\Desktop\ArmyFunny.mp4
2016-05-22 10:50 - 2016-05-27 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-21 20:34 - 2016-05-21 21:04 - 184775210 _____ C:\Users\Anton\Desktop\Rockwood_0_98_beta_ENTPACKEN.rar
2016-05-21 15:25 - 2016-05-21 15:25 - 00079085 _____ C:\Users\Anton\Desktop\ZZZ_driveControl.zip
2016-05-21 11:48 - 2016-06-04 17:26 - 1607770112 ____R C:\Users\Anton\Downloads\Taken.2.2012BDRip.XviD.AC3.CZ-JNP.avi
2016-05-21 11:48 - 2016-05-21 11:51 - 00000000 ____D C:\Users\Anton\Downloads\Tak3n.2014.TheatricalCut.480p.BDRip.XviD.AC3.CZ
2016-05-19 23:54 - 2016-05-20 03:17 - 1551706112 ____R C:\Users\Anton\Downloads\96hodin (2008).avi
2016-05-19 22:36 - 2016-06-04 22:12 - 1866872832 ____R C:\Users\Anton\Downloads\Mezi náhrobními kameny.avi
2016-05-19 22:36 - 2016-05-21 02:45 - 1311508480 ____R C:\Users\Anton\Downloads\Heist.2015.BRRip.480pp.XviD.CZ.avi
2016-05-19 20:21 - 2016-05-23 19:23 - 00000000 ____D C:\Users\Anton\Downloads\Deadpool.2016.BDRip.XviD.CZ-TreZzoR
2016-05-19 20:21 - 2016-05-20 00:53 - 1481334784 ____R C:\Users\Anton\Downloads\Star Wars Síla se probouzí.avi
2016-05-11 20:59 - 2016-05-11 20:59 - 00092190 _____ C:\Users\Anton\Desktop\AnimationMapTrigger.zip
2016-05-11 20:38 - 2016-05-11 20:51 - 505779464 _____ C:\Users\Anton\Desktop\SandyBayGold.zip
2016-05-11 18:50 - 2016-03-16 03:58 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-11 18:50 - 2016-03-16 03:58 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-11 18:50 - 2016-03-14 18:50 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-05-11 18:50 - 2016-03-10 19:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll
2016-05-11 18:50 - 2016-03-10 18:52 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-05-11 18:50 - 2016-03-10 18:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll
2016-05-11 18:50 - 2016-03-05 19:44 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-05-11 18:50 - 2016-03-05 19:04 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-05-11 18:50 - 2016-02-27 20:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-05-11 18:50 - 2016-02-27 19:57 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-05-11 18:50 - 2016-02-27 19:19 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-05-11 18:50 - 2016-02-27 18:32 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-05-11 18:49 - 2016-03-12 02:49 - 02466136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-05-11 18:49 - 2016-03-12 02:47 - 00160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2016-05-11 18:49 - 2016-03-12 02:47 - 00121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2016-05-11 18:49 - 2016-03-10 18:55 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-05-11 18:49 - 2016-03-10 18:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-05-11 18:41 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-11 18:41 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-11 17:14 - 2016-04-22 22:54 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 17:14 - 2016-04-22 22:06 - 20349952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 17:14 - 2016-04-22 21:19 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 17:13 - 2016-04-22 22:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 17:13 - 2016-04-22 22:14 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 17:13 - 2016-04-22 22:08 - 06052864 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 17:13 - 2016-04-22 22:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 17:13 - 2016-04-22 21:35 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 17:13 - 2016-04-22 21:29 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 17:13 - 2016-04-22 21:24 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-05-11 17:13 - 2016-04-22 21:23 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 17:13 - 2016-04-22 21:17 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-11 17:13 - 2016-04-22 21:14 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-11 17:13 - 2016-04-22 21:14 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-11 17:13 - 2016-04-22 21:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-11 17:13 - 2016-04-22 21:12 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-11 17:13 - 2016-04-22 20:58 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 17:13 - 2016-04-22 20:58 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-05-11 17:13 - 2016-04-22 20:54 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 17:13 - 2016-04-22 20:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-11 17:13 - 2016-04-22 20:52 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-11 17:13 - 2016-04-22 20:52 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-11 17:13 - 2016-04-22 20:52 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-11 17:13 - 2016-04-22 20:51 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-11 17:13 - 2016-04-22 20:40 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 17:13 - 2016-04-22 20:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-11 17:13 - 2016-04-22 20:27 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-11 17:13 - 2016-04-22 20:24 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 17:13 - 2016-04-22 20:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-11 17:13 - 2016-04-11 08:21 - 00074584 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2016-05-11 17:13 - 2016-04-10 09:48 - 00738096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 17:13 - 2016-04-10 09:48 - 00613624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 17:13 - 2016-04-10 07:37 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 17:13 - 2016-04-10 06:21 - 01763376 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-11 17:13 - 2016-04-10 06:21 - 01489088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 17:13 - 2016-04-10 06:14 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 17:13 - 2016-04-10 01:29 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 17:13 - 2016-04-10 00:07 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 17:13 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-05-11 17:13 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-05-11 17:13 - 2016-04-06 23:13 - 00561960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-05-11 17:13 - 2016-04-06 23:13 - 00137976 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-11 17:13 - 2016-04-06 20:20 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-11 17:13 - 2016-04-06 20:19 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-11 17:13 - 2016-04-06 20:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-11 17:13 - 2016-04-06 19:49 - 00120384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-11 17:13 - 2016-04-06 19:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-11 17:13 - 2016-04-06 18:57 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-11 17:13 - 2016-04-06 18:52 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-11 17:13 - 2016-04-06 18:20 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-11 17:13 - 2016-04-06 17:48 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-11 17:13 - 2016-03-29 03:42 - 07446368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-07 13:18 - 2016-05-07 13:18 - 00000000 ____D C:\Users\Anton\Desktop\fs15
2016-05-07 13:11 - 2016-05-07 13:11 - 04558709 _____ C:\Users\Anton\Desktop\zzz_ManualAttaching.zip
2016-05-07 12:40 - 2016-05-07 12:40 - 00770794 _____ C:\Users\Anton\Desktop\ZZZ_courseplay.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-05 13:02 - 2015-10-24 19:02 - 00000536 _____ C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job
2016-06-05 12:43 - 2015-11-06 21:12 - 00000000 ____D C:\Users\Anton\AppData\Roaming\uTorrent
2016-06-05 12:34 - 2016-04-03 16:29 - 00000000 ____D C:\Users\Anton\Downloads\L.A. Noire - The Complete Edition (CZ; MULTi6) [Repack] by Teagan
2016-06-05 12:28 - 2015-10-29 14:37 - 00910336 ___SH C:\Users\Anton\Downloads\Thumbs.db
2016-06-05 12:26 - 2015-11-06 20:44 - 00000000 ____D C:\Users\Anton\Downloads\HRY INSTALACKY
2016-06-05 12:23 - 2015-10-23 16:55 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-05 12:22 - 2015-10-23 16:49 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3113116595-2999987527-3303187697-1001
2016-06-05 12:20 - 2015-10-23 16:52 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2016-06-05 12:20 - 2015-10-23 16:52 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2016-06-05 12:16 - 2015-10-23 16:55 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-05 12:16 - 2015-10-23 16:51 - 00001543 _____ C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2016-06-05 12:16 - 2015-10-23 16:45 - 00000165 _____ C:\Users\Anton\AppData\Roaming\sp_data.sys
2016-06-04 22:54 - 2015-10-24 16:59 - 00000000 ____D C:\Users\Anton\AppData\Roaming\vlc
