Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-07-2016
Ran by Tomas (administrator) on TOMAS-PC (09-07-2016 20:42:03)
Running from C:\Users\Tomas\Desktop
Loaded Profiles: Tomas (Available Profiles: Tomas)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(CMedia) C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SpiceBrains) C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7640944 2014-09-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-07-03] (COMODO)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2015-12-28] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2015-12-28] ()
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2016-01-07] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-06-01] (Oracle Corporation)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Run: [windirs] => C:\Users\Tomas\AppData\Roaming\dirs\trwe.exe
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Run: [uTorrent] => "C:\Users\Tomas\AppData\Roaming\uTorrent\utorrent.exe"
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3128408 2014-03-13] (Disc Soft Ltd)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Run: [instanteyedropper] => C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe [398848 2016-04-06] (SpiceBrains)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Run: [Display] => C:\Users\Tomas\AppData\Roaming\uTorrent\nvtray.exe
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\MountPoints2: {b55be7dd-6108-11e5-a9a1-ed3dc3209012} - E:\setup.exe
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\MountPoints2: {fccf0273-6138-11e5-a72d-806e6f6e6963} - D:\Bin\ASSETUP.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Tomas\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Tomas\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Tomas\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Tomas\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Tomas\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Tomas\AppData\Local\MEGAsync\ShellExtX32.dll No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CBCDDB50-3195-4042-B7D5-109D87E1F755}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-01] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3061203490-3799476124-1463932836-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FireFox:
========
FF ProfilePath: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\lnagqaf9.default-1453036539048
FF NetworkProxy: "http", "85.207.69.6"
FF NetworkProxy: "http_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2016-04-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3061203490-3799476124-1463932836-1000: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Extension: New Tab Override (browser.newtab.url replacement) - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\lnagqaf9.default-1453036539048\Extensions\newtaboverride@agenedia.com.xpi [2016-06-29]
FF Extension: Adblock Plus - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\lnagqaf9.default-1453036539048\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Extension: YouTube Flash Video Player - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\lnagqaf9.default-1453036539048\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2016-06-17]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFAddon => not found
FF HKLM-x32\...\Firefox\Extensions: [{40211632-250D-4B8C-B04E-DA45BAE6DF8C}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn => not found
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFAddon => not found
FF HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Profile: C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-19]
CHR Extension: (Dokumenty Google) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-20]
CHR Extension: (Disk Google) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (YouTube) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20]
CHR Extension: (Adblock Plus) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-09]
CHR Extension: (Google Search) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-03-22]
CHR Extension: (Tabuľky Google) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Norton Safe) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-04-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-12]
CHR Extension: (Gmail) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-20]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"BFE" => service could not be unlocked. <===== ATTENTION
U2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-04-25] ()
U2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
U2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-01-22] (ASUSTeK Computer Inc.)
U2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-08-04] (ASUSTeK Computer Inc.) [File not signed]
U2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817712 2016-07-03] (COMODO)
U3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-07-03] (COMODO)
U3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-05-24] (Futuremark)
U2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
U3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
U2 MSSQL$ASUSHOMECLOUD; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe [43129288 2012-06-29] (Microsoft Corporation)
U2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [449472 2016-07-09] (NVIDIA Corporation)
U3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [449472 2016-07-09] (NVIDIA Corporation)
U2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-07-09] (NVIDIA Corporation)
U3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-18] (Electronic Arts)
U4 SQLAgent$ASUSHOMECLOUD; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\SQLAGENT.EXE [379848 2012-06-29] (Microsoft Corporation)
U2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
U3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-22] ()
U1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
U3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
U1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-06-15] (COMODO)
U1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [829600 2016-06-15] (COMODO)
U1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56472 2016-06-15] (COMODO)
U3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2735616 2015-12-28] (C-Media Inc)
U1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-09-22] (Disc Soft Ltd)
U3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
U1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-06-15] (COMODO)
U3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
U3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-07-09] (NVIDIA Corporation)
U3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
U3 AIDA64Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [X]
U5 BFE; <===== ATTENTION: Locked Service
U3 cpuz138; \??\C:\Users\Tomas\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
U4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
U3 WinRing0_1_2_0; \??\C:\Program Files (x86)\NZXT\CAM\CAM_Client_V2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-09 20:42 - 2016-07-09 20:42 - 00021811 _____ C:\Users\Tomas\Desktop\FRST.txt
2016-07-09 20:31 - 2016-07-09 20:31 - 02390016 _____ (Farbar) C:\Users\Tomas\Desktop\FRST64.exe
2016-07-09 20:08 - 2016-07-09 20:08 - 00104384 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-07-09 20:08 - 2016-07-09 20:08 - 00094144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-07-09 20:08 - 2016-07-09 20:08 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-07-09 20:08 - 2016-07-09 20:08 - 00000000 ____D C:\Windows\LastGood
2016-07-09 19:26 - 2016-07-09 19:26 - 03712064 _____ C:\Users\Tomas\Downloads\adwcleaner_5.201.exe
2016-07-08 12:48 - 2016-07-08 12:48 - 00003584 _____ C:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-08 12:48 - 2016-07-08 12:47 - 04932764 _____ C:\Users\Tomas\Desktop\Video_2016-07-08_124758.wmv
2016-07-08 12:44 - 2016-07-08 12:44 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\FastStone
2016-07-08 12:44 - 2016-07-08 12:44 - 00000000 ____D C:\Users\Tomas\AppData\Local\FastStone
2016-07-08 12:42 - 2016-07-08 12:42 - 09880924 _____ C:\Users\Tomas\Downloads\faststone-capture_7.3Shareware.exe
2016-07-08 12:39 - 2016-07-08 12:40 - 06770043 _____ ( ) C:\Users\Tomas\Downloads\screenrecorderfree.exe
2016-07-08 12:38 - 2016-07-08 12:38 - 40805888 _____ C:\Users\Tomas\Desktop\~temp-20160708_1238_14.avi
2016-07-08 12:38 - 2016-07-08 12:38 - 00000000 _____ C:\Users\Tomas\Desktop\~temp-20160708_1238_14.xnote.txt
2016-07-08 12:22 - 2016-07-08 12:23 - 10353883 _____ C:\Users\Tomas\Downloads\camstudio_2.6beta.exe
2016-07-08 11:51 - 2016-07-08 11:51 - 02915464 _____ (NTWind Software) C:\Users\Tomas\Downloads\WinSnap_4.5.3-setup.exe
2016-07-05 19:42 - 2016-07-05 19:42 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket League v1.17 (6 DLC)
2016-07-05 19:42 - 2016-07-05 19:42 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2016-07-05 19:40 - 2016-07-05 19:40 - 00000000 ____D C:\2-click run
2016-07-04 11:36 - 2016-07-05 18:14 - 00000000 ____D C:\Users\Tomas\Downloads\Rocket League v1.17 (6 DLC)(2-click run)
2016-07-03 18:37 - 2016-07-03 18:37 - 01181560 _____ (EnTech Taiwan ) C:\Users\Tomas\Downloads\ddmsetup1800.exe
2016-07-03 13:11 - 2016-07-03 13:14 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\siw_tmp
2016-07-03 13:11 - 2016-07-03 13:11 - 00000000 ____D C:\Users\Tomas\AppData\Local\CrashRpt
2016-07-03 13:10 - 2016-07-03 13:14 - 00000000 ____D C:\Users\Tomas\Downloads\siw_tech
2016-07-03 13:09 - 2016-07-03 13:10 - 05885848 _____ C:\Users\Tomas\Downloads\siw_tech.zip
2016-07-01 21:37 - 2016-07-09 20:08 - 00003832 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-09 20:08 - 00003832 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-09 20:08 - 00003770 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-09 20:08 - 00003534 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-01 21:37 - 00003782 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-01 21:37 - 00001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-07-01 21:37 - 2016-07-01 21:37 - 00001416 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2016-07-01 21:37 - 2016-06-30 18:12 - 01799104 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 01403328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-07-01 21:23 - 2016-07-01 21:32 - 65850568 _____ (NVIDIA Corporation) C:\Users\Tomas\Downloads\GeForce_Experience_Beta_v3.0.2.190.exe
2016-06-30 16:26 - 2016-07-03 14:53 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-30 16:19 - 2016-06-30 16:19 - 00000000 ____D C:\Users\Tomas\AppData\Local\Steam
2016-06-30 16:08 - 2016-07-08 11:34 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-30 16:08 - 2016-06-30 16:08 - 00000967 _____ C:\Users\Public\Desktop\Steam.lnk
2016-06-30 16:08 - 2016-06-30 16:08 - 00000967 _____ C:\ProgramData\Desktop\Steam.lnk
2016-06-30 16:08 - 2016-06-30 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-30 16:07 - 2016-06-30 16:07 - 01444992 _____ C:\Users\Tomas\Downloads\SteamSetup.exe
2016-06-30 15:48 - 2016-06-30 15:48 - 00000000 ____D C:\Program Files (x86)\Futuremark
2016-06-30 15:47 - 2016-06-30 15:53 - 00000000 ____D C:\Users\Tomas\Documents\3DMark 11
2016-06-30 15:47 - 2016-06-30 15:48 - 02949120 _____ C:\Users\Tomas\Downloads\Futuremark_SystemInfo_v446_installer.msi
2016-06-30 15:47 - 2016-06-30 15:47 - 00000000 ____D C:\Users\Tomas\AppData\Local\Futuremark
2016-06-30 14:15 - 2016-06-30 14:44 - 271860249 _____ C:\Users\Tomas\Downloads\3DMark11-v1-0-132.zip
2016-06-29 17:42 - 2016-06-29 17:42 - 00002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2016-06-29 17:42 - 2016-06-29 17:42 - 00000000 ____D C:\Users\Tomas\AppData\LocalLow\Google
2016-06-29 17:38 - 2016-06-29 17:38 - 00987728 _____ (Google Inc.) C:\Users\Tomas\Downloads\GoogleEarthProSetup.exe
2016-06-27 17:15 - 2016-06-27 17:17 - 00000000 ___HD C:\Users\Tomas\Desktop\.picasaoriginals
2016-06-23 13:37 - 2016-06-23 23:23 - 01065984 _____ C:\Users\Tomas\AppData\Local\file__0.localstorage
2016-06-23 13:37 - 2016-06-23 13:53 - 00000000 ____D C:\Users\Tomas\Heaven
2016-06-23 13:35 - 2016-06-23 13:35 - 00002121 _____ C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
2016-06-23 13:35 - 2016-06-23 13:35 - 00002121 _____ C:\ProgramData\Desktop\Heaven Benchmark 4.0.lnk
2016-06-23 13:35 - 2016-06-23 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2016-06-23 13:35 - 2016-06-23 13:35 - 00000000 ____D C:\Program Files (x86)\Unigine
2016-06-23 13:25 - 2016-06-23 13:30 - 258728440 _____ (Unigine Corp. ) C:\Users\Tomas\Downloads\Unigine_Heaven-4.0.exe
2016-06-21 21:45 - 2016-06-21 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2016-06-21 21:45 - 2016-06-21 21:45 - 00000000 ____D C:\Program Files (x86)\Geeks3D
2016-06-21 21:44 - 2016-06-21 21:45 - 04856780 _____ (Geeks3D.com ) C:\Users\Tomas\Downloads\FurMark_1.10.2_Setup.exe
2016-06-21 21:33 - 2016-06-21 21:36 - 16335712 _____ (FinalWire Ltd. ) C:\Users\Tomas\Downloads\aida64extreme570.exe
2016-06-21 20:59 - 2016-06-21 21:15 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\NVIDIA
2016-06-21 20:24 - 2016-07-09 20:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-21 20:24 - 2016-06-03 09:38 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-06-21 20:24 - 2016-06-03 09:38 - 00203320 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 06362560 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 02453952 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 01351104 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-06-21 20:24 - 2016-06-03 05:26 - 00534072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-06-21 20:24 - 2016-06-03 05:19 - 00113208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-06-21 20:24 - 2016-06-02 14:19 - 06452948 _____ C:\Windows\system32\nvcoproc.bin
2016-06-21 20:22 - 2016-06-03 09:38 - 39979576 _____ C:\Windows\system32\nvcompiler.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 35115456 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 31603768 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 25377848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 21802280 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 21346712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 19180152 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 18143912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 17738592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 17290416 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 16756888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 14346320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 13460536 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-06-21 20:22 - 2016-06-03 09:38 - 10643240 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 08733608 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 03825896 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 03512888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 03383472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 03065280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 01922616 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436839.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 01581624 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436839.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00985144 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00908736 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00769984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00707520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00669952 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00565392 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00502080 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00476664 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00422752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00394912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00178136 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00153416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00141256 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-06-21 20:22 - 2016-06-03 09:38 - 00131768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00039124 _____ C:\Windows\system32\nvinfo.pb