2016-06-04 19:50 - 2015-10-29 13:44 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-06-04 19:50 - 2015-10-29 13:30 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-06-04 19:48 - 2015-12-15 15:28 - 00000000 ____D C:\Users\Anton\Documents\Euro Truck Simulator 2
2016-06-04 19:48 - 2015-10-29 13:30 - 00215128 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-06-04 18:53 - 2015-10-23 18:16 - 00000000 ____D C:\Users\Anton\Desktop\sSs
2016-06-04 18:46 - 2015-10-23 17:10 - 05600256 ___SH C:\Users\Anton\Desktop\Thumbs.db
2016-06-03 20:41 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-03 20:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-03 18:39 - 2015-10-23 18:05 - 00000000 ____D C:\Users\Anton\Desktop\Moje
2016-05-29 21:59 - 2015-10-23 16:43 - 00000000 ____D C:\Users\Anton
2016-05-29 18:14 - 2014-10-21 13:24 - 00741360 _____ C:\Windows\system32\perfh005.dat
2016-05-29 18:14 - 2014-10-21 13:24 - 00152030 _____ C:\Windows\system32\perfc005.dat
2016-05-29 18:14 - 2014-03-18 17:26 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-29 18:14 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-05-29 16:23 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-28 15:21 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-05-28 15:20 - 2015-10-23 16:40 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-28 15:20 - 2015-10-23 16:40 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-27 20:55 - 2015-10-23 22:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-27 20:55 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-05-21 22:37 - 2015-12-25 18:53 - 00000000 ____D C:\ProgramData\Origin
2016-05-19 23:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-05-18 18:36 - 2015-10-25 16:34 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-13 20:22 - 2015-10-23 17:02 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 19:48 - 2013-08-22 16:44 - 00396504 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-11 22:08 - 2013-08-22 17:38 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-11 22:08 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 21:37 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-05-11 21:32 - 2014-03-18 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 20:34 - 2015-10-25 16:21 - 00000000 ____D C:\Windows\system32\MRT
2016-05-11 19:40 - 2015-10-25 16:21 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-11 18:57 - 2015-10-24 00:14 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-05-11 17:15 - 2015-10-23 16:55 - 00003942 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 17:15 - 2015-10-23 16:55 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 16:25 - 2015-10-25 10:49 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
==================== Files in the root of some directories =======
2015-11-01 20:22 - 2015-11-01 20:22 - 0000504 _____ () C:\Users\Anton\AppData\Roaming\Drives Monitor_Settings.ini
2015-10-23 16:45 - 2016-06-05 12:16 - 0000165 _____ () C:\Users\Anton\AppData\Roaming\sp_data.sys
2015-11-01 20:24 - 2015-11-01 20:28 - 0000122 _____ () C:\Users\Anton\AppData\Roaming\System Monitor II_UptimeRecord.ini
2016-01-11 18:27 - 2016-01-26 12:30 - 0000058 _____ () C:\Users\Anton\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-10-29 17:45 - 2015-12-09 16:19 - 0000000 _____ () C:\Users\Anton\AppData\Local\Temptable.xml
2015-02-14 04:43 - 2015-02-14 04:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-21 06:28 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-21 06:28 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-21 06:28 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Anton\AppData\Local\Temp\ose00000.exe
C:\Users\Anton\AppData\Local\Temp\rootsupd.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-03 20:42
==================== End of FRST.txt ============================
Log z RSIT
Logfile of random's system information tool 1.10 (written by random/random)
Run by Anton at 2016-06-05 12:54:46
Microsoft Windows 8.1
System drive C: has 213 GB (56%) free of 382 GB
Total RAM: 8095 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:55:07, on 5. 6. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Windows\TEMP\DPTF\esif_assist.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ASUS\APRP\aprp.exe
C:\Program Files\trend micro\Anton.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://unstopp.me/wpad.dat?c5b648b4075e ... 67e4892169
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programy\Java\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programy\Java\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\coIEPlg.dll
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] "C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Users\Anton\Desktop\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Sidebar17.lnk = C:\Program Files\Windows Sidebar\sidebar.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: SolidWorks 2014 Rychlé spuštění.lnk = ?
O4 - Global Startup: SolidWorks Nástroj pro stahování na pozadí.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MSOFFI~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MSOFFI~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @oem23.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McNeel Update Service 5.0 (McNeelUpdate) - Robert McNeel & Associates - C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\Hry\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Programy\Razer Game Booster\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11608 bytes
======Listing Processes======
wininit.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0ecf352a-d0ae-49a9-993b-d894d4eeb2c5 -SystemEventPortName:HostProcess-29c12ff2-c496-4abf-9bc3-3c72186d6501 -IoCancelEventPortName:HostProcess-8fbadca4-7fcd-485c-bbfe-8766e0935524 -NonStateChangingEventPortName:HostProcess-01c33063-028e-484a-a1da-3fabe338a1de -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:da3c5902-ca1b-4598-978f-b2d5c3e46ef0 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 805945555872
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {a53a3da0-c046-4632-bc7da927f15ac199}
C:\Windows\SysWOW64\esif_uf.exe
"C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe"
"C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe" /s "NAV" /m "C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Programy\Razer Game Booster\RzKLService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\TEMP\DPTF\esif_assist.exe"
"C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe" /c /a /s UserSession
C:\Windows\Explorer.EXE
KBFiltr.exe
taskhostex.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" -critical
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=50.0.2661.102 --handshake-handle=0x140
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3412.0.1313567482\1955427347" --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,12,15,24,53,71 --gpu-vendor-id=0x8086 --gpu-device-id=0x1616 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.14.4062 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group5/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_03/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3412.1.898204211\42903399" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group5/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_03/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3412.2.1917605266\564095721" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group5/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_03/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3412.21.2091069677\1734528031" /prefetch:1
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe151_ Global\UsGthrCtrlFltPipeMssGthrPipe151 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\ASUS\APRP\aprp.exe"
"C:\Users\Anton\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\MATLAB R2014a Startup Accelerator.job - C:\Programy\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default
prefs.js - "browser.startup.homepage" - "https://cs-cz.facebook.com/|about:preferences#general"
"{C1A2A613-35F1-4FCF-B27F-2840527B6556}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon\
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.66.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Programy\Java\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Programy\Java\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Programy\VLC\npvlc.dll
C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default\searchplugins\
McSiteAdvisor.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21 1051320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\coIEPlg.dll [2016-02-21 805560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Programy\Java\bin\ssv.dll [2015-12-12 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programy\Java\bin\jp2ssv.dll [2015-12-12 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21 1051320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\coIEPlg.dll [2016-02-21 805560]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-12-13 2531472]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Users\Anton\Desktop\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [2014-08-20 63296]
"AGEIA PhysX SysTray"=C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe [2006-08-16 339968]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-11-09 596528]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
SolidWorks 2014 Rychlé spuštění.lnk - C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
SolidWorks Nástroj pro stahování na pozadí.lnk - C:\Program Files (x86)\Common Files\Manažer instalací SolidWorks\BackgroundDownloading\sldBgDwld.exe
C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sidebar17.lnk - C:\Program Files\Windows Sidebar\sidebar.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-06-05 12:54:46 ----D---- C:\rsit
2016-06-05 12:54:46 ----D---- C:\Program Files\trend micro
2016-05-22 10:50:28 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-05-11 18:50:13 ----A---- C:\Windows\SYSWOW64\dsparse.dll
2016-05-11 18:50:13 ----A---- C:\Windows\system32\dsparse.dll
2016-05-11 18:50:08 ----A---- C:\Windows\SYSWOW64\shacct.dll
2016-05-11 18:50:08 ----A---- C:\Windows\system32\shacct.dll
2016-05-11 18:50:04 ----A---- C:\Windows\system32\rdpcorets.dll
2016-05-11 18:50:03 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2016-05-11 18:50:03 ----A---- C:\Windows\system32\rdpudd.dll
2016-05-11 18:50:03 ----A---- C:\Windows\system32\rdpcore.dll
2016-05-11 18:50:02 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-05-11 18:50:02 ----A---- C:\Windows\system32\msv1_0.dll
2016-05-11 18:50:02 ----A---- C:\Windows\system32\dpapisrv.dll
2016-05-11 18:50:00 ----AC---- C:\Windows\system32\drivers\volsnap.sys
2016-05-11 18:49:57 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-05-11 18:49:57 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2016-05-11 18:49:57 ----A---- C:\Windows\system32\webio.dll
2016-05-11 18:49:57 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2016-05-11 18:49:57 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-05-11 18:41:29 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-05-11 18:41:29 ----A---- C:\Windows\system32\rpcrt4.dll
2016-05-11 17:14:05 ----A---- C:\Windows\system32\mshtml.dll
2016-05-11 17:14:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-05-11 17:14:00 ----A---- C:\Windows\system32\ieframe.dll
2016-05-11 17:13:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-05-11 17:13:58 ----A---- C:\Windows\system32\jscript9.dll
2016-05-11 17:13:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-05-11 17:13:57 ----A---- C:\Windows\system32\iertutil.dll
2016-05-11 17:13:56 ----A---- C:\Windows\system32\wininet.dll
2016-05-11 17:13:56 ----A---- C:\Windows\system32\urlmon.dll
2016-05-11 17:13:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-05-11 17:13:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-05-11 17:13:55 ----A---- C:\Windows\system32\jscript.dll
2016-05-11 17:13:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-05-11 17:13:54 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-05-11 17:13:54 ----A---- C:\Windows\system32\vbscript.dll
2016-05-11 17:13:53 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-05-11 17:13:53 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-05-11 17:13:53 ----A---- C:\Windows\system32\webcheck.dll
2016-05-11 17:13:53 ----A---- C:\Windows\system32\msfeeds.dll
2016-05-11 17:13:53 ----A---- C:\Windows\system32\iedkcs32.dll
2016-05-11 17:13:53 ----A---- C:\Windows\system32\ie4uinit.exe
2016-05-11 17:13:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-05-11 17:13:52 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-05-11 17:13:52 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-05-11 17:13:52 ----A---- C:\Windows\system32\inetcomm.dll
2016-05-11 17:13:51 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-05-11 17:13:51 ----A---- C:\Windows\system32\ieapfltr.dll
2016-05-11 17:13:38 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-05-11 17:13:38 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-05-11 17:13:37 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-05-11 17:13:37 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-05-11 17:13:37 ----A---- C:\Windows\system32\schannel.dll
2016-05-11 17:13:37 ----A---- C:\Windows\system32\ncrypt.dll
2016-05-11 17:13:37 ----A---- C:\Windows\system32\lsasrv.dll
2016-05-11 17:13:37 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-05-11 17:13:37 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-05-11 17:13:37 ----A---- C:\Windows\system32\drivers\cng.sys
2016-05-11 17:13:37 ----A---- C:\Windows\system32\certcli.dll
2016-05-11 17:13:34 ----A---- C:\Windows\system32\Windows.UI.dll
2016-05-11 17:13:33 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-05-11 17:13:33 ----A---- C:\Windows\SYSWOW64\Windows.UI.dll
2016-05-11 17:13:33 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-05-11 17:13:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-05-11 17:13:24 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-05-11 17:13:24 ----A---- C:\Windows\system32\d3d10level9.dll
2016-05-11 17:13:23 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-05-11 17:13:23 ----A---- C:\Windows\system32\gdi32.dll
2016-05-11 17:13:22 ----AC---- C:\Windows\system32\drivers\volmgr.sys
2016-05-11 17:13:22 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-05-11 17:13:21 ----A---- C:\Windows\system32\win32k.sys
======List of files/folders modified in the last 1 month======
2016-06-05 12:54:46 ----RD---- C:\Program Files
2016-06-05 12:54:43 ----D---- C:\Windows\Prefetch
2016-06-05 12:43:53 ----D---- C:\Windows\Logs
2016-06-05 12:43:04 ----D---- C:\Users\Anton\AppData\Roaming\uTorrent
2016-06-05 12:25:53 ----AD---- C:\Windows\Temp
2016-06-05 12:20:32 ----D---- C:\Windows\system32\Tasks
2016-06-05 12:16:05 ----D---- C:\Windows\system32\sru
2016-06-04 22:54:24 ----D---- C:\Users\Anton\AppData\Roaming\vlc
2016-06-04 19:50:05 ----D---- C:\Windows\SysWOW64
2016-06-04 19:50:01 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2016-06-04 19:45:54 ----D---- C:\Windows\Microsoft.NET
2016-06-04 13:32:33 ----D---- C:\Windows\system32\config
2016-06-04 13:12:56 ----D---- C:\Windows\WinSxS
2016-06-03 20:41:29 ----HD---- C:\Program Files\WindowsApps
2016-06-03 18:24:09 ----D---- C:\Windows\AppReadiness
2016-06-01 21:34:11 ----SHD---- C:\System Volume Information
2016-05-29 18:14:43 ----RD---- C:\Windows\System32
2016-05-29 18:14:43 ----D---- C:\Windows\Inf
2016-05-29 18:14:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-28 15:20:09 ----SD---- C:\Windows\SYSWOW64\GWX
2016-05-28 15:20:09 ----SD---- C:\Windows\system32\GWX
2016-05-28 15:20:05 ----D---- C:\Windows\CbsTemp
2016-05-27 20:55:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-22 12:40:05 ----RHD---- C:\Program Files (x86)
2016-05-21 22:37:09 ----D---- C:\ProgramData\Origin
2016-05-20 02:48:37 ----D---- C:\Windows\system32\DriverStore
2016-05-20 02:22:57 ----D---- C:\Windows\system32\catroot2
2016-05-19 23:12:45 ----D---- C:\Windows\rescache
2016-05-19 22:56:33 ----RSD---- C:\Windows\assembly
2016-05-18 18:36:33 ----D---- C:\Windows\system32\appraiser
2016-05-11 22:08:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-05-11 21:32:58 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-05-11 21:32:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-05-11 21:32:57 ----D---- C:\Windows\system32\wbem
2016-05-11 21:32:57 ----D---- C:\Windows\system32\drivers
2016-05-11 21:32:57 ----D---- C:\Windows\system32\cs-CZ
2016-05-11 21:32:55 ----D---- C:\Program Files\Internet Explorer
2016-05-11 21:32:55 ----D---- C:\Program Files (x86)\Internet Explorer
2016-05-11 21:32:53 ----D---- C:\Windows\apppatch
2016-05-11 21:32:45 ----D---- C:\Windows\SYSWOW64\wbem
2016-05-11 21:32:45 ----D---- C:\Program Files\Windows Journal
2016-05-11 20:34:58 ----D---- C:\Windows\system32\MRT
2016-05-11 19:40:17 ----A---- C:\Windows\system32\MRT.exe
2016-05-11 18:57:37 ----SHD---- C:\Windows\Installer
2016-05-11 18:57:37 ----SHD---- C:\Config.Msi
2016-05-11 17:15:00 ----D---- C:\Windows\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2014-06-26 670056]
R0 IntelHSWPcc;IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [2014-08-26 79016]
R0 SymEFASI;Symantec Extended File Attributes (SI); C:\Windows\system32\drivers\NAVx64\1606000.08E\SYMEFASI64.SYS [2016-02-24 1621232]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\BASHDefs\20160521.001\BHDrvx64.sys [2016-05-13 1832176]