2016-06-21 20:22 - 2016-06-03 09:38 - 00000594 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-06-21 20:22 - 2016-06-03 09:38 - 00000594 _____ C:\Windows\system32\nv-vk64.json
2016-06-20 15:10 - 2016-06-20 15:10 - 00002488 _____ C:\Users\Tomas\Downloads\setup registry file edit this.reg
2016-06-20 15:09 - 2016-06-20 15:09 - 00000546 _____ C:\Users\Tomas\Downloads\setup help read.txt
2016-06-20 10:08 - 2016-06-20 12:11 - 00000000 ____D C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Patch.1.22-GOG
2016-06-20 10:07 - 2016-06-20 10:07 - 00028569 _____ C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Patch.v1.22-GOG.torrent
2016-06-18 18:31 - 2016-07-09 11:43 - 00000000 ____D C:\Users\Tomas\AppData\Local\Ethash
2016-06-18 18:17 - 2016-06-18 18:17 - 00001401 _____ C:\Users\Tomas\Desktop\The Witcher 3 Wild Hunt Blood and Wine.lnk
2016-06-18 18:17 - 2016-06-18 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 Wild Hunt Blood and Wine
2016-06-18 18:07 - 2016-06-18 18:17 - 00000000 ____D C:\Program Files (x86)\The Witcher 3 Wild Hunt Blood and Wine
2016-06-18 17:56 - 2016-06-18 18:18 - 00000000 ____D C:\Users\Tomas\Documents\FLiNGTrainer
2016-06-18 17:55 - 2016-06-18 17:55 - 00000000 ____D C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG
2016-06-18 17:51 - 2016-06-18 17:52 - 00729141 _____ C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG.rar
2016-06-18 15:20 - 2016-06-18 15:42 - 00000000 ____D C:\Users\Tomas\Downloads\Crash.Bandicoot.3.&.Tekken.3+PS1.Emulator-FrosCh
2016-06-16 20:34 - 2016-06-16 20:34 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Verimatrix
2016-06-16 20:30 - 2016-06-16 20:31 - 21124608 _____ C:\Users\Tomas\Downloads\ViewRightWebInstaller(1).msi
2016-06-16 12:31 - 2016-06-16 12:31 - 04182046 _____ C:\Users\Tomas\Downloads\zoznam_dlznikov_20_05_2016_csv.zip
2016-06-13 13:40 - 2016-06-13 13:40 - 00000000 ____D C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk
2016-06-13 13:31 - 2016-06-13 13:33 - 20621617 _____ C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk.cbr
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-09 20:36 - 2015-09-23 12:59 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Skype
2016-07-09 20:35 - 2015-11-22 22:12 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2016-07-09 20:35 - 2015-10-19 13:07 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-09 20:35 - 2015-09-23 15:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-09 20:32 - 2016-01-20 19:05 - 00000000 ____D C:\FRST
2016-07-09 20:31 - 2015-11-23 16:28 - 00015568 _____ C:\Windows\system32\Drivers\fvstore.dat
2016-07-09 20:20 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-09 20:20 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-09 20:10 - 2009-07-14 07:13 - 00007028 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-09 20:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-09 20:05 - 2015-10-19 13:07 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-09 20:05 - 2015-09-27 18:36 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\uTorrent
2016-07-09 20:05 - 2015-09-23 23:10 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2016-07-09 20:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-09 19:55 - 2015-10-19 18:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-09 19:45 - 2016-04-05 17:17 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\dirs
2016-07-09 19:45 - 2016-04-05 17:17 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\dirs
2016-07-09 19:32 - 2015-10-07 10:22 - 00000000 ____D C:\AdwCleaner
2016-07-09 11:11 - 2016-05-18 15:25 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Seznam.cz
2016-07-08 12:37 - 2015-09-23 18:36 - 00000000 ____D C:\Users\Tomas\AppData\Local\CrashDumps
2016-07-08 11:47 - 2015-12-15 18:18 - 00000000 ____D C:\Program Files\Recuva
2016-07-06 21:11 - 2015-09-24 17:25 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\foobar2000
2016-07-05 19:42 - 2016-02-10 16:26 - 00000000 ____D C:\Users\Tomas\Documents\My Games
2016-07-04 20:37 - 2015-09-22 11:03 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\DAEMON Tools Pro
2016-07-03 13:43 - 2015-11-22 22:12 - 00024802 _____ C:\Windows\system32\perfh041.dat
2016-07-03 13:43 - 2015-11-22 22:12 - 00016098 _____ C:\Windows\system32\perfc041.dat
2016-07-03 13:43 - 2015-11-22 22:12 - 00001985 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2016-07-03 13:43 - 2015-11-22 22:12 - 00001985 _____ C:\ProgramData\Desktop\COMODO Internet Security.lnk
2016-07-03 12:56 - 2015-10-26 17:22 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-07-02 11:57 - 2015-09-22 11:14 - 00000000 ____D C:\Users\Tomas\AppData\Local\NVIDIA Corporation
2016-07-01 21:37 - 2015-09-22 11:14 - 00000000 ____D C:\Users\Tomas\AppData\Local\NVIDIA
2016-07-01 21:37 - 2015-09-22 11:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-01 21:37 - 2015-09-22 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-07-01 21:37 - 2015-09-22 11:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-01 21:37 - 2015-09-22 11:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-30 16:25 - 2015-09-22 11:24 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-30 15:53 - 2015-09-22 12:13 - 00000022 _____ C:\Windows\GPU-Z.INI
2016-06-29 17:42 - 2015-09-22 11:09 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-28 19:29 - 2015-09-23 15:16 - 00000000 ____D C:\Users\Tomas\AppData\Local\Adobe
2016-06-23 13:37 - 2015-09-22 10:51 - 00000000 ____D C:\Users\Tomas
2016-06-23 13:24 - 2015-10-26 19:58 - 00000000 ____D C:\Users\Tomas\Documents\The Witcher 3
2016-06-21 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2016-06-18 23:21 - 2015-10-06 16:13 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Origin
2016-06-18 23:21 - 2015-10-06 15:56 - 00000000 ____D C:\ProgramData\Origin
2016-06-18 23:18 - 2015-10-06 15:56 - 00000000 ____D C:\Program Files (x86)\Origin
2016-06-18 18:07 - 2015-09-22 11:38 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Intel Corporation
2016-06-18 12:39 - 2015-10-19 13:26 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 11:37 - 2015-09-23 15:17 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 11:37 - 2015-09-23 15:17 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-17 11:37 - 2015-09-23 15:17 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-16 20:32 - 2015-09-23 14:54 - 00000000 ____D C:\Program Files (x86)\Verimatrix
2016-06-15 08:12 - 2015-11-18 18:14 - 00829600 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2016-06-15 08:12 - 2015-11-18 18:14 - 00031648 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2016-06-15 08:12 - 2015-08-05 01:31 - 00116248 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2016-06-15 08:12 - 2015-08-05 01:31 - 00056472 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2016-06-15 08:08 - 2015-09-03 12:52 - 00793104 _____ (COMODO) C:\Windows\system32\guard64.dll
2016-06-15 08:08 - 2015-09-03 12:52 - 00626288 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2016-06-15 08:08 - 2015-08-05 01:29 - 00051800 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2016-06-15 08:04 - 2015-08-05 01:28 - 00365752 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2016-06-15 08:02 - 2015-08-05 01:28 - 00051896 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2016-06-15 07:58 - 2015-08-05 01:27 - 00296120 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2016-06-15 07:56 - 2015-08-05 01:26 - 00046776 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll
2016-06-14 20:46 - 2015-09-27 22:40 - 00000000 ____D C:\Users\Tomas\AppData\Local\ElevatedDiagnostics
2016-06-13 11:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-13 11:22 - 2009-07-14 07:08 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-12 12:17 - 2015-12-14 12:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-12 12:17 - 2015-09-23 12:59 - 00000000 ____D C:\ProgramData\Skype
==================== Files in the root of some directories =======
2015-09-26 22:23 - 2015-09-30 12:41 - 0000098 _____ () C:\Users\Tomas\AppData\Roaming\LauncherSettings_live.cfg
2015-09-26 15:11 - 2015-09-29 14:40 - 0000040 _____ () C:\Users\Tomas\AppData\Roaming\TheHunterSettings_live.cfg
2016-07-08 12:48 - 2016-07-08 12:48 - 0003584 _____ () C:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-23 13:37 - 2016-06-23 23:23 - 1065984 _____ () C:\Users\Tomas\AppData\Local\file__0.localstorage
2016-05-18 15:26 - 2016-05-18 15:26 - 0001064 _____ () C:\Users\Tomas\AppData\Local\recently-used.xbel
2015-09-30 15:42 - 2015-09-30 15:42 - 0007605 _____ () C:\Users\Tomas\AppData\Local\Resmon.ResmonCfg
2016-01-07 16:20 - 2016-01-07 16:20 - 0000003 _____ () C:\Users\Tomas\AppData\Local\updater.log
2016-01-07 16:20 - 2016-01-07 16:20 - 0000424 _____ () C:\Users\Tomas\AppData\Local\UserProducts.xml
2015-09-23 11:29 - 2015-09-23 11:29 - 0000000 _____ () C:\Users\Tomas\AppData\Local\{C7164F54-A819-4C1D-8F9A-A76D551A1A9A}
2015-09-23 12:37 - 2015-09-23 12:37 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-09-22 11:27 - 2015-09-22 11:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-27 17:13 - 2015-09-27 17:13 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
Some files in TEMP:
====================
C:\Users\Tomas\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-07 20:39
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pro motji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: pro motji
Otestujte na www.virustotal.com
C:\Users\Tomas\AppData\Roaming\dirs\trwe.exe.
odkaz na výsledka vložte ze.
Nemáte na ploše ještě druhý log?
C:\Users\Tomas\AppData\Roaming\dirs\trwe.exe.
odkaz na výsledka vložte ze.
Nemáte na ploše ještě druhý log?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: pro motji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2016
Ran by Tomas (2016-07-09 21:13:59)
Running from C:\Users\Tomas\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-09-22 08:51:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3061203490-3799476124-1463932836-500 - Administrator - Disabled)
Guest (S-1-5-21-3061203490-3799476124-1463932836-501 - Limited - Disabled)
Tomas (S-1-5-21-3061203490-3799476124-1463932836-1000 - Administrator - Enabled) => C:\Users\Tomas
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.00.92 - ASUSTeK Computer Inc.)
Aktualizácie NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.7.5.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.7.5.0 - ASUSTek COMPUTER INC.) Hidden
ASUS HomeCloud Launcher (HKLM-x32\...\4ff11ffb-5880-4338-90e0-1502e835b184) (Version: 1.01.04 - ASUSTeK Computer Inc.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Autodesk BIM 360 Revit 2016 Add-in 64 bit (HKLM\...\{C5A83116-8654-47A3-A3B1-B76905C8A198}) (Version: 4.35.3969 - Autodesk)
Autodesk Workflows 2016 (HKLM\...\{535CDED0-D690-4738-83EE-09056A365BAC}) (Version: 6.3.0.18 - Autodesk, Inc.)
CAM (HKLM-x32\...\{B06820C7-D39B-4FBD-BB63-C1F53699A500}) (Version: 2.1.71 - NZXT)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
COMODO Internet Security Premium (HKLM\...\{04833277-EE61-4251-9273-0CF86C0FE710}) (Version: 8.2.0.4792 - COMODO Security Solutions Inc.)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0387 - Disc Soft Ltd)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Futuremark SystemInfo (HKLM-x32\...\{4DB65855-2E10-47A2-AC3B-F8F826840125}) (Version: 4.46.595.0 - Futuremark)
Geeks3D.com FurMark 1.10.2 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Deskjet 3520 series Basic Device Software (HKLM\...\{A0A03B53-927D-4454-A456-CB0A72A4912F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Help (HKLM-x32\...\{C13E1F46-84FE-4D3B-8581-0F2F624C7EEC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Product Improvement Study (HKLM\...\{14ABDFC2-491B-4AF0-8134-CC5596D0EF57}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Instant Eyedropper 1.8.5.1 (HKLM-x32\...\Instant Eyedropper_is1) (Version: - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Malwarebytes Anti-Malware verzia 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Streamer (HKLM-x32\...\{B457E718-00CA-45C8-9F75-45D66F8DAFF6}) (Version: 2.00.15 - ASUSTeK Computer Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{7419AE1A-D1A5-4B24-BD78-C7ABCC26016F}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 sk) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 sk)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
NVIDIA 3D Vision radič ovládača 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.2.190 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.2.190 - NVIDIA Corporation)
NVIDIA Grafický ovládač 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.2.191 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 368.39 (Version: 368.39 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version: - Kakao Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.1.1.12 - Steppschuh)
Revit Architecture 2016 (Version: 16.0.428.0 - Autodesk) Hidden
Revit Architecture Content Libraries 2016 (Version: 16.0.428.0 - Autodesk) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rocket League v1.17 (6 DLC) (HKLM-x32\...\Rocket League v1.17 (6 DLC)1.17) (Version: 1.17 - Friends in War)
Room EQ Wizard 5.13 (HKLM-x32\...\4549-9647-2313-4375) (Version: 5.13 - John Mulcahy)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SHIELD Streaming (Version: 7.1.0300 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.2.191 - NVIDIA Corporation) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
SQL Server 2008 R2 SP2 Common Files (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Witcher 3 Wild Hunt Blood and Wine (HKLM-x32\...\The Witcher 3 Wild Hunt Blood and Wine_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
ViewRight Web PC (HKLM-x32\...\{B62D5F4C-BEB2-4DCD-A8B4-EE21CCAEC28A}) (Version: 3.3.0.0 - Verimatrix, Inc.)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.1.213 - ASUS Cloud Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05D1C911-4B68-42F1-853E-F5D5F8BB4017} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2014-03-27] ()
Task: {08E443E4-0472-4E0E-8739-0912C2DC23F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-19] (Google Inc.)
Task: {08FBC576-72AA-469B-9CB0-81A80DA84468} - System32\Tasks\{41E7C65A-79E2-4843-87F5-731C1CEEBDA7} => pcalua.exe -a C:\Users\Tomas\AppData\Local\Temp\jre-8u77-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {11FCC7A1-0F3D-4639-9505-0DE348C5509E} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {124919B2-5599-455E-B4B1-4D6489BA5782} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-19] (Google Inc.)
Task: {1396FE82-8901-4FF8-A7C4-8896C71167E8} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-09-11] (ASUSTeK Computer Inc.)
Task: {17269CA3-768B-48AC-8A69-DAE50E411634} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-07-09] (NVIDIA Corporation)
Task: {1E1A5FF9-3CD6-40EA-8B92-CE6BD25919BE} - System32\Tasks\{A89A6F83-DCCB-4C80-94A1-822ED290C10D} => C:\Users\Tomas\Downloads\ASSSDBenchmark\AS SSD Benchmark.exe
Task: {20C890AB-3F33-4193-9867-7EA2C48CCA8E} - System32\Tasks\{6FF55281-2905-4E44-A63D-39266750B33B} => pcalua.exe -a "C:\Program Files (x86)\YTD\setup.exe" -d "C:\Program Files (x86)\YTD"
Task: {222DB7A6-8EC6-4E27-82F9-358476A2E595} - System32\Tasks\{74D8D0C1-A21A-4089-B315-24141C510B09} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall PROR /dll OSETUP.DLL
Task: {259DDA37-D5F2-4717-8560-7E9814231649} - System32\Tasks\ASUS\ASUS Media Streamer DMR => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe [2014-07-15] ()
Task: {2C1DAD89-13D2-4871-9E16-554FB0EDA522} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {2C4C7906-80A1-4E0E-B92F-3EECBCEFF555} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {30732C0F-DBCF-4940-A7BA-05544E62CA80} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2014-08-04] (TODO: <Company name>)
Task: {4F2DE321-9782-470B-9004-6654E2544D4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-07-09] (NVIDIA Corporation)
Task: {53090F3C-E5A8-40F5-B50B-F32686ADECB9} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-07-03] (COMODO)
Task: {59D3EB20-4B9F-43D0-882C-B56BDD55DAC2} - System32\Tasks\ASUS\i-Setup112256 => C:\Windows\Chipset\AsusSetup.exe [2013-09-09] (ASUSTeK Computer Inc.)
Task: {5CB5EA8C-5D99-4B0D-B7A4-8B923DF10BBF} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-07-09] (NVIDIA Corporation)
Task: {6549E1D1-6614-45D3-A32A-9206DE6F89D4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-07-09] (NVIDIA Corporation)
Task: {6708F241-5450-4FA5-B5E0-6C496ADFBA74} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {670C966C-A8C5-41DA-9D61-91AF6B5DFC36} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {6BAD0851-63EF-4532-9CBE-67553AE470E3} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {810F5D3C-A8C7-41E0-BBCF-C9DA4CC55E9A} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {8687BF49-F653-4025-A5AC-198FCCADE706} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3061203490-3799476124-1463932836-1000
Task: {8D02470F-C915-41C5-9F08-2EF846B76828} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-07-09] (NVIDIA Corporation)
Task: {9AB89A52-5ABC-4DC7-A78A-397157625BD8} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_Client_V2.exe [2015-09-10] ()
Task: {9ED6FF1B-8417-4BDB-81D6-7AFC1A9AAE4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {A4849414-DD55-4393-985A-20FC3D97860E} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B0D00F91-3EEF-44E6-AB24-5B6C5A24FFE1} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {BDFE781B-0B45-4B7B-A364-FC029E2F7D41} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-08-04] ()
Task: {DF17D599-9B85-4D3D-8701-7FFDDD265579} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-05-28] (ASUSTeK Computer Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-06-21 20:24 - 2016-06-03 05:26 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-25 00:03 - 2014-04-25 00:03 - 00936728 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-09-22 11:01 - 2014-03-27 19:33 - 01430328 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2015-09-22 10:55 - 2014-07-15 15:02 - 00295936 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
2015-09-22 11:01 - 2014-08-04 19:21 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2015-01-08 23:02 - 2016-03-16 12:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-09-22 11:02 - 2014-08-01 14:58 - 01065272 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
2015-09-22 11:02 - 2014-07-25 16:32 - 00036152 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
2015-12-28 16:10 - 2015-12-28 16:10 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2015-12-28 16:10 - 2015-12-28 16:10 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2015-09-16 21:33 - 2015-09-16 21:33 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2015-09-22 11:01 - 2014-09-09 10:14 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
2016-07-01 21:37 - 2016-07-04 10:50 - 00062912 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 00308160 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\MessageBus.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 04488640 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 00396736 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\nvspserviceplugin64.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\NvStreamBase.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 03070912 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_NvStreamControl.dll
2015-09-22 10:55 - 2016-07-09 20:05 - 00034960 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-09-22 10:55 - 2014-04-25 00:03 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-22 11:01 - 2014-03-27 19:32 - 05778096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2015-09-22 11:01 - 2014-02-24 17:49 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2015-09-22 11:01 - 2014-09-09 10:14 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2015-09-22 11:01 - 2014-09-09 10:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-09-22 11:01 - 2014-08-04 17:31 - 04239360 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2015-09-22 11:01 - 2014-02-25 16:53 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2015-09-22 11:01 - 2014-09-09 10:14 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2015-09-22 11:01 - 2014-08-04 11:25 - 00053248 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-09-22 11:01 - 2014-08-04 11:25 - 00278528 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2015-09-22 10:55 - 2014-01-22 04:33 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2015-09-22 11:02 - 2013-11-20 10:10 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2015-09-22 11:02 - 2013-07-02 10:40 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2015-12-28 16:10 - 2015-12-28 16:10 - 00143360 ____N () C:\Program Files\UNi Xonar Audio\Customapp\VmixP8.dll
2014-10-09 10:18 - 2014-10-09 10:18 - 00278528 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2014-10-29 11:42 - 2014-10-29 11:42 - 00057344 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2015-09-22 11:02 - 2014-04-10 15:23 - 00643584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMiniMsg.dll
2014-04-29 16:23 - 2014-04-29 16:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-06-20 15:09 - 2012-06-20 15:09 - 00634880 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\SDL.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 01160888 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\avformat-52.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 05103868 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\avcodec-52.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 00192717 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\avutil-50.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 00262092 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\swscale-0.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\difxapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\CmiFltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsMgr64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsSrv64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsSrv642.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmasiopx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Cmeauoxy.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CmiCnfgP.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CmiInstallResAll64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmudaxp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Cm_Oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nvaudcap64v.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xinput1_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cmasiop.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CmiCnfgp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CmiFltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Cmpaoxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Cm_Oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\HsMgr.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\HsSrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\HsSrv2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nvaudcap32v.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VmixP8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\cmudaxp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\nvvad64v.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [0]
AlternateDataStreams: C:\Users\Tomas\Desktop\$_35.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\10296375_777680752251433_7520339795265519082_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\10440821_10203854994162871_1373651193093004697_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\11738055_1009909505708560_2655345021947015536_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\13516334_10201750055831248_3829009012877130994_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\16-i28230.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\20160416_180520.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Desktop\20160416_180520.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\22702-univerzum-vseobecna-encyklopedia-pre-21-storocie-nestandard1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\276284.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\276720_570f68c5d73a480cbdbcf3d2cf41c454.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\2_thumb_1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\486479.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\4c7f73b0b855a.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4276900_142908_20140727_14439.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4813564_60882_20141203_35212.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4830080_50689_20141206_29945.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N6273986_43463_20160116_12702.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N6726077_61082_20160504_35509.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Desktop\FRST64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\Giraffe.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l.php.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l20511.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l37526.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-americky_pitbulterier.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-ludske_telo_unikatny_obrazovy_sprievodca.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-predhistoria.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\ml4587.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\papoucsimadagaskar.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\The-Elephant-portrait.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\01 - Cancion Del Mariachi (Desperado).flac:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\01 - Cancion Del Mariachi (Desperado).flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\032 - Snoop Dogg & Wiz Khalifa ft. Bruno Mars - Young Wild And Free.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\032 - Snoop Dogg & Wiz Khalifa ft. Bruno Mars - Young Wild And Free.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\11_-_Adele_-_Someone_Like_You.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\11_-_Adele_-_Someone_Like_You.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\12247046_997043553690002_6538794650488572407_n.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\13563400_1050942081626131_1626193806_n.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\13563400_1050942081626131_1626193806_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\16---The-Hanging-Tree---James-Newton-Howard.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\16---The-Hanging-Tree---James-Newton-Howard.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\1_jpeg644da3ea2039ec50616a9fd0f1a43580.jpeg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\1_jpeg644da3ea2039ec50616a9fd0f1a43580.jpeg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\20151105_181534.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\20151105_181534.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\20160416_191101.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\20160416_191101.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\2afb89a5e696a5388e3667776c534c3c.gif:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\3DMark11-v1-0-132.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\3DMark11-v1-0-132.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\55843193.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\946777_1742916139262940_5888588043330652952_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\adwcleaner_5.201.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\adwcleaner_5.201.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\aida64extreme570.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E01(0000268085).srt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E01(0000268085).srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E02(0000268819).srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals.S01E01.HDTV.x264-KILLERS[ettv].mp4:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals.S01E01.HDTV.x264-KILLERS[ettv].mp4:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\arrow.s04e22.hdtv.x264-lol.srt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\arrow.s04e22.hdtv.x264-lol.srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\arulersetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\arulersetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Baumit_Jpeg.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\Baumit_Jpeg.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\blockposter-132043.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\blockposter-132043.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\camstudio_2.6beta.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\camstudio_2.6beta.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ddmsetup1800.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ddmsetup1800.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\faststone-capture_7.3Shareware.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\faststone-capture_7.3Shareware.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup 45.0.1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup 45.0.1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\fotky.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\fotky.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\FT5S+Abosch+faces+of+ireland+dublin+airport.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\FurMark_1.10.2_Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Futuremark_SystemInfo_v446_installer.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Futuremark_SystemInfo_v446_installer.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\GeForce_Experience_Beta_v3.0.2.190.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\GeForce_Experience_Beta_v3.0.2.190.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\gimp-2.8.16-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\gimp-2.8.16-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\GoogleEarthProSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\GoogleEarthProSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Guns N' Roses - Sweet Child O'Mine.flac:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\Guns N' Roses - Sweet Child O'Mine.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1578.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1578.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1579.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1579.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1580.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1580.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1581.