R1 ccSet_NAV;NAV Settings Manager; C:\Windows\system32\drivers\NAVx64\1606000.08E\ccSetx64.sys [2015-09-24 173808]
R1 dtsoftbus01;@oem27.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-10-24 283200]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2016-05-05 497392]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\IPSDefs\20160527.001\IDSvia64.sys [2016-05-26 876248]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2015-07-23 127760]
R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NAVx64\1606000.08E\SRTSP64.SYS [2016-02-24 928504]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NAVx64\1606000.08E\SRTSPX64.SYS [2015-09-24 50936]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAVx64\1606000.08E\Ironx64.SYS [2016-02-24 295664]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NAVx64\1606000.08E\SYMNETS.SYS [2016-02-24 577768]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2014-09-11 17152]
R3 ATP;@oem15.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\Windows\System32\drivers\AsusTP.sys [2014-09-19 69904]
R3 bcbtums;@oem23.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-11-14 170712]
R3 BCM43XX;@oem18.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2015-02-14 7546544]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btwampfl;@oem23.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2014-02-03 166616]
R3 btwaudio;@oem19.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2014-05-13 190168]
R3 btwavdt;@oem19.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\Windows\System32\drivers\btwavdt.sys [2014-03-19 229080]
R3 btwl2cap;@oem22.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2012-07-27 40248]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2014-09-18 38720]
R3 dptf_pch;dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [2014-09-18 38208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2016-05-05 156912]
R3 esif_lf;esif_lf; C:\Windows\System32\drivers\esif_lf.sys [2014-09-18 216360]
R3 HIDSwitch;@oem25.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-12-15 4787128]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-12-26 4363864]
R3 iwdbus;@oem12.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-12-11 30512]
R3 kbfiltr;@oem26.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\Windows\System32\drivers\kbfiltr.sys [2012-08-06 17280]
R3 MEIx64;@oem7.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2015-01-06 129312]
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\VirusDefs\20160528.001\ENG64.SYS [2016-05-19 138456]
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\VirusDefs\20160528.001\EX64.SYS [2016-05-19 2148056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-12-24 13036232]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSUSBVSTOR;@oem17.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2013-07-09 329944]
R3 RTL8168;@oem16.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-05-29 873176]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2015-12-13 111344]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2015-08-10 82072]
S0 SymELAM;Symantec ELAM Driver; C:\Windows\system32\drivers\NAVx64\1606000.08E\SymELAM.sys [2015-09-24 24192]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2013-06-18 1146880]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 btwrchid;btwrchid; C:\Windows\System32\drivers\btwrchid.sys [2014-03-19 38616]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\Windows\system32\DRIVERS\Hamdrv.sys [2015-11-12 45680]
S3 intaud_WaveExtensible;@oem11.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-12-11 42288]
S3 IntcDAud;@oem9.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-12-22 455440]
S3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [2014-08-20 71168]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2014-07-10 977664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 esifsvc;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2014-09-18 1037568]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-04-24 227904]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-12-15 344976]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-01-06 158496]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-01-06 409376]
R2 McNeelUpdate;McNeel Update Service 5.0; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2012-10-25 67752]
R2 NAV;Norton AntiVirus; C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe [2016-02-26 289080]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-12-13 1701520]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-12-24 934032]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-01-30 76888]
R2 RzKLService;RzKLService; C:\Programy\Razer Game Booster\RzKLService.exe [2014-02-25 105448]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 BcmBtRSupport;@oem23.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-11-14 2251992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-23 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2014-01-11 76328]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-12-15 279952]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-10-29 1431888]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2015-10-29 1044816]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-04-24 203344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-23 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-22 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 Origin Client Service;Origin Client Service; D:\Hry\Origin\OriginClientService.exe [2016-05-21 2120712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2015-10-29 79360]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-04-30 835664]
-----------------EOF-----------------
Děkuji za reakce a pomoc
před pár minutami jsem se se snažil nainstalovat jednu hru, ale setup.exe se nespustil, jen zmizel s hláškou "Systém Windows nemá přístup k určenému zařízení......"
+ antivir pravděpodobně nereaguje...
Pokud se jedná o planý poplach a pc je čistý, omlouvám se za spam..
Pc jsem ještě ani nerestartoval. Bojím se, že ho už nezapnu
Vkládám log z FRST a z RSIT
Ten FRST Launcher nejde stáhnout
log z FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-06-2016
Ran by Anton (administrator) on TONY (05-06-2016 13:14:56)
Running from C:\Users\Anton\Desktop
Loaded Profiles: Anton (Available Profiles: Anton)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\nav.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Programy\Razer Game Booster\RzKLService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\nav.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [AGEIA PhysX SysTray] => C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe [339968 2006-08-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\Run: [DAEMON Tools Lite] => "C:\Users\Anton\Desktop\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {2156a9fb-7994-11e5-8261-acb57daa8b50} - "J:\fscommand\LS_Start_Launch.cmd"
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {2156aefa-7994-11e5-8261-acb57daa8b50} - "F:\setup.exe"
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {2a3ae1ec-b3ef-11e4-8252-806e6f6e6963} - "E:\autorun.exe"
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {cad7f8e5-eb87-11e5-827d-acb57daa8b50} - "I:\_aom.exe"
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\buShell.dll [2016-02-18] (Symantec Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-02-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2014 Rychlé spuštění.lnk [2015-10-29]
ShortcutTarget: SolidWorks 2014 Rychlé spuštění.lnk -> C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Nástroj pro stahování na pozadí.lnk [2015-10-29]
ShortcutTarget: SolidWorks Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SolidWorks\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar17.lnk [2016-01-11]
ShortcutTarget: Sidebar17.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-3113116595-2999987527-3303187697-1001] => hxxp://unstopp.me/wpad.dat?c5b648b4075e6b646d08943929ec467e4892169
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2D661260-C0ED-45C5-A9DE-A77C0EB44ADE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C0278D2-9D48-4008-80B4-540F817CBB5C}: [DhcpNameServer] 192.168.24.1
ManualProxies: 0hxxp://unstopp.me/wpad.dat?c5b648b4075e6b646d08943929ec467e4892169
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programy\Java\bin\ssv.dll [2015-12-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programy\Java\bin\jp2ssv.dll [2015-12-12] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\coIEPlg.dll [2016-02-21] (Symantec Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default
FF Homepage: hxxps://cs-cz.facebook.com/
about:preferences#general