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1581.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\instant-eyedropper-1.8.5.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\instant-eyedropper-1.8.5.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\iview442_x64_setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\iview442_x64_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\konečna verzia.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\konečna verzia.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\MEGAsyncSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\MEGAsyncSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Metallica_-_Nothing_Else_Matters.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Metallica_-_Nothing_Else_Matters.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Michonnin príbeh SK.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Michonnin príbeh SK.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ml15338.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\moj-komp.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\MUM52131.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\netscan_portable.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\netscan_portable.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Oznamenie pre rodicov A (1).doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Oznamenie pre rodicov A.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PONUKA PRE MS.eml:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTray320.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTray320.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTrayPlugins_beta6.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTrayPlugins_beta6.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Punisher Akční 2004 cz.avi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Punisher Akční 2004 cz.avi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\R.E.M.---Out-Of-Time---02.-Losing-My-Religion.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\R.E.M.---Out-Of-Time---02.-Losing-My-Religion.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\screenrecorderfree.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\screenrecorderfree.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup help read.txt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup help read.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup registry file edit this.reg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup registry file edit this.reg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\siw_tech.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\siw_tech.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Star-Wars-Volume-1.cz.fenixprodabing.avi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Star-Wars-Volume-1.cz.fenixprodabing.avi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\SteamSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\SteamSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Survivor---Eye-of-the-Tiger.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Survivor---Eye-of-the-Tiger.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-(2016)-(Digital)-(Minutemen-Acan).cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-(2016)-(Digital)-(Minutemen-Acan).cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-sk.cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-sk.cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk.cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk.cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Blood.and.Wine-CODEX.torrent:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Blood.and.Wine-CODEX.torrent:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Patch.v1.22-GOG.torrent:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Unigine_Heaven-4.0.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Unigine_Heaven-4.0.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller(1).msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller(1).msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\WinSnap_4.5.3-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\WinSnap_4.5.3-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\zivotopis(1).docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\zivotopis(1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\zoznam_dlznikov_20_05_2016_csv.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\zoznam_dlznikov_20_05_2016_csv.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ZS - rocenka grafity.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ZS - rocenka grafity.jpg:$CmdZnID [26]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
bfe => Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dell Display Manager.lnk => C:\Windows\pss\Dell Display Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Tomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 3520 series.lnk => C:\Windows\pss\Monitor Ink Alerts - HP Deskjet 3520 series.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Tomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Akamai NetSession Interface =>
MSCONFIG\startupreg: AO Link Server =>
MSCONFIG\startupreg: CAM => C:\Program Files (x86)\NZXT\CAM\CAMLauncher.exe -autostart
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: HomeCloud Drive => C:\Program Files (x86)\ASUS\LocalDrive\LocalDrive.exe --useArgs
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: OscarEditor => "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Tomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: WebStorage => C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\AsusWSPanel.exe /S
MSCONFIG\startupreg: windirs => C:\Users\Tomas\AppData\Local\Temp\trwe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2D69DA90-E171-4A01-B93A-A52D75D02B21}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
FirewallRules: [{5D762B29-69CA-4CBA-8FC7-B5FE0E4012DB}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
FirewallRules: [{27B63CBD-FB22-48B8-95DB-D24ECBC3F6AD}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe
FirewallRules: [{9C355E3B-3794-444A-AF2F-8DCA1310F861}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe
FirewallRules: [{0FF88CCF-1E91-490D-9EA3-4FA5BCA21E3F}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe
FirewallRules: [{8631306A-B90F-4C86-8548-4EAAE51AB2C9}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe
FirewallRules: [{867B897B-FA84-4C78-93DE-AA3DD8E9FC5B}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe
FirewallRules: [{130135FA-B994-4732-94CF-F9723A713809}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe
FirewallRules: [{4A734950-966E-4276-902E-232C1501A26A}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe
FirewallRules: [{247921E6-2ADD-4DF0-9BDE-3BEB648F3345}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe
FirewallRules: [{EE7B16CA-94A5-4BA9-BA89-21116F911CA9}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{86AAE7E1-3622-445D-BBC2-A4FD76079647}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{6F1D4383-7E36-478D-95B6-0DFCF08A50EB}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{370B314D-65EA-4D45-9571-3DFF9D081754}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{B03D28AF-2BBB-470E-886C-DDBB28B03D61}C:\users\tomas\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tomas\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{9FB8DF33-3FB3-4443-B8BE-B1834A8AA888}C:\users\tomas\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tomas\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{8C245B44-EAEB-4926-BBEE-507E210004D0}] => (Allow) LPort=9143
FirewallRules: [{4F958F4F-F4D0-4266-A80B-34546DC1E4F1}] => (Allow) LPort=2333
FirewallRules: [{869C77B9-FBFA-4F20-86DE-E5C819E40CF1}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{A915DED3-0D61-43E1-84FA-37F308DC8FDE}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{BAF12481-2A30-46BF-A7A5-9A02E212C55F}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DB7D7DD0-4B0B-4F95-ADFC-C43C6490DD12}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{75776EFF-7013-464A-9F1F-AEC114DA751B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8CA5A74B-3D61-4B9F-95D7-E9A7DD4FA721}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{041DFFE8-893E-40F2-8CF3-76653D6BDB8B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C0F3E36A-2F27-460E-9471-137CB1F87402}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{642F4AFE-422E-4614-A36E-538CBC82F971}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{60FF3804-C50E-40CD-ADDD-16AA8AAC967B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2DAE4996-8D1A-439A-B372-CBE3BD5AE65A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CB16BB37-2701-4550-ADF6-BDB062B3E9C9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0A4B414A-345D-4CD2-8FB2-1FAD7B0E437E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F2CFF811-53D8-4CB9-AD90-93648A749575}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{149A6D3A-0E80-4E2A-AC1B-F92AF5B638CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{EDE986A5-5DBC-4E41-BE7B-B378D9B44E1F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FBCEDD99-82FE-466F-B2CF-F7AFC7A9EC8E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FFF1CE12-316C-4EC7-97A3-53576741A565}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{928A137C-C481-4FAE-BFDF-DB7890807808}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [{6ED78DB0-068E-4463-9A77-0A52BD8687CA}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
==================== Restore Points =========================
Could not list restore points
Check "winmgmt" service or repair WMI.
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
System error 123 has occurred.
N�zov s�boru, n�zov adres�ra alebo syntax ozna�enia zv�zku nie s� spr�vne.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Percentage of memory in use: 42%
Total physical RAM: 8134.69 MB
Available physical RAM: 4694.76 MB
Total Virtual: 16267.59 MB
Available Virtual: 12115.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:3.58 GB) NTFS
Drive d: (Nový zväzok) (Fixed) (Total:931.51 GB) (Free:890.24 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 74F2D007)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DC6CB571)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Tomas (2016-07-09 21:13:59)
Running from C:\Users\Tomas\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-09-22 08:51:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3061203490-3799476124-1463932836-500 - Administrator - Disabled)
Guest (S-1-5-21-3061203490-3799476124-1463932836-501 - Limited - Disabled)
Tomas (S-1-5-21-3061203490-3799476124-1463932836-1000 - Administrator - Enabled) => C:\Users\Tomas
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.00.92 - ASUSTeK Computer Inc.)
Aktualizácie NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.7.5.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.7.5.0 - ASUSTek COMPUTER INC.) Hidden
ASUS HomeCloud Launcher (HKLM-x32\...\4ff11ffb-5880-4338-90e0-1502e835b184) (Version: 1.01.04 - ASUSTeK Computer Inc.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Autodesk BIM 360 Revit 2016 Add-in 64 bit (HKLM\...\{C5A83116-8654-47A3-A3B1-B76905C8A198}) (Version: 4.35.3969 - Autodesk)
Autodesk Workflows 2016 (HKLM\...\{535CDED0-D690-4738-83EE-09056A365BAC}) (Version: 6.3.0.18 - Autodesk, Inc.)
CAM (HKLM-x32\...\{B06820C7-D39B-4FBD-BB63-C1F53699A500}) (Version: 2.1.71 - NZXT)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
COMODO Internet Security Premium (HKLM\...\{04833277-EE61-4251-9273-0CF86C0FE710}) (Version: 8.2.0.4792 - COMODO Security Solutions Inc.)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0387 - Disc Soft Ltd)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Futuremark SystemInfo (HKLM-x32\...\{4DB65855-2E10-47A2-AC3B-F8F826840125}) (Version: 4.46.595.0 - Futuremark)
Geeks3D.com FurMark 1.10.2 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Deskjet 3520 series Basic Device Software (HKLM\...\{A0A03B53-927D-4454-A456-CB0A72A4912F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Help (HKLM-x32\...\{C13E1F46-84FE-4D3B-8581-0F2F624C7EEC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Product Improvement Study (HKLM\...\{14ABDFC2-491B-4AF0-8134-CC5596D0EF57}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Instant Eyedropper 1.8.5.1 (HKLM-x32\...\Instant Eyedropper_is1) (Version: - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Malwarebytes Anti-Malware verzia 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Streamer (HKLM-x32\...\{B457E718-00CA-45C8-9F75-45D66F8DAFF6}) (Version: 2.00.15 - ASUSTeK Computer Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{7419AE1A-D1A5-4B24-BD78-C7ABCC26016F}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 sk) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 sk)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
NVIDIA 3D Vision radič ovládača 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.2.190 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.2.190 - NVIDIA Corporation)
NVIDIA Grafický ovládač 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.2.191 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 368.39 (Version: 368.39 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version: - Kakao Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.1.1.12 - Steppschuh)
Revit Architecture 2016 (Version: 16.0.428.0 - Autodesk) Hidden
Revit Architecture Content Libraries 2016 (Version: 16.0.428.0 - Autodesk) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rocket League v1.17 (6 DLC) (HKLM-x32\...\Rocket League v1.17 (6 DLC)1.17) (Version: 1.17 - Friends in War)
Room EQ Wizard 5.13 (HKLM-x32\...\4549-9647-2313-4375) (Version: 5.13 - John Mulcahy)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SHIELD Streaming (Version: 7.1.0300 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.2.191 - NVIDIA Corporation) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
SQL Server 2008 R2 SP2 Common Files (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Witcher 3 Wild Hunt Blood and Wine (HKLM-x32\...\The Witcher 3 Wild Hunt Blood and Wine_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
ViewRight Web PC (HKLM-x32\...\{B62D5F4C-BEB2-4DCD-A8B4-EE21CCAEC28A}) (Version: 3.3.0.0 - Verimatrix, Inc.)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.1.213 - ASUS Cloud Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05D1C911-4B68-42F1-853E-F5D5F8BB4017} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2014-03-27] ()
Task: {08E443E4-0472-4E0E-8739-0912C2DC23F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-19] (Google Inc.)
Task: {08FBC576-72AA-469B-9CB0-81A80DA84468} - System32\Tasks\{41E7C65A-79E2-4843-87F5-731C1CEEBDA7} => pcalua.exe -a C:\Users\Tomas\AppData\Local\Temp\jre-8u77-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {11FCC7A1-0F3D-4639-9505-0DE348C5509E} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {124919B2-5599-455E-B4B1-4D6489BA5782} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-19] (Google Inc.)
Task: {1396FE82-8901-4FF8-A7C4-8896C71167E8} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-09-11] (ASUSTeK Computer Inc.)
Task: {17269CA3-768B-48AC-8A69-DAE50E411634} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-07-09] (NVIDIA Corporation)
Task: {1E1A5FF9-3CD6-40EA-8B92-CE6BD25919BE} - System32\Tasks\{A89A6F83-DCCB-4C80-94A1-822ED290C10D} => C:\Users\Tomas\Downloads\ASSSDBenchmark\AS SSD Benchmark.exe
Task: {20C890AB-3F33-4193-9867-7EA2C48CCA8E} - System32\Tasks\{6FF55281-2905-4E44-A63D-39266750B33B} => pcalua.exe -a "C:\Program Files (x86)\YTD\setup.exe" -d "C:\Program Files (x86)\YTD"
Task: {222DB7A6-8EC6-4E27-82F9-358476A2E595} - System32\Tasks\{74D8D0C1-A21A-4089-B315-24141C510B09} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall PROR /dll OSETUP.DLL
Task: {259DDA37-D5F2-4717-8560-7E9814231649} - System32\Tasks\ASUS\ASUS Media Streamer DMR => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe [2014-07-15] ()
Task: {2C1DAD89-13D2-4871-9E16-554FB0EDA522} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {2C4C7906-80A1-4E0E-B92F-3EECBCEFF555} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {30732C0F-DBCF-4940-A7BA-05544E62CA80} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2014-08-04] (TODO: <Company name>)
Task: {4F2DE321-9782-470B-9004-6654E2544D4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-07-09] (NVIDIA Corporation)
Task: {53090F3C-E5A8-40F5-B50B-F32686ADECB9} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-07-03] (COMODO)
Task: {59D3EB20-4B9F-43D0-882C-B56BDD55DAC2} - System32\Tasks\ASUS\i-Setup112256 => C:\Windows\Chipset\AsusSetup.exe [2013-09-09] (ASUSTeK Computer Inc.)