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Programy\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Programy\Java\bin\dtplugin\npDeployJava1.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Programy\Java\bin\plugin2\npjp2.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default\searchplugins\McSiteAdvisor.xml [2015-12-12]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon [2016-04-02]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon
Chrome:
=======
CHR Profile: C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-23]
CHR Extension: (Dokumenty Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-23]
CHR Extension: (Disk Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2016-06-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-23]
CHR Extension: (GeoProxy) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pooljnboifbodgifngpppfklhifechoe [2015-12-27]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\Exts\Chrome.crx [2016-03-22]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel & Associates)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe [289080 2016-02-26] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; D:\Hry\Origin\OriginClientService.exe [2120712 2016-05-21] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-01-30] ()
R2 RzKLService; C:\Programy\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-10-29] (SolidWorks) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-09-19] (ASUS Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7546544 2015-02-14] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\BASHDefs\20160521.001\BHDrvx64.sys [1832176 2016-05-13] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1606000.08E\ccSetx64.sys [173808 2015-09-24] (Symantec Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-10-24] (DT Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-05] (Symantec Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\IPSDefs\20160527.001\IDSvia64.sys [876248 2016-05-26] (Symantec Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-08-10] (McAfee, Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\VirusDefs\20160528.001\ENG64.SYS [138456 2016-05-19] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\VirusDefs\20160528.001\EX64.SYS [2148056 2016-05-19] (Symantec Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2016-03-19] () [File not signed]
R1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1606000.08E\SRTSP64.SYS [928504 2016-02-24] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1606000.08E\SRTSPX64.SYS [50936 2015-09-24] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NAVx64\1606000.08E\SYMEFASI64.SYS [1621232 2016-02-24] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1606000.08E\SymELAM.sys [24192 2015-09-24] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-12-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1606000.08E\Ironx64.SYS [295664 2016-02-24] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1606000.08E\SYMNETS.SYS [577768 2016-02-24] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-05 13:14 - 2016-06-05 13:15 - 00021406 _____ C:\Users\Anton\Desktop\FRST.txt
2016-06-05 13:14 - 2016-06-05 13:14 - 00000000 ____D C:\FRST
2016-06-05 12:54 - 2016-06-05 12:55 - 00000000 ____D C:\rsit
2016-06-05 12:54 - 2016-06-05 12:55 - 00000000 ____D C:\Program Files\trend micro
2016-06-05 12:52 - 2016-06-05 12:52 - 01222144 _____ C:\Users\Anton\Desktop\RSITx64.exe
2016-06-05 12:51 - 2016-06-05 12:51 - 02384384 _____ (Farbar) C:\Users\Anton\Desktop\FRST64.exe
2016-05-28 20:55 - 2016-06-05 12:27 - 1465930410 _____ C:\Users\Anton\Downloads\Old Dogs (2009) DVDRip by fazza.avi
2016-05-28 20:54 - 2016-06-04 21:45 - 895387648 ____R C:\Users\Anton\Downloads\MiB3.avi
2016-05-23 19:29 - 2016-05-23 19:29 - 01777544 _____ C:\Users\Anton\Desktop\ArmyFunny.mp4
2016-05-22 10:50 - 2016-05-27 20:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-21 20:34 - 2016-05-21 21:04 - 184775210 _____ C:\Users\Anton\Desktop\Rockwood_0_98_beta_ENTPACKEN.rar
2016-05-21 15:25 - 2016-05-21 15:25 - 00079085 _____ C:\Users\Anton\Desktop\ZZZ_driveControl.zip
2016-05-21 11:48 - 2016-06-04 17:26 - 1607770112 ____R C:\Users\Anton\Downloads\Taken.2.2012BDRip.XviD.AC3.CZ-JNP.avi
2016-05-21 11:48 - 2016-05-21 11:51 - 00000000 ____D C:\Users\Anton\Downloads\Tak3n.2014.TheatricalCut.480p.BDRip.XviD.AC3.CZ
2016-05-19 23:54 - 2016-05-20 03:17 - 1551706112 ____R C:\Users\Anton\Downloads\96hodin (2008).avi
2016-05-19 22:36 - 2016-06-04 22:12 - 1866872832 ____R C:\Users\Anton\Downloads\Mezi náhrobními kameny.avi
2016-05-19 22:36 - 2016-05-21 02:45 - 1311508480 ____R C:\Users\Anton\Downloads\Heist.2015.BRRip.480pp.XviD.CZ.avi
2016-05-19 20:21 - 2016-05-23 19:23 - 00000000 ____D C:\Users\Anton\Downloads\Deadpool.2016.BDRip.XviD.CZ-TreZzoR
2016-05-19 20:21 - 2016-05-20 00:53 - 1481334784 ____R C:\Users\Anton\Downloads\Star Wars Síla se probouzí.avi
2016-05-11 20:59 - 2016-05-11 20:59 - 00092190 _____ C:\Users\Anton\Desktop\AnimationMapTrigger.zip
2016-05-11 20:38 - 2016-05-11 20:51 - 505779464 _____ C:\Users\Anton\Desktop\SandyBayGold.zip
2016-05-11 18:50 - 2016-03-16 03:58 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-11 18:50 - 2016-03-16 03:58 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-11 18:50 - 2016-03-14 18:50 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-05-11 18:50 - 2016-03-10 19:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll
2016-05-11 18:50 - 2016-03-10 18:52 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-05-11 18:50 - 2016-03-10 18:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll
2016-05-11 18:50 - 2016-03-05 19:44 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-05-11 18:50 - 2016-03-05 19:04 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-05-11 18:50 - 2016-02-27 20:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-05-11 18:50 - 2016-02-27 19:57 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-05-11 18:50 - 2016-02-27 19:19 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-05-11 18:50 - 2016-02-27 18:32 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-05-11 18:49 - 2016-03-12 02:49 - 02466136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-05-11 18:49 - 2016-03-12 02:47 - 00160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2016-05-11 18:49 - 2016-03-12 02:47 - 00121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2016-05-11 18:49 - 2016-03-10 18:55 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-05-11 18:49 - 2016-03-10 18:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-05-11 18:41 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-11 18:41 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-11 17:14 - 2016-04-22 22:54 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-11 17:14 - 2016-04-22 22:06 - 20349952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-11 17:14 - 2016-04-22 21:19 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-11 17:13 - 2016-04-22 22:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-11 17:13 - 2016-04-22 22:14 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-11 17:13 - 2016-04-22 22:08 - 06052864 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-11 17:13 - 2016-04-22 22:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-11 17:13 - 2016-04-22 21:35 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-11 17:13 - 2016-04-22 21:29 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-11 17:13 - 2016-04-22 21:24 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-05-11 17:13 - 2016-04-22 21:23 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-11 17:13 - 2016-04-22 21:17 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-11 17:13 - 2016-04-22 21:14 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-11 17:13 - 2016-04-22 21:14 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-11 17:13 - 2016-04-22 21:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-11 17:13 - 2016-04-22 21:12 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-11 17:13 - 2016-04-22 20:58 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-11 17:13 - 2016-04-22 20:58 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-05-11 17:13 - 2016-04-22 20:54 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-11 17:13 - 2016-04-22 20:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-11 17:13 - 2016-04-22 20:52 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-11 17:13 - 2016-04-22 20:52 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-11 17:13 - 2016-04-22 20:52 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-11 17:13 - 2016-04-22 20:51 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-11 17:13 - 2016-04-22 20:40 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-11 17:13 - 2016-04-22 20:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-11 17:13 - 2016-04-22 20:27 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-11 17:13 - 2016-04-22 20:24 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-11 17:13 - 2016-04-22 20:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-11 17:13 - 2016-04-11 08:21 - 00074584 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2016-05-11 17:13 - 2016-04-10 09:48 - 00738096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-11 17:13 - 2016-04-10 09:48 - 00613624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-11 17:13 - 2016-04-10 07:37 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 17:13 - 2016-04-10 06:21 - 01763376 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-11 17:13 - 2016-04-10 06:21 - 01489088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-11 17:13 - 2016-04-10 06:14 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 17:13 - 2016-04-10 01:29 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 17:13 - 2016-04-10 00:07 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 17:13 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-05-11 17:13 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-05-11 17:13 - 2016-04-06 23:13 - 00561960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-05-11 17:13 - 2016-04-06 23:13 - 00137976 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-11 17:13 - 2016-04-06 20:20 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-11 17:13 - 2016-04-06 20:19 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-11 17:13 - 2016-04-06 20:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-11 17:13 - 2016-04-06 19:49 - 00120384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-11 17:13 - 2016-04-06 19:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-11 17:13 - 2016-04-06 18:57 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-11 17:13 - 2016-04-06 18:52 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-11 17:13 - 2016-04-06 18:20 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-11 17:13 - 2016-04-06 17:48 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-11 17:13 - 2016-03-29 03:42 - 07446368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-07 13:18 - 2016-05-07 13:18 - 00000000 ____D C:\Users\Anton\Desktop\fs15
2016-05-07 13:11 - 2016-05-07 13:11 - 04558709 _____ C:\Users\Anton\Desktop\zzz_ManualAttaching.zip
2016-05-07 12:40 - 2016-05-07 12:40 - 00770794 _____ C:\Users\Anton\Desktop\ZZZ_courseplay.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-05 13:02 - 2015-10-24 19:02 - 00000536 _____ C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job
2016-06-05 12:43 - 2015-11-06 21:12 - 00000000 ____D C:\Users\Anton\AppData\Roaming\uTorrent
2016-06-05 12:34 - 2016-04-03 16:29 - 00000000 ____D C:\Users\Anton\Downloads\L.A. Noire - The Complete Edition (CZ; MULTi6) [Repack] by Teagan
2016-06-05 12:28 - 2015-10-29 14:37 - 00910336 ___SH C:\Users\Anton\Downloads\Thumbs.db
2016-06-05 12:26 - 2015-11-06 20:44 - 00000000 ____D C:\Users\Anton\Downloads\HRY INSTALACKY
2016-06-05 12:23 - 2015-10-23 16:55 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-05 12:22 - 2015-10-23 16:49 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3113116595-2999987527-3303187697-1001
2016-06-05 12:20 - 2015-10-23 16:52 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2016-06-05 12:20 - 2015-10-23 16:52 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2016-06-05 12:16 - 2015-10-23 16:55 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-05 12:16 - 2015-10-23 16:51 - 00001543 _____ C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2016-06-05 12:16 - 2015-10-23 16:45 - 00000165 _____ C:\Users\Anton\AppData\Roaming\sp_data.sys
2016-06-04 22:54 - 2015-10-24 16:59 - 00000000 ____D C:\Users\Anton\AppData\Roaming\vlc
2016-06-04 19:50 - 2015-10-29 13:44 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-06-04 19:50 - 2015-10-29 13:30 - 00282296 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-06-04 19:48 - 2015-12-15 15:28 - 00000000 ____D C:\Users\Anton\Documents\Euro Truck Simulator 2
2016-06-04 19:48 - 2015-10-29 13:30 - 00215128 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-06-04 18:53 - 2015-10-23 18:16 - 00000000 ____D C:\Users\Anton\Desktop\sSs
2016-06-04 18:46 - 2015-10-23 17:10 - 05600256 ___SH C:\Users\Anton\Desktop\Thumbs.db
2016-06-03 20:41 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-03 20:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-03 18:39 - 2015-10-23 18:05 - 00000000 ____D C:\Users\Anton\Desktop\Moje
2016-05-29 21:59 - 2015-10-23 16:43 - 00000000 ____D C:\Users\Anton
2016-05-29 18:14 - 2014-10-21 13:24 - 00741360 _____ C:\Windows\system32\perfh005.dat
2016-05-29 18:14 - 2014-10-21 13:24 - 00152030 _____ C:\Windows\system32\perfc005.dat
2016-05-29 18:14 - 2014-03-18 17:26 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-29 18:14 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-05-29 16:23 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-28 15:21 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-05-28 15:20 - 2015-10-23 16:40 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-28 15:20 - 2015-10-23 16:40 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-27 20:55 - 2015-10-23 22:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-27 20:55 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-05-21 22:37 - 2015-12-25 18:53 - 00000000 ____D C:\ProgramData\Origin
2016-05-19 23:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-05-18 18:36 - 2015-10-25 16:34 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-13 20:22 - 2015-10-23 17:02 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 19:48 - 2013-08-22 16:44 - 00396504 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-11 22:08 - 2013-08-22 17:38 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-11 22:08 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 21:37 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-05-11 21:32 - 2014-03-18 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 20:34 - 2015-10-25 16:21 - 00000000 ____D C:\Windows\system32\MRT
2016-05-11 19:40 - 2015-10-25 16:21 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-11 18:57 - 2015-10-24 00:14 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-05-11 17:15 - 2015-10-23 16:55 - 00003942 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 17:15 - 2015-10-23 16:55 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 16:25 - 2015-10-25 10:49 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
==================== Files in the root of some directories =======
2015-11-01 20:22 - 2015-11-01 20:22 - 0000504 _____ () C:\Users\Anton\AppData\Roaming\Drives Monitor_Settings.ini
2015-10-23 16:45 - 2016-06-05 12:16 - 0000165 _____ () C:\Users\Anton\AppData\Roaming\sp_data.sys
2015-11-01 20:24 - 2015-11-01 20:28 - 0000122 _____ () C:\Users\Anton\AppData\Roaming\System Monitor II_UptimeRecord.ini
2016-01-11 18:27 - 2016-01-26 12:30 - 0000058 _____ () C:\Users\Anton\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-10-29 17:45 - 2015-12-09 16:19 - 0000000 _____ () C:\Users\Anton\AppData\Local\Temptable.xml
2015-02-14 04:43 - 2015-02-14 04:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-21 06:28 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-21 06:28 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-21 06:28 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Anton\AppData\Local\Temp\ose00000.exe
C:\Users\Anton\AppData\Local\Temp\rootsupd.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-03 20:42
==================== End of FRST.txt ============================
Log z RSIT
Logfile of random's system information tool 1.10 (written by random/random)
Run by Anton at 2016-06-05 12:54:46
Microsoft Windows 8.1
System drive C: has 213 GB (56%) free of 382 GB
Total RAM: 8095 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:55:07, on 5. 6. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Windows\TEMP\DPTF\esif_assist.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ASUS\APRP\aprp.exe
C:\Program Files\trend micro\Anton.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://unstopp.me/wpad.dat?c5b648b4075e ... 67e4892169
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programy\Java\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programy\Java\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\coIEPlg.dll
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] "C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Users\Anton\Desktop\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Sidebar17.lnk = C:\Program Files\Windows Sidebar\sidebar.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: SolidWorks 2014 Rychlé spuštění.lnk = ?