Task: {5CB5EA8C-5D99-4B0D-B7A4-8B923DF10BBF} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-07-09] (NVIDIA Corporation)
Task: {6549E1D1-6614-45D3-A32A-9206DE6F89D4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-07-09] (NVIDIA Corporation)
Task: {6708F241-5450-4FA5-B5E0-6C496ADFBA74} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {670C966C-A8C5-41DA-9D61-91AF6B5DFC36} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {6BAD0851-63EF-4532-9CBE-67553AE470E3} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {810F5D3C-A8C7-41E0-BBCF-C9DA4CC55E9A} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {8687BF49-F653-4025-A5AC-198FCCADE706} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3061203490-3799476124-1463932836-1000
Task: {8D02470F-C915-41C5-9F08-2EF846B76828} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-07-09] (NVIDIA Corporation)
Task: {9AB89A52-5ABC-4DC7-A78A-397157625BD8} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_Client_V2.exe [2015-09-10] ()
Task: {9ED6FF1B-8417-4BDB-81D6-7AFC1A9AAE4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {A4849414-DD55-4393-985A-20FC3D97860E} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B0D00F91-3EEF-44E6-AB24-5B6C5A24FFE1} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {BDFE781B-0B45-4B7B-A364-FC029E2F7D41} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-08-04] ()
Task: {DF17D599-9B85-4D3D-8701-7FFDDD265579} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-05-28] (ASUSTeK Computer Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-06-21 20:24 - 2016-06-03 05:26 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-25 00:03 - 2014-04-25 00:03 - 00936728 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-09-22 11:01 - 2014-03-27 19:33 - 01430328 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2015-09-22 10:55 - 2014-07-15 15:02 - 00295936 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
2015-09-22 11:01 - 2014-08-04 19:21 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2015-01-08 23:02 - 2016-03-16 12:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-09-22 11:02 - 2014-08-01 14:58 - 01065272 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
2015-09-22 11:02 - 2014-07-25 16:32 - 00036152 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
2015-12-28 16:10 - 2015-12-28 16:10 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2015-12-28 16:10 - 2015-12-28 16:10 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2015-09-16 21:33 - 2015-09-16 21:33 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2015-09-22 11:01 - 2014-09-09 10:14 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
2016-07-01 21:37 - 2016-07-04 10:50 - 00062912 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 00308160 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\MessageBus.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 04488640 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 00396736 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\nvspserviceplugin64.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\NvStreamBase.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 03070912 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_NvStreamControl.dll
2015-09-22 10:55 - 2016-07-09 20:05 - 00034960 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-09-22 10:55 - 2014-04-25 00:03 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-22 11:01 - 2014-03-27 19:32 - 05778096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2015-09-22 11:01 - 2014-02-24 17:49 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2015-09-22 11:01 - 2014-09-09 10:14 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2015-09-22 11:01 - 2014-09-09 10:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-09-22 11:01 - 2014-08-04 17:31 - 04239360 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2015-09-22 11:01 - 2014-02-25 16:53 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2015-09-22 11:01 - 2014-09-09 10:14 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2015-09-22 11:01 - 2014-08-04 11:25 - 00053248 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-09-22 11:01 - 2014-08-04 11:25 - 00278528 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2015-09-22 10:55 - 2014-01-22 04:33 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2015-09-22 11:02 - 2013-11-20 10:10 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2015-09-22 11:02 - 2013-07-02 10:40 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2015-12-28 16:10 - 2015-12-28 16:10 - 00143360 ____N () C:\Program Files\UNi Xonar Audio\Customapp\VmixP8.dll
2014-10-09 10:18 - 2014-10-09 10:18 - 00278528 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2014-10-29 11:42 - 2014-10-29 11:42 - 00057344 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2015-09-22 11:01 - 2014-08-04 17:25 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2015-09-22 11:02 - 2014-04-10 15:23 - 00643584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMiniMsg.dll
2014-04-29 16:23 - 2014-04-29 16:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-06-20 15:09 - 2012-06-20 15:09 - 00634880 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\SDL.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 01160888 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\avformat-52.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 05103868 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\avcodec-52.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 00192717 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\avutil-50.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 00262092 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\swscale-0.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\difxapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\CmiFltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsMgr64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsSrv64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsSrv642.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmasiopx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Cmeauoxy.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CmiCnfgP.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CmiInstallResAll64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmudaxp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Cm_Oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nvaudcap64v.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xinput1_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cmasiop.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CmiCnfgp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CmiFltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Cmpaoxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Cm_Oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\HsMgr.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\HsSrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\HsSrv2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nvaudcap32v.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VmixP8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\cmudaxp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\nvvad64v.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [0]
AlternateDataStreams: C:\Users\Tomas\Desktop\$_35.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\10296375_777680752251433_7520339795265519082_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\10440821_10203854994162871_1373651193093004697_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\11738055_1009909505708560_2655345021947015536_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\13516334_10201750055831248_3829009012877130994_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\16-i28230.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\20160416_180520.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Desktop\20160416_180520.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\22702-univerzum-vseobecna-encyklopedia-pre-21-storocie-nestandard1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\276284.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\276720_570f68c5d73a480cbdbcf3d2cf41c454.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\2_thumb_1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\486479.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\4c7f73b0b855a.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4276900_142908_20140727_14439.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4813564_60882_20141203_35212.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4830080_50689_20141206_29945.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N6273986_43463_20160116_12702.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N6726077_61082_20160504_35509.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Desktop\FRST64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\Giraffe.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l.php.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l20511.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l37526.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-americky_pitbulterier.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-ludske_telo_unikatny_obrazovy_sprievodca.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-predhistoria.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\ml4587.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\papoucsimadagaskar.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\The-Elephant-portrait.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\01 - Cancion Del Mariachi (Desperado).flac:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\01 - Cancion Del Mariachi (Desperado).flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\032 - Snoop Dogg & Wiz Khalifa ft. Bruno Mars - Young Wild And Free.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\032 - Snoop Dogg & Wiz Khalifa ft. Bruno Mars - Young Wild And Free.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\11_-_Adele_-_Someone_Like_You.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\11_-_Adele_-_Someone_Like_You.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\12247046_997043553690002_6538794650488572407_n.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\13563400_1050942081626131_1626193806_n.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\13563400_1050942081626131_1626193806_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\16---The-Hanging-Tree---James-Newton-Howard.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\16---The-Hanging-Tree---James-Newton-Howard.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\1_jpeg644da3ea2039ec50616a9fd0f1a43580.jpeg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\1_jpeg644da3ea2039ec50616a9fd0f1a43580.jpeg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\20151105_181534.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\20151105_181534.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\20160416_191101.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\20160416_191101.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\2afb89a5e696a5388e3667776c534c3c.gif:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\3DMark11-v1-0-132.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\3DMark11-v1-0-132.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\55843193.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\946777_1742916139262940_5888588043330652952_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\adwcleaner_5.201.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\adwcleaner_5.201.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\aida64extreme570.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E01(0000268085).srt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E01(0000268085).srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E02(0000268819).srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals.S01E01.HDTV.x264-KILLERS[ettv].mp4:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals.S01E01.HDTV.x264-KILLERS[ettv].mp4:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\arrow.s04e22.hdtv.x264-lol.srt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\arrow.s04e22.hdtv.x264-lol.srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\arulersetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\arulersetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Baumit_Jpeg.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\Baumit_Jpeg.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\blockposter-132043.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\blockposter-132043.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\camstudio_2.6beta.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\camstudio_2.6beta.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ddmsetup1800.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ddmsetup1800.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\faststone-capture_7.3Shareware.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\faststone-capture_7.3Shareware.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup 45.0.1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup 45.0.1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\fotky.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\fotky.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\FT5S+Abosch+faces+of+ireland+dublin+airport.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\FurMark_1.10.2_Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Futuremark_SystemInfo_v446_installer.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Futuremark_SystemInfo_v446_installer.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\GeForce_Experience_Beta_v3.0.2.190.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\GeForce_Experience_Beta_v3.0.2.190.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\gimp-2.8.16-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\gimp-2.8.16-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\GoogleEarthProSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\GoogleEarthProSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Guns N' Roses - Sweet Child O'Mine.flac:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\Guns N' Roses - Sweet Child O'Mine.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1578.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1578.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1579.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1579.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1580.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1580.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1581.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1581.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\instant-eyedropper-1.8.5.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\instant-eyedropper-1.8.5.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\iview442_x64_setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\iview442_x64_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\konečna verzia.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\konečna verzia.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\MEGAsyncSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\MEGAsyncSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Metallica_-_Nothing_Else_Matters.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Metallica_-_Nothing_Else_Matters.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Michonnin príbeh SK.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Michonnin príbeh SK.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ml15338.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\moj-komp.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\MUM52131.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\netscan_portable.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\netscan_portable.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Oznamenie pre rodicov A (1).doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Oznamenie pre rodicov A.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PONUKA PRE MS.eml:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTray320.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTray320.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTrayPlugins_beta6.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTrayPlugins_beta6.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Punisher Akční 2004 cz.avi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Punisher Akční 2004 cz.avi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\R.E.M.---Out-Of-Time---02.-Losing-My-Religion.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\R.E.M.---Out-Of-Time---02.-Losing-My-Religion.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\screenrecorderfree.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\screenrecorderfree.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup help read.txt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup help read.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup registry file edit this.reg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup registry file edit this.reg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\siw_tech.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\siw_tech.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Star-Wars-Volume-1.cz.fenixprodabing.avi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Star-Wars-Volume-1.cz.fenixprodabing.avi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\SteamSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\SteamSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Survivor---Eye-of-the-Tiger.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Survivor---Eye-of-the-Tiger.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-(2016)-(Digital)-(Minutemen-Acan).cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-(2016)-(Digital)-(Minutemen-Acan).cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-sk.cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-sk.cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk.cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk.cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Blood.and.Wine-CODEX.torrent:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Blood.and.Wine-CODEX.torrent:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Patch.v1.22-GOG.torrent:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Unigine_Heaven-4.0.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Unigine_Heaven-4.0.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller(1).msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller(1).msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\WinSnap_4.5.3-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\WinSnap_4.5.3-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\zivotopis(1).docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\zivotopis(1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\zoznam_dlznikov_20_05_2016_csv.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\zoznam_dlznikov_20_05_2016_csv.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ZS - rocenka grafity.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ZS - rocenka grafity.jpg:$CmdZnID [26]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
bfe => Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dell Display Manager.lnk => C:\Windows\pss\Dell Display Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Tomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 3520 series.lnk => C:\Windows\pss\Monitor Ink Alerts - HP Deskjet 3520 series.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Tomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Akamai NetSession Interface =>
MSCONFIG\startupreg: AO Link Server =>
MSCONFIG\startupreg: CAM => C:\Program Files (x86)\NZXT\CAM\CAMLauncher.exe -autostart
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: HomeCloud Drive => C:\Program Files (x86)\ASUS\LocalDrive\LocalDrive.exe --useArgs
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: OscarEditor => "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Tomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: WebStorage => C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\AsusWSPanel.exe /S
MSCONFIG\startupreg: windirs => C:\Users\Tomas\AppData\Local\Temp\trwe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2D69DA90-E171-4A01-B93A-A52D75D02B21}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
FirewallRules: [{5D762B29-69CA-4CBA-8FC7-B5FE0E4012DB}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
FirewallRules: [{27B63CBD-FB22-48B8-95DB-D24ECBC3F6AD}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe
FirewallRules: [{9C355E3B-3794-444A-AF2F-8DCA1310F861}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe
FirewallRules: [{0FF88CCF-1E91-490D-9EA3-4FA5BCA21E3F}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe
FirewallRules: [{8631306A-B90F-4C86-8548-4EAAE51AB2C9}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe
FirewallRules: [{867B897B-FA84-4C78-93DE-AA3DD8E9FC5B}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe
FirewallRules: [{130135FA-B994-4732-94CF-F9723A713809}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe
FirewallRules: [{4A734950-966E-4276-902E-232C1501A26A}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe
FirewallRules: [{247921E6-2ADD-4DF0-9BDE-3BEB648F3345}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe
FirewallRules: [{EE7B16CA-94A5-4BA9-BA89-21116F911CA9}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{86AAE7E1-3622-445D-BBC2-A4FD76079647}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{6F1D4383-7E36-478D-95B6-0DFCF08A50EB}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{370B314D-65EA-4D45-9571-3DFF9D081754}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{B03D28AF-2BBB-470E-886C-DDBB28B03D61}C:\users\tomas\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tomas\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{9FB8DF33-3FB3-4443-B8BE-B1834A8AA888}C:\users\tomas\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tomas\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{8C245B44-EAEB-4926-BBEE-507E210004D0}] => (Allow) LPort=9143
FirewallRules: [{4F958F4F-F4D0-4266-A80B-34546DC1E4F1}] => (Allow) LPort=2333
FirewallRules: [{869C77B9-FBFA-4F20-86DE-E5C819E40CF1}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{A915DED3-0D61-43E1-84FA-37F308DC8FDE}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{BAF12481-2A30-46BF-A7A5-9A02E212C55F}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DB7D7DD0-4B0B-4F95-ADFC-C43C6490DD12}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{75776EFF-7013-464A-9F1F-AEC114DA751B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8CA5A74B-3D61-4B9F-95D7-E9A7DD4FA721}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{041DFFE8-893E-40F2-8CF3-76653D6BDB8B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C0F3E36A-2F27-460E-9471-137CB1F87402}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{642F4AFE-422E-4614-A36E-538CBC82F971}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{60FF3804-C50E-40CD-ADDD-16AA8AAC967B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2DAE4996-8D1A-439A-B372-CBE3BD5AE65A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CB16BB37-2701-4550-ADF6-BDB062B3E9C9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0A4B414A-345D-4CD2-8FB2-1FAD7B0E437E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F2CFF811-53D8-4CB9-AD90-93648A749575}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{149A6D3A-0E80-4E2A-AC1B-F92AF5B638CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{EDE986A5-5DBC-4E41-BE7B-B378D9B44E1F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FBCEDD99-82FE-466F-B2CF-F7AFC7A9EC8E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FFF1CE12-316C-4EC7-97A3-53576741A565}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{928A137C-C481-4FAE-BFDF-DB7890807808}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [{6ED78DB0-068E-4463-9A77-0A52BD8687CA}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
==================== Restore Points =========================
Could not list restore points
Check "winmgmt" service or repair WMI.
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
System error 123 has occurred.
N�zov s�boru, n�zov adres�ra alebo syntax ozna�enia zv�zku nie s� spr�vne.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Percentage of memory in use: 42%
Total physical RAM: 8134.69 MB
Available physical RAM: 4694.76 MB
Total Virtual: 16267.59 MB
Available Virtual: 12115.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:3.58 GB) NTFS
Drive d: (Nový zväzok) (Fixed) (Total:931.51 GB) (Free:890.24 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 74F2D007)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DC6CB571)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Re: pro motji
Cítím ve Vašem pc něco špatného, ani mě to nepřekvapuje, když vidím torenty. Jak je to s legalitou vašeho systému?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: pro motji
original zakupeny s pc
Re: pro motji
Použijte combofix dle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
http://www.bleepingcomputer.com/combofi ... t-combofix
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: pro motji
Log by měl být zde
C:\ComboFix.txt.
C:\ComboFix.txt.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: pro motji
ComboFix 16-07-10.01 - Tomas . 07. 2016 11:55:02.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.8135.5675 [GMT 2:00]
Running from: c:\users\Tomas\Desktop\ComboFix.exe
AV: COMODO Antivirus *Enabled/Updated* {D0CC7563-ABD2-DEBE-138E-FDD553335AF2}
FW: COMODO Firewall *Enabled* {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}
SP: Comodo Defense+ *Enabled/Updated* {6BAD9487-8DE8-D130-293E-C6A728B4104F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Files Created from 2016-06-10 to 2016-07-10 )))))))))))))))))))))))))))))))
.
.
2016-07-10 09:59 . 2016-07-10 09:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-07-09 21:02 . 2016-07-09 21:24 -------- d-----w- C:\KVRT_Data
2016-07-09 18:08 . 2016-07-09 18:08 94144 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2016-07-09 18:08 . 2016-07-09 18:08 46016 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2016-07-09 18:08 . 2016-07-09 18:08 104384 ----a-w- c:\windows\system32\nvaudcap64v.dll
2016-07-08 10:44 . 2016-07-08 10:44 -------- d-----w- c:\users\Tomas\AppData\Roaming\FastStone
2016-07-08 10:44 . 2016-07-08 10:44 -------- d-----w- c:\users\Tomas\AppData\Local\FastStone
2016-07-05 17:40 . 2016-07-05 17:40 -------- d-----w- C:\2-click run
2016-07-03 11:11 . 2016-07-03 11:14 -------- d-----w- c:\users\Tomas\AppData\Roaming\siw_tmp
2016-07-03 11:11 . 2016-07-03 11:11 -------- d-----w- c:\users\Tomas\AppData\Local\CrashRpt
2016-07-01 19:37 . 2016-06-30 16:12 1799104 ----a-w- c:\windows\system32\nvspcap64.dll
2016-07-01 19:37 . 2016-06-30 16:12 1755072 ----a-w- c:\windows\system32\nvspbridge64.dll
2016-07-01 19:37 . 2016-06-30 16:12 1403328 ----a-w- c:\windows\SysWow64\nvspcap.dll
2016-07-01 19:37 . 2016-06-30 16:12 1317312 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2016-07-01 19:37 . 2016-06-30 16:12 120256 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2016-06-30 14:19 . 2016-06-30 14:19 -------- d-----w- c:\users\Tomas\AppData\Local\Steam
2016-06-30 14:08 . 2016-07-02 09:58 -------- d-----w- c:\program files (x86)\Common Files\Steam
2016-06-30 13:48 . 2016-06-30 13:48 -------- d-----w- c:\program files (x86)\Futuremark
2016-06-30 13:47 . 2016-06-30 13:47 -------- d-----w- c:\users\Tomas\AppData\Local\Futuremark
2016-06-23 11:37 . 2016-06-23 11:53 -------- d-----w- c:\users\Tomas\Heaven
2016-06-23 11:35 . 2016-06-23 11:35 -------- d-----w- c:\program files (x86)\Unigine
2016-06-21 18:59 . 2016-06-21 19:15 -------- d-----w- c:\users\Tomas\AppData\Roaming\NVIDIA
2016-06-21 18:22 . 2016-06-03 07:38 985144 ----a-w- c:\windows\system32\NvFBC64.dll
2016-06-18 16:31 . 2016-07-09 09:43 -------- d-----w- c:\users\Tomas\AppData\Local\Ethash
2016-06-18 16:07 . 2016-06-18 16:17 -------- d-----w- c:\program files (x86)\The Witcher 3 Wild Hunt Blood and Wine
2016-06-16 18:34 . 2016-06-16 18:34 -------- d-----w- c:\users\Tomas\AppData\Roaming\Verimatrix
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-07-10 09:44 . 2011-09-20 04:25 46152 ----a-w- c:\windows\SysWow64\drivers\ASUSFILTER.sys
2016-07-10 09:19 . 2012-01-16 18:24 55296 ----a-w- c:\windows\SysWow64\ASGT.exe
2016-07-09 17:55 . 2015-10-19 16:43 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-06-17 09:37 . 2015-09-23 13:17 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-06-17 09:37 . 2015-09-23 13:17 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-06-15 06:12 . 2015-08-04 23:31 116248 ----a-w- c:\windows\system32\drivers\inspect.sys
2016-06-15 06:12 . 2015-08-04 23:31 56472 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2016-06-15 06:12 . 2015-11-18 16:14 829600 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2016-06-15 06:12 . 2015-11-18 16:14 31648 ----a-w- c:\windows\system32\drivers\cmderd.sys
2016-06-15 06:08 . 2015-08-04 23:29 51800 ----a-w- c:\windows\system32\cmdcsr.dll
2016-06-15 06:08 . 2015-09-03 10:52 626288 ----a-w- c:\windows\SysWow64\guard32.dll
2016-06-15 06:08 . 2015-09-03 10:52 793104 ----a-w- c:\windows\system32\guard64.dll
2016-06-15 06:04 . 2015-08-04 23:28 365752 ----a-w- c:\windows\system32\cmdvrt64.dll
2016-06-15 06:02 . 2015-08-04 23:28 51896 ----a-w- c:\windows\system32\cmdkbd64.dll
2016-06-15 05:58 . 2015-08-04 23:27 296120 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2016-06-15 05:56 . 2015-08-04 23:26 46776 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2016-06-01 19:08 . 2015-09-22 08:58 97344 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-05-17 53123712]
"GPU Tweak Main"="c:\program files (x86)\ASUS\GPU Tweak\GPUTweak.exe" [2016-07-10 3431672]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-09-16 8461224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"InstalledTime"="7-10-2016" [X]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-08-25 293872]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-06-01 595992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64;c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 cpuz138;cpuz138;c:\users\Tomas\AppData\Local\Temp\cpuz138\cpuz138_x64.sys;c:\users\Tomas\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.20);c:\windows\system32\DRIVERS\RtTeam620.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam620.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\NZXT\CAM\CAM_Client_V2.sys;c:\program files (x86)\NZXT\CAM\CAM_Client_V2.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$ASUSHOMECLOUD;SQL Server Agent (ASUSHOMECLOUD);c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\SQLAGENT.EXE [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSSQL$ASUSHOMECLOUD;SQL Server (ASUSHOMECLOUD);c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 cmudaxp;ASUS Xonar Essence ST Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
S3 LVUVC64;QuickCam Communicate Deluxe(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2016-07-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-23 09:37]
.
2016-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-10-19 11:07]
.
2016-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-10-19 11:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7191}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191}]
2013-06-26 03:26 1479168 ----a-w- c:\program files (x86)\Common Files\AWS\2.0.1.213\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D809}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D809}]
2013-06-26 03:26 1479168 ----a-w- c:\program files (x86)\Common Files\AWS\2.0.1.213\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E}]
2013-06-26 03:26 1479168 ----a-w- c:\program files (x86)\Common Files\AWS\2.0.1.213\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-09-29 7640944]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-05-28 36352]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2016-07-03 1610936]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2015-12-28 8048640]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2015-12-28 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2015-12-28 282112]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-06-30 1799104]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\lnagqaf9.default-1453036539048\
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Completion time: 2016-07-10 12:01:51
ComboFix-quarantined-files.txt 2016-07-10 10:01
.
Pre-Run: 5 406 593 024 bytes free
Post-Run: 5 251 276 800 bytes free
.
- - End Of File - - C582D7083ED28EAFE69F4D067724AFD7
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.8135.5675 [GMT 2:00]
Running from: c:\users\Tomas\Desktop\ComboFix.exe
AV: COMODO Antivirus *Enabled/Updated* {D0CC7563-ABD2-DEBE-138E-FDD553335AF2}
FW: COMODO Firewall *Enabled* {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}
SP: Comodo Defense+ *Enabled/Updated* {6BAD9487-8DE8-D130-293E-C6A728B4104F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Files Created from 2016-06-10 to 2016-07-10 )))))))))))))))))))))))))))))))
.
.