O4 - Global Startup: SolidWorks Nástroj pro stahování na pozadí.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Programy\MSOFFI~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MSOFFI~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MSOFFI~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @oem23.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McNeel Update Service 5.0 (McNeelUpdate) - Robert McNeel & Associates - C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\Hry\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Programy\Razer Game Booster\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11608 bytes
======Listing Processes======
wininit.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0ecf352a-d0ae-49a9-993b-d894d4eeb2c5 -SystemEventPortName:HostProcess-29c12ff2-c496-4abf-9bc3-3c72186d6501 -IoCancelEventPortName:HostProcess-8fbadca4-7fcd-485c-bbfe-8766e0935524 -NonStateChangingEventPortName:HostProcess-01c33063-028e-484a-a1da-3fabe338a1de -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:da3c5902-ca1b-4598-978f-b2d5c3e46ef0 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 805945555872
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {a53a3da0-c046-4632-bc7da927f15ac199}
C:\Windows\SysWOW64\esif_uf.exe
"C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe"
"C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe" /s "NAV" /m "C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Programy\Razer Game Booster\RzKLService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\TEMP\DPTF\esif_assist.exe"
"C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe" /c /a /s UserSession
C:\Windows\Explorer.EXE
KBFiltr.exe
taskhostex.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" -critical
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=50.0.2661.102 --handshake-handle=0x140
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3412.0.1313567482\1955427347" --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,12,15,24,53,71 --gpu-vendor-id=0x8086 --gpu-device-id=0x1616 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.14.4062 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group5/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_03/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3412.1.898204211\42903399" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group5/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_03/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3412.2.1917605266\564095721" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group5/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_03/*UMA-Uniformity-Trial-10-Percent/group_05/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="3412.21.2091069677\1734528031" /prefetch:1
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe151_ Global\UsGthrCtrlFltPipeMssGthrPipe151 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\ASUS\APRP\aprp.exe"
"C:\Users\Anton\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\MATLAB R2014a Startup Accelerator.job - C:\Programy\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default
prefs.js - "browser.startup.homepage" - "https://cs-cz.facebook.com/|about:preferences#general"
"{C1A2A613-35F1-4FCF-B27F-2840527B6556}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon\
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.66.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Programy\Java\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Programy\Java\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Programy\VLC\npvlc.dll
C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default\searchplugins\
McSiteAdvisor.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21 1051320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\coIEPlg.dll [2016-02-21 805560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Programy\Java\bin\ssv.dll [2015-12-12 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programy\Java\bin\jp2ssv.dll [2015-12-12 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.6.0.142\coIEPlg.dll [2016-02-21 1051320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\coIEPlg.dll [2016-02-21 805560]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-12-13 2531472]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Users\Anton\Desktop\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [2014-08-20 63296]
"AGEIA PhysX SysTray"=C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe [2006-08-16 339968]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-11-09 596528]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
SolidWorks 2014 Rychlé spuštění.lnk - C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
SolidWorks Nástroj pro stahování na pozadí.lnk - C:\Program Files (x86)\Common Files\Manažer instalací SolidWorks\BackgroundDownloading\sldBgDwld.exe
C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sidebar17.lnk - C:\Program Files\Windows Sidebar\sidebar.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-06-05 12:54:46 ----D---- C:\rsit
2016-06-05 12:54:46 ----D---- C:\Program Files\trend micro
2016-05-22 10:50:28 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-05-11 18:50:13 ----A---- C:\Windows\SYSWOW64\dsparse.dll
2016-05-11 18:50:13 ----A---- C:\Windows\system32\dsparse.dll
2016-05-11 18:50:08 ----A---- C:\Windows\SYSWOW64\shacct.dll
2016-05-11 18:50:08 ----A---- C:\Windows\system32\shacct.dll
2016-05-11 18:50:04 ----A---- C:\Windows\system32\rdpcorets.dll
2016-05-11 18:50:03 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2016-05-11 18:50:03 ----A---- C:\Windows\system32\rdpudd.dll
2016-05-11 18:50:03 ----A---- C:\Windows\system32\rdpcore.dll
2016-05-11 18:50:02 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-05-11 18:50:02 ----A---- C:\Windows\system32\msv1_0.dll
2016-05-11 18:50:02 ----A---- C:\Windows\system32\dpapisrv.dll
2016-05-11 18:50:00 ----AC---- C:\Windows\system32\drivers\volsnap.sys
2016-05-11 18:49:57 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-05-11 18:49:57 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2016-05-11 18:49:57 ----A---- C:\Windows\system32\webio.dll
2016-05-11 18:49:57 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2016-05-11 18:49:57 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-05-11 18:41:29 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-05-11 18:41:29 ----A---- C:\Windows\system32\rpcrt4.dll
2016-05-11 17:14:05 ----A---- C:\Windows\system32\mshtml.dll
2016-05-11 17:14:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-05-11 17:14:00 ----A---- C:\Windows\system32\ieframe.dll
2016-05-11 17:13:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-05-11 17:13:58 ----A---- C:\Windows\system32\jscript9.dll
2016-05-11 17:13:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-05-11 17:13:57 ----A---- C:\Windows\system32\iertutil.dll
2016-05-11 17:13:56 ----A---- C:\Windows\system32\wininet.dll
2016-05-11 17:13:56 ----A---- C:\Windows\system32\urlmon.dll
2016-05-11 17:13:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-05-11 17:13:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-05-11 17:13:55 ----A---- C:\Windows\system32\jscript.dll
2016-05-11 17:13:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-05-11 17:13:54 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-05-11 17:13:54 ----A---- C:\Windows\system32\vbscript.dll
2016-05-11 17:13:53 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-05-11 17:13:53 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-05-11 17:13:53 ----A---- C:\Windows\system32\webcheck.dll
2016-05-11 17:13:53 ----A---- C:\Windows\system32\msfeeds.dll
2016-05-11 17:13:53 ----A---- C:\Windows\system32\iedkcs32.dll
2016-05-11 17:13:53 ----A---- C:\Windows\system32\ie4uinit.exe
2016-05-11 17:13:52 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-05-11 17:13:52 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-05-11 17:13:52 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-05-11 17:13:52 ----A---- C:\Windows\system32\inetcomm.dll
2016-05-11 17:13:51 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-05-11 17:13:51 ----A---- C:\Windows\system32\ieapfltr.dll
2016-05-11 17:13:38 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-05-11 17:13:38 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-05-11 17:13:37 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-05-11 17:13:37 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-05-11 17:13:37 ----A---- C:\Windows\system32\schannel.dll
2016-05-11 17:13:37 ----A---- C:\Windows\system32\ncrypt.dll
2016-05-11 17:13:37 ----A---- C:\Windows\system32\lsasrv.dll
2016-05-11 17:13:37 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-05-11 17:13:37 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-05-11 17:13:37 ----A---- C:\Windows\system32\drivers\cng.sys
2016-05-11 17:13:37 ----A---- C:\Windows\system32\certcli.dll
2016-05-11 17:13:34 ----A---- C:\Windows\system32\Windows.UI.dll
2016-05-11 17:13:33 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-05-11 17:13:33 ----A---- C:\Windows\SYSWOW64\Windows.UI.dll
2016-05-11 17:13:33 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-05-11 17:13:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-05-11 17:13:24 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-05-11 17:13:24 ----A---- C:\Windows\system32\d3d10level9.dll