2016-07-10 09:59 . 2016-07-10 09:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-07-09 21:02 . 2016-07-09 21:24 -------- d-----w- C:\KVRT_Data
2016-07-09 18:08 . 2016-07-09 18:08 94144 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2016-07-09 18:08 . 2016-07-09 18:08 46016 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2016-07-09 18:08 . 2016-07-09 18:08 104384 ----a-w- c:\windows\system32\nvaudcap64v.dll
2016-07-08 10:44 . 2016-07-08 10:44 -------- d-----w- c:\users\Tomas\AppData\Roaming\FastStone
2016-07-08 10:44 . 2016-07-08 10:44 -------- d-----w- c:\users\Tomas\AppData\Local\FastStone
2016-07-05 17:40 . 2016-07-05 17:40 -------- d-----w- C:\2-click run
2016-07-03 11:11 . 2016-07-03 11:14 -------- d-----w- c:\users\Tomas\AppData\Roaming\siw_tmp
2016-07-03 11:11 . 2016-07-03 11:11 -------- d-----w- c:\users\Tomas\AppData\Local\CrashRpt
2016-07-01 19:37 . 2016-06-30 16:12 1799104 ----a-w- c:\windows\system32\nvspcap64.dll
2016-07-01 19:37 . 2016-06-30 16:12 1755072 ----a-w- c:\windows\system32\nvspbridge64.dll
2016-07-01 19:37 . 2016-06-30 16:12 1403328 ----a-w- c:\windows\SysWow64\nvspcap.dll
2016-07-01 19:37 . 2016-06-30 16:12 1317312 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2016-07-01 19:37 . 2016-06-30 16:12 120256 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2016-06-30 14:19 . 2016-06-30 14:19 -------- d-----w- c:\users\Tomas\AppData\Local\Steam
2016-06-30 14:08 . 2016-07-02 09:58 -------- d-----w- c:\program files (x86)\Common Files\Steam
2016-06-30 13:48 . 2016-06-30 13:48 -------- d-----w- c:\program files (x86)\Futuremark
2016-06-30 13:47 . 2016-06-30 13:47 -------- d-----w- c:\users\Tomas\AppData\Local\Futuremark
2016-06-23 11:37 . 2016-06-23 11:53 -------- d-----w- c:\users\Tomas\Heaven
2016-06-23 11:35 . 2016-06-23 11:35 -------- d-----w- c:\program files (x86)\Unigine
2016-06-21 18:59 . 2016-06-21 19:15 -------- d-----w- c:\users\Tomas\AppData\Roaming\NVIDIA
2016-06-21 18:22 . 2016-06-03 07:38 985144 ----a-w- c:\windows\system32\NvFBC64.dll
2016-06-18 16:31 . 2016-07-09 09:43 -------- d-----w- c:\users\Tomas\AppData\Local\Ethash
2016-06-18 16:07 . 2016-06-18 16:17 -------- d-----w- c:\program files (x86)\The Witcher 3 Wild Hunt Blood and Wine
2016-06-16 18:34 . 2016-06-16 18:34 -------- d-----w- c:\users\Tomas\AppData\Roaming\Verimatrix
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-07-10 09:44 . 2011-09-20 04:25 46152 ----a-w- c:\windows\SysWow64\drivers\ASUSFILTER.sys
2016-07-10 09:19 . 2012-01-16 18:24 55296 ----a-w- c:\windows\SysWow64\ASGT.exe
2016-07-09 17:55 . 2015-10-19 16:43 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-06-17 09:37 . 2015-09-23 13:17 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-06-17 09:37 . 2015-09-23 13:17 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-06-15 06:12 . 2015-08-04 23:31 116248 ----a-w- c:\windows\system32\drivers\inspect.sys
2016-06-15 06:12 . 2015-08-04 23:31 56472 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2016-06-15 06:12 . 2015-11-18 16:14 829600 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2016-06-15 06:12 . 2015-11-18 16:14 31648 ----a-w- c:\windows\system32\drivers\cmderd.sys
2016-06-15 06:08 . 2015-08-04 23:29 51800 ----a-w- c:\windows\system32\cmdcsr.dll
2016-06-15 06:08 . 2015-09-03 10:52 626288 ----a-w- c:\windows\SysWow64\guard32.dll
2016-06-15 06:08 . 2015-09-03 10:52 793104 ----a-w- c:\windows\system32\guard64.dll
2016-06-15 06:04 . 2015-08-04 23:28 365752 ----a-w- c:\windows\system32\cmdvrt64.dll
2016-06-15 06:02 . 2015-08-04 23:28 51896 ----a-w- c:\windows\system32\cmdkbd64.dll
2016-06-15 05:58 . 2015-08-04 23:27 296120 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2016-06-15 05:56 . 2015-08-04 23:26 46776 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2016-06-01 19:08 . 2015-09-22 08:58 97344 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-05-17 53123712]
"GPU Tweak Main"="c:\program files (x86)\ASUS\GPU Tweak\GPUTweak.exe" [2016-07-10 3431672]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-09-16 8461224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"InstalledTime"="7-10-2016" [X]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-08-25 293872]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-06-01 595992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64;c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 cpuz138;cpuz138;c:\users\Tomas\AppData\Local\Temp\cpuz138\cpuz138_x64.sys;c:\users\Tomas\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.20);c:\windows\system32\DRIVERS\RtTeam620.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam620.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\NZXT\CAM\CAM_Client_V2.sys;c:\program files (x86)\NZXT\CAM\CAM_Client_V2.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$ASUSHOMECLOUD;SQL Server Agent (ASUSHOMECLOUD);c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\SQLAGENT.EXE [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSSQL$ASUSHOMECLOUD;SQL Server (ASUSHOMECLOUD);c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 cmudaxp;ASUS Xonar Essence ST Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
S3 LVUVC64;QuickCam Communicate Deluxe(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2016-07-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-23 09:37]
.
2016-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-10-19 11:07]
.
2016-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-10-19 11:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7191}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191}]
2013-06-26 03:26 1479168 ----a-w- c:\program files (x86)\Common Files\AWS\2.0.1.213\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D809}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D809}]
2013-06-26 03:26 1479168 ----a-w- c:\program files (x86)\Common Files\AWS\2.0.1.213\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E}]
2013-06-26 03:26 1479168 ----a-w- c:\program files (x86)\Common Files\AWS\2.0.1.213\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-09-29 7640944]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-05-28 36352]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2016-07-03 1610936]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2015-12-28 8048640]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2015-12-28 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2015-12-28 282112]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-06-30 1799104]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\lnagqaf9.default-1453036539048\
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Completion time: 2016-07-10 12:01:51
ComboFix-quarantined-files.txt 2016-07-10 10:01
.
Pre-Run: 5 406 593 024 bytes free
Post-Run: 5 251 276 800 bytes free
.
- - End Of File - - C582D7083ED28EAFE69F4D067724AFD7
A36C5E4F47E84449FF07ED3517B43A31
Re: pro motji
Poprosím o nový log z frstu.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: pro motji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-07-2016
Ran by Tomas (administrator) on TOMAS-PC (10-07-2016 15:30:19)
Running from C:\Users\Tomas\Desktop
Loaded Profiles: Tomas (Available Profiles: Tomas)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
() C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Windows\SysWOW64\HsMgr.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Windows\system\HsMgr64.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CMedia) C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7640944 2014-09-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-07-03] (COMODO)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2015-12-28] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2015-12-28] ()
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-06-01] (Oracle Corporation)
HKLM-x32\...\Run: [InstalledTime] => 7-10-2016
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Run: [GPU Tweak Main] => C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe [3431672 2016-07-10] (ASUS)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Policies\Explorer: []
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CBCDDB50-3195-4042-B7D5-109D87E1F755}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-01] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3061203490-3799476124-1463932836-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FireFox:
========
FF ProfilePath: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\lnagqaf9.default-1453036539048
FF NetworkProxy: "http", "85.207.69.6"
FF NetworkProxy: "http_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2016-04-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3061203490-3799476124-1463932836-1000: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Extension: New Tab Override (browser.newtab.url replacement) - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\lnagqaf9.default-1453036539048\Extensions\newtaboverride@agenedia.com.xpi [2016-06-29]
FF Extension: Adblock Plus - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\lnagqaf9.default-1453036539048\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Extension: YouTube Flash Video Player - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\lnagqaf9.default-1453036539048\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2016-06-17]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFAddon => not found
FF HKLM-x32\...\Firefox\Extensions: [{40211632-250D-4B8C-B04E-DA45BAE6DF8C}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn => not found
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFAddon => not found
FF HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Profile: C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-19]
CHR Extension: (Dokumenty Google) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-20]
CHR Extension: (Disk Google) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (YouTube) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20]
CHR Extension: (Adblock Plus) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-09]
CHR Extension: (Google Search) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-03-22]
CHR Extension: (Tabuľky Google) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Norton Safe) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-04-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-12]
CHR Extension: (Gmail) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-20]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-04-25] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-01-22] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-08-04] (ASUSTeK Computer Inc.) [File not signed]
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817712 2016-07-03] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-07-03] (COMODO)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-05-24] (Futuremark)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
R2 MSSQL$ASUSHOMECLOUD; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe [43129288 2012-06-29] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [449472 2016-07-09] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [449472 2016-07-09] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-07-09] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-18] (Electronic Arts)
S4 SQLAgent$ASUSHOMECLOUD; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\SQLAGENT.EXE [379848 2012-06-29] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2016-07-10] (MCCI Corporation)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-06-15] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [829600 2016-06-15] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56472 2016-06-15] (COMODO)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2735616 2015-12-28] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-09-22] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-06-15] (COMODO)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-08-04] (ASUSTeK Computer Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-07-09] (NVIDIA Corporation)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
S3 AIDA64Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz138; \??\C:\Users\Tomas\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\NZXT\CAM\CAM_Client_V2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-10 15:30 - 2016-07-10 15:30 - 00020519 _____ C:\Users\Tomas\Desktop\FRST.txt
2016-07-10 12:01 - 2016-07-10 12:01 - 00020976 _____ C:\ComboFix.txt
2016-07-10 11:54 - 2016-07-10 11:51 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-07-10 11:54 - 2016-07-10 11:51 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-07-10 11:54 - 2016-07-10 11:51 - 00256000 _____ C:\Windows\PEV.exe
2016-07-10 11:54 - 2016-07-10 11:51 - 00208896 _____ C:\Windows\MBR.exe
2016-07-10 11:54 - 2016-07-10 11:51 - 00098816 _____ C:\Windows\sed.exe
2016-07-10 11:54 - 2016-07-10 11:51 - 00080412 _____ C:\Windows\grep.exe
2016-07-10 11:54 - 2016-07-10 11:51 - 00068096 _____ C:\Windows\zip.exe
2016-07-10 11:54 - 2016-07-10 11:51 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-07-10 11:52 - 2016-07-10 12:01 - 00000000 ____D C:\Qoobox
2016-07-10 11:51 - 2016-07-10 12:00 - 00000000 ____D C:\Windows\erdnt
2016-07-10 11:27 - 2016-07-10 11:44 - 225979944 _____ C:\Users\Tomas\Downloads\AISuiteIII_Win7-8-81-10_Z97-series_V10102.zip
2016-07-10 11:19 - 2016-07-10 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-07-10 11:19 - 2016-07-10 11:19 - 00001043 _____ C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
2016-07-10 11:19 - 2016-07-10 11:19 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS
2016-07-10 11:16 - 2016-07-10 11:19 - 30922632 _____ C:\Users\Tomas\Downloads\GPUTweak_2_8_3_0.zip
2016-07-09 23:29 - 2016-07-09 23:29 - 00003200 _____ C:\Windows\System32\Tasks\{E86F11EB-2B87-488E-9906-DDCC3F83BDFE}
2016-07-09 23:02 - 2016-07-09 23:24 - 00000000 ____D C:\KVRT_Data
2016-07-09 22:54 - 2016-07-09 23:02 - 99798872 _____ (Kaspersky Lab ZAO) C:\Users\Tomas\Downloads\KVRT.exe
2016-07-09 21:38 - 2016-07-10 11:50 - 05659622 ____R (Swearware) C:\Users\Tomas\Desktop\ComboFix.exe
2016-07-09 20:31 - 2016-07-09 20:31 - 02390016 _____ (Farbar) C:\Users\Tomas\Desktop\FRST64.exe
2016-07-09 20:08 - 2016-07-09 20:08 - 00104384 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-07-09 20:08 - 2016-07-09 20:08 - 00094144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-07-09 20:08 - 2016-07-09 20:08 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-07-09 19:26 - 2016-07-09 19:26 - 03712064 _____ C:\Users\Tomas\Downloads\adwcleaner_5.201.exe
2016-07-08 12:48 - 2016-07-08 12:48 - 00003584 _____ C:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-08 12:48 - 2016-07-08 12:47 - 04932764 _____ C:\Users\Tomas\Desktop\Video_2016-07-08_124758.wmv
2016-07-08 12:44 - 2016-07-08 12:44 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\FastStone
2016-07-08 12:44 - 2016-07-08 12:44 - 00000000 ____D C:\Users\Tomas\AppData\Local\FastStone
2016-07-08 12:42 - 2016-07-08 12:42 - 09880924 _____ C:\Users\Tomas\Downloads\faststone-capture_7.3Shareware.exe
2016-07-08 12:39 - 2016-07-08 12:40 - 06770043 _____ ( ) C:\Users\Tomas\Downloads\screenrecorderfree.exe
2016-07-08 12:22 - 2016-07-08 12:23 - 10353883 _____ C:\Users\Tomas\Downloads\camstudio_2.6beta.exe
2016-07-08 11:51 - 2016-07-08 11:51 - 02915464 _____ (NTWind Software) C:\Users\Tomas\Downloads\WinSnap_4.5.3-setup.exe
2016-07-05 19:40 - 2016-07-05 19:40 - 00000000 ____D C:\2-click run