2016-05-11 17:13:23 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-05-11 17:13:23 ----A---- C:\Windows\system32\gdi32.dll
2016-05-11 17:13:22 ----AC---- C:\Windows\system32\drivers\volmgr.sys
2016-05-11 17:13:22 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-05-11 17:13:21 ----A---- C:\Windows\system32\win32k.sys
======List of files/folders modified in the last 1 month======
2016-06-05 12:54:46 ----RD---- C:\Program Files
2016-06-05 12:54:43 ----D---- C:\Windows\Prefetch
2016-06-05 12:43:53 ----D---- C:\Windows\Logs
2016-06-05 12:43:04 ----D---- C:\Users\Anton\AppData\Roaming\uTorrent
2016-06-05 12:25:53 ----AD---- C:\Windows\Temp
2016-06-05 12:20:32 ----D---- C:\Windows\system32\Tasks
2016-06-05 12:16:05 ----D---- C:\Windows\system32\sru
2016-06-04 22:54:24 ----D---- C:\Users\Anton\AppData\Roaming\vlc
2016-06-04 19:50:05 ----D---- C:\Windows\SysWOW64
2016-06-04 19:50:01 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2016-06-04 19:45:54 ----D---- C:\Windows\Microsoft.NET
2016-06-04 13:32:33 ----D---- C:\Windows\system32\config
2016-06-04 13:12:56 ----D---- C:\Windows\WinSxS
2016-06-03 20:41:29 ----HD---- C:\Program Files\WindowsApps
2016-06-03 18:24:09 ----D---- C:\Windows\AppReadiness
2016-06-01 21:34:11 ----SHD---- C:\System Volume Information
2016-05-29 18:14:43 ----RD---- C:\Windows\System32
2016-05-29 18:14:43 ----D---- C:\Windows\Inf
2016-05-29 18:14:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-28 15:20:09 ----SD---- C:\Windows\SYSWOW64\GWX
2016-05-28 15:20:09 ----SD---- C:\Windows\system32\GWX
2016-05-28 15:20:05 ----D---- C:\Windows\CbsTemp
2016-05-27 20:55:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-22 12:40:05 ----RHD---- C:\Program Files (x86)
2016-05-21 22:37:09 ----D---- C:\ProgramData\Origin
2016-05-20 02:48:37 ----D---- C:\Windows\system32\DriverStore
2016-05-20 02:22:57 ----D---- C:\Windows\system32\catroot2
2016-05-19 23:12:45 ----D---- C:\Windows\rescache
2016-05-19 22:56:33 ----RSD---- C:\Windows\assembly
2016-05-18 18:36:33 ----D---- C:\Windows\system32\appraiser
2016-05-11 22:08:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-05-11 21:32:58 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-05-11 21:32:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-05-11 21:32:57 ----D---- C:\Windows\system32\wbem
2016-05-11 21:32:57 ----D---- C:\Windows\system32\drivers
2016-05-11 21:32:57 ----D---- C:\Windows\system32\cs-CZ
2016-05-11 21:32:55 ----D---- C:\Program Files\Internet Explorer
2016-05-11 21:32:55 ----D---- C:\Program Files (x86)\Internet Explorer
2016-05-11 21:32:53 ----D---- C:\Windows\apppatch
2016-05-11 21:32:45 ----D---- C:\Windows\SYSWOW64\wbem
2016-05-11 21:32:45 ----D---- C:\Program Files\Windows Journal
2016-05-11 20:34:58 ----D---- C:\Windows\system32\MRT
2016-05-11 19:40:17 ----A---- C:\Windows\system32\MRT.exe
2016-05-11 18:57:37 ----SHD---- C:\Windows\Installer
2016-05-11 18:57:37 ----SHD---- C:\Config.Msi
2016-05-11 17:15:00 ----D---- C:\Windows\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2014-06-26 670056]
R0 IntelHSWPcc;IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [2014-08-26 79016]
R0 SymEFASI;Symantec Extended File Attributes (SI); C:\Windows\system32\drivers\NAVx64\1606000.08E\SYMEFASI64.SYS [2016-02-24 1621232]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\BASHDefs\20160521.001\BHDrvx64.sys [2016-05-13 1832176]
R1 ccSet_NAV;NAV Settings Manager; C:\Windows\system32\drivers\NAVx64\1606000.08E\ccSetx64.sys [2015-09-24 173808]
R1 dtsoftbus01;@oem27.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-10-24 283200]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2016-05-05 497392]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\IPSDefs\20160527.001\IDSvia64.sys [2016-05-26 876248]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2015-07-23 127760]
R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NAVx64\1606000.08E\SRTSP64.SYS [2016-02-24 928504]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NAVx64\1606000.08E\SRTSPX64.SYS [2015-09-24 50936]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAVx64\1606000.08E\Ironx64.SYS [2016-02-24 295664]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NAVx64\1606000.08E\SYMNETS.SYS [2016-02-24 577768]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2014-09-11 17152]
R3 ATP;@oem15.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\Windows\System32\drivers\AsusTP.sys [2014-09-19 69904]
R3 bcbtums;@oem23.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-11-14 170712]
R3 BCM43XX;@oem18.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2015-02-14 7546544]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btwampfl;@oem23.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2014-02-03 166616]
R3 btwaudio;@oem19.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2014-05-13 190168]
R3 btwavdt;@oem19.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\Windows\System32\drivers\btwavdt.sys [2014-03-19 229080]
R3 btwl2cap;@oem22.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2012-07-27 40248]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2014-09-18 38720]
R3 dptf_pch;dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [2014-09-18 38208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2016-05-05 156912]
R3 esif_lf;esif_lf; C:\Windows\System32\drivers\esif_lf.sys [2014-09-18 216360]
R3 HIDSwitch;@oem25.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-12-15 4787128]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-12-26 4363864]
R3 iwdbus;@oem12.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-12-11 30512]
R3 kbfiltr;@oem26.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\Windows\System32\drivers\kbfiltr.sys [2012-08-06 17280]
R3 MEIx64;@oem7.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2015-01-06 129312]
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\VirusDefs\20160528.001\ENG64.SYS [2016-05-19 138456]
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\VirusDefs\20160528.001\EX64.SYS [2016-05-19 2148056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-12-24 13036232]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSUSBVSTOR;@oem17.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2013-07-09 329944]
R3 RTL8168;@oem16.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-05-29 873176]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2015-12-13 111344]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2015-08-10 82072]
S0 SymELAM;Symantec ELAM Driver; C:\Windows\system32\drivers\NAVx64\1606000.08E\SymELAM.sys [2015-09-24 24192]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2013-06-18 1146880]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 btwrchid;btwrchid; C:\Windows\System32\drivers\btwrchid.sys [2014-03-19 38616]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\Windows\system32\DRIVERS\Hamdrv.sys [2015-11-12 45680]
S3 intaud_WaveExtensible;@oem11.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-12-11 42288]
S3 IntcDAud;@oem9.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-12-22 455440]
S3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [2014-08-20 71168]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2014-07-10 977664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 esifsvc;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2014-09-18 1037568]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-04-24 227904]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-12-15 344976]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-01-06 158496]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-01-06 409376]
R2 McNeelUpdate;McNeel Update Service 5.0; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2012-10-25 67752]
R2 NAV;Norton AntiVirus; C:\Program Files (x86)\Norton AntiVirus\Engine\22.6.0.142\NAV.exe [2016-02-26 289080]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-12-13 1701520]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-12-24 934032]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-01-30 76888]
R2 RzKLService;RzKLService; C:\Programy\Razer Game Booster\RzKLService.exe [2014-02-25 105448]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 BcmBtRSupport;@oem23.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2013-11-14 2251992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-23 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2014-01-11 76328]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-12-15 279952]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-10-29 1431888]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2015-10-29 1044816]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-04-24 203344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-23 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-22 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 Origin Client Service;Origin Client Service; D:\Hry\Origin\OriginClientService.exe [2016-05-21 2120712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2015-10-29 79360]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-04-30 835664]
-----------------EOF-----------------
Děkuji za reakce a pomoc