2016-07-04 11:36 - 2016-07-05 18:14 - 00000000 ____D C:\Users\Tomas\Downloads\Rocket League v1.17 (6 DLC)(2-click run)
2016-07-03 18:37 - 2016-07-03 18:37 - 01181560 _____ (EnTech Taiwan ) C:\Users\Tomas\Downloads\ddmsetup1800.exe
2016-07-03 13:11 - 2016-07-03 13:14 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\siw_tmp
2016-07-03 13:11 - 2016-07-03 13:11 - 00000000 ____D C:\Users\Tomas\AppData\Local\CrashRpt
2016-07-03 13:10 - 2016-07-03 13:14 - 00000000 ____D C:\Users\Tomas\Downloads\siw_tech
2016-07-03 13:09 - 2016-07-03 13:10 - 05885848 _____ C:\Users\Tomas\Downloads\siw_tech.zip
2016-07-01 21:37 - 2016-07-09 20:08 - 00003832 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-09 20:08 - 00003832 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-09 20:08 - 00003770 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-09 20:08 - 00003534 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-01 21:37 - 00003782 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-01 21:37 - 00001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-07-01 21:37 - 2016-06-30 18:12 - 01799104 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 01403328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-07-01 21:23 - 2016-07-01 21:32 - 65850568 _____ (NVIDIA Corporation) C:\Users\Tomas\Downloads\GeForce_Experience_Beta_v3.0.2.190.exe
2016-06-30 16:26 - 2016-07-03 14:53 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-30 16:19 - 2016-06-30 16:19 - 00000000 ____D C:\Users\Tomas\AppData\Local\Steam
2016-06-30 16:07 - 2016-06-30 16:07 - 01444992 _____ C:\Users\Tomas\Downloads\SteamSetup.exe
2016-06-30 15:48 - 2016-06-30 15:48 - 00000000 ____D C:\Program Files (x86)\Futuremark
2016-06-30 15:47 - 2016-06-30 15:53 - 00000000 ____D C:\Users\Tomas\Documents\3DMark 11
2016-06-30 15:47 - 2016-06-30 15:48 - 02949120 _____ C:\Users\Tomas\Downloads\Futuremark_SystemInfo_v446_installer.msi
2016-06-30 15:47 - 2016-06-30 15:47 - 00000000 ____D C:\Users\Tomas\AppData\Local\Futuremark
2016-06-30 14:15 - 2016-06-30 14:44 - 271860249 _____ C:\Users\Tomas\Downloads\3DMark11-v1-0-132.zip
2016-06-29 17:42 - 2016-06-29 17:42 - 00002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2016-06-29 17:42 - 2016-06-29 17:42 - 00000000 ____D C:\Users\Tomas\AppData\LocalLow\Google
2016-06-29 17:38 - 2016-06-29 17:38 - 00987728 _____ (Google Inc.) C:\Users\Tomas\Downloads\GoogleEarthProSetup.exe
2016-06-27 17:15 - 2016-06-27 17:17 - 00000000 ___HD C:\Users\Tomas\Desktop\.picasaoriginals
2016-06-23 13:37 - 2016-06-23 23:23 - 01065984 _____ C:\Users\Tomas\AppData\Local\file__0.localstorage
2016-06-23 13:37 - 2016-06-23 13:53 - 00000000 ____D C:\Users\Tomas\Heaven
2016-06-23 13:35 - 2016-06-23 13:35 - 00002121 _____ C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
2016-06-23 13:35 - 2016-06-23 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2016-06-23 13:35 - 2016-06-23 13:35 - 00000000 ____D C:\Program Files (x86)\Unigine
2016-06-23 13:25 - 2016-06-23 13:30 - 258728440 _____ (Unigine Corp. ) C:\Users\Tomas\Downloads\Unigine_Heaven-4.0.exe
2016-06-21 21:44 - 2016-06-21 21:45 - 04856780 _____ (Geeks3D.com ) C:\Users\Tomas\Downloads\FurMark_1.10.2_Setup.exe
2016-06-21 21:33 - 2016-06-21 21:36 - 16335712 _____ (FinalWire Ltd. ) C:\Users\Tomas\Downloads\aida64extreme570.exe
2016-06-21 20:59 - 2016-06-21 21:15 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\NVIDIA
2016-06-21 20:24 - 2016-07-10 13:25 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-21 20:24 - 2016-06-03 09:38 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-06-21 20:24 - 2016-06-03 09:38 - 00203320 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 06362560 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 02453952 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 01351104 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-06-21 20:24 - 2016-06-03 05:26 - 00534072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-06-21 20:24 - 2016-06-03 05:19 - 00113208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-06-21 20:24 - 2016-06-02 14:19 - 06452948 _____ C:\Windows\system32\nvcoproc.bin
2016-06-21 20:22 - 2016-06-03 09:38 - 39979576 _____ C:\Windows\system32\nvcompiler.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 35115456 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 31603768 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 25377848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 21802280 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 21346712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 19180152 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 18143912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 17738592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 17290416 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 16756888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 14346320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 13460536 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-06-21 20:22 - 2016-06-03 09:38 - 10643240 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 08733608 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 03825896 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 03512888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 03383472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 03065280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 01922616 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436839.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 01581624 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436839.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00985144 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00908736 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00769984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00707520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00669952 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00565392 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00502080 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00476664 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00422752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00394912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00178136 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00153416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00141256 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-06-21 20:22 - 2016-06-03 09:38 - 00131768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00039124 _____ C:\Windows\system32\nvinfo.pb
2016-06-21 20:22 - 2016-06-03 09:38 - 00000594 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-06-21 20:22 - 2016-06-03 09:38 - 00000594 _____ C:\Windows\system32\nv-vk64.json
2016-06-20 15:10 - 2016-06-20 15:10 - 00002488 _____ C:\Users\Tomas\Downloads\setup registry file edit this.reg
2016-06-20 15:09 - 2016-06-20 15:09 - 00000546 _____ C:\Users\Tomas\Downloads\setup help read.txt
2016-06-20 10:08 - 2016-06-20 12:11 - 00000000 ____D C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Patch.1.22-GOG
2016-06-20 10:07 - 2016-06-20 10:07 - 00028569 _____ C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Patch.v1.22-GOG.torrent
2016-06-18 18:31 - 2016-07-09 11:43 - 00000000 ____D C:\Users\Tomas\AppData\Local\Ethash
2016-06-18 18:17 - 2016-06-18 18:17 - 00001401 _____ C:\Users\Tomas\Desktop\The Witcher 3 Wild Hunt Blood and Wine.lnk
2016-06-18 18:17 - 2016-06-18 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 Wild Hunt Blood and Wine
2016-06-18 18:07 - 2016-06-18 18:17 - 00000000 ____D C:\Program Files (x86)\The Witcher 3 Wild Hunt Blood and Wine
2016-06-18 17:56 - 2016-06-18 18:18 - 00000000 ____D C:\Users\Tomas\Documents\FLiNGTrainer
2016-06-18 17:55 - 2016-06-18 17:55 - 00000000 ____D C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG
2016-06-18 17:51 - 2016-06-18 17:52 - 00729141 _____ C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG.rar
2016-06-18 15:20 - 2016-06-18 15:42 - 00000000 ____D C:\Users\Tomas\Downloads\Crash.Bandicoot.3.&.Tekken.3+PS1.Emulator-FrosCh
2016-06-16 20:34 - 2016-06-16 20:34 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Verimatrix
2016-06-16 20:30 - 2016-06-16 20:31 - 21124608 _____ C:\Users\Tomas\Downloads\ViewRightWebInstaller(1).msi
2016-06-16 12:31 - 2016-06-16 12:31 - 04182046 _____ C:\Users\Tomas\Downloads\zoznam_dlznikov_20_05_2016_csv.zip
2016-06-13 13:40 - 2016-06-13 13:40 - 00000000 ____D C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk
2016-06-13 13:31 - 2016-06-13 13:33 - 20621617 _____ C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk.cbr
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-10 15:30 - 2016-01-20 19:05 - 00000000 ____D C:\FRST
2016-07-10 15:24 - 2015-09-23 12:59 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Skype
2016-07-10 15:23 - 2015-11-22 22:12 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2016-07-10 14:35 - 2015-10-19 13:07 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-10 14:35 - 2015-09-23 15:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-10 13:35 - 2015-10-19 13:07 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-10 13:33 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-10 13:33 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-10 13:29 - 2009-07-14 07:13 - 00007028 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-10 13:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-10 13:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-10 13:23 - 2015-09-23 23:10 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2016-07-10 11:59 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-07-10 11:57 - 2015-10-30 18:43 - 00000000 ____D C:\ProgramData\TEMP
2016-07-10 11:54 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2016-07-10 11:47 - 2015-09-22 11:00 - 00000000 ____D C:\ProgramData\ASUS
2016-07-10 11:46 - 2015-09-22 10:55 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2016-07-10 11:46 - 2015-09-22 10:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-10 11:45 - 2015-09-22 10:53 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-07-10 11:44 - 2011-09-20 06:25 - 00046152 _____ (MCCI Corporation) C:\Windows\SysWOW64\Drivers\ASUSFILTER.sys
2016-07-10 11:19 - 2015-09-22 11:15 - 00000000 ____D C:\Windows\Downloaded Installations
2016-07-10 11:19 - 2012-01-16 20:24 - 00055296 _____ C:\Windows\SysWOW64\ASGT.exe
2016-07-09 21:59 - 2015-11-23 16:28 - 00470560 _____ C:\Windows\system32\Drivers\fvstore.dat
2016-07-09 20:05 - 2015-09-27 18:36 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\uTorrent
2016-07-09 19:55 - 2015-10-19 18:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-09 19:32 - 2015-10-07 10:22 - 00000000 ____D C:\AdwCleaner
2016-07-09 11:11 - 2016-05-18 15:25 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Seznam.cz
2016-07-08 12:37 - 2015-09-23 18:36 - 00000000 ____D C:\Users\Tomas\AppData\Local\CrashDumps
2016-07-08 11:47 - 2015-12-15 18:18 - 00000000 ____D C:\Program Files\Recuva
2016-07-06 21:11 - 2015-09-24 17:25 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\foobar2000
2016-07-05 19:42 - 2016-02-10 16:26 - 00000000 ____D C:\Users\Tomas\Documents\My Games
2016-07-04 20:37 - 2015-09-22 11:03 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\DAEMON Tools Pro
2016-07-03 13:43 - 2015-11-22 22:12 - 00024802 _____ C:\Windows\system32\perfh041.dat
2016-07-03 13:43 - 2015-11-22 22:12 - 00016098 _____ C:\Windows\system32\perfc041.dat
2016-07-03 13:43 - 2015-11-22 22:12 - 00001985 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2016-07-03 12:56 - 2015-10-26 17:22 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-07-02 11:57 - 2015-09-22 11:14 - 00000000 ____D C:\Users\Tomas\AppData\Local\NVIDIA Corporation
2016-07-01 21:37 - 2015-09-22 11:14 - 00000000 ____D C:\Users\Tomas\AppData\Local\NVIDIA
2016-07-01 21:37 - 2015-09-22 11:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-01 21:37 - 2015-09-22 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-07-01 21:37 - 2015-09-22 11:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-01 21:37 - 2015-09-22 11:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-30 16:25 - 2015-09-22 11:24 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-30 15:53 - 2015-09-22 12:13 - 00000022 _____ C:\Windows\GPU-Z.INI
2016-06-29 17:42 - 2015-09-22 11:09 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-28 19:29 - 2015-09-23 15:16 - 00000000 ____D C:\Users\Tomas\AppData\Local\Adobe
2016-06-23 13:37 - 2015-09-22 10:51 - 00000000 ____D C:\Users\Tomas
2016-06-23 13:24 - 2015-10-26 19:58 - 00000000 ____D C:\Users\Tomas\Documents\The Witcher 3
2016-06-21 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2016-06-18 23:21 - 2015-10-06 16:13 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Origin
2016-06-18 23:21 - 2015-10-06 15:56 - 00000000 ____D C:\ProgramData\Origin
2016-06-18 23:18 - 2015-10-06 15:56 - 00000000 ____D C:\Program Files (x86)\Origin
2016-06-18 18:07 - 2015-09-22 11:38 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Intel Corporation
2016-06-18 12:39 - 2015-10-19 13:26 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 11:37 - 2015-09-23 15:17 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 11:37 - 2015-09-23 15:17 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-17 11:37 - 2015-09-23 15:17 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-16 20:32 - 2015-09-23 14:54 - 00000000 ____D C:\Program Files (x86)\Verimatrix
2016-06-15 08:12 - 2015-11-18 18:14 - 00829600 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2016-06-15 08:12 - 2015-11-18 18:14 - 00031648 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2016-06-15 08:12 - 2015-08-05 01:31 - 00116248 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2016-06-15 08:12 - 2015-08-05 01:31 - 00056472 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2016-06-15 08:08 - 2015-09-03 12:52 - 00793104 _____ (COMODO) C:\Windows\system32\guard64.dll
2016-06-15 08:08 - 2015-09-03 12:52 - 00626288 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2016-06-15 08:08 - 2015-08-05 01:29 - 00051800 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2016-06-15 08:04 - 2015-08-05 01:28 - 00365752 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2016-06-15 08:02 - 2015-08-05 01:28 - 00051896 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2016-06-15 07:58 - 2015-08-05 01:27 - 00296120 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2016-06-15 07:56 - 2015-08-05 01:26 - 00046776 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll
2016-06-14 20:46 - 2015-09-27 22:40 - 00000000 ____D C:\Users\Tomas\AppData\Local\ElevatedDiagnostics
2016-06-13 11:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-13 11:22 - 2009-07-14 07:08 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-12 12:17 - 2015-12-14 12:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-12 12:17 - 2015-09-23 12:59 - 00000000 ____D C:\ProgramData\Skype
==================== Files in the root of some directories =======
2015-09-26 22:23 - 2015-09-30 12:41 - 0000098 _____ () C:\Users\Tomas\AppData\Roaming\LauncherSettings_live.cfg
2015-09-26 15:11 - 2015-09-29 14:40 - 0000040 _____ () C:\Users\Tomas\AppData\Roaming\TheHunterSettings_live.cfg
2016-07-08 12:48 - 2016-07-08 12:48 - 0003584 _____ () C:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-23 13:37 - 2016-06-23 23:23 - 1065984 _____ () C:\Users\Tomas\AppData\Local\file__0.localstorage
2016-05-18 15:26 - 2016-05-18 15:26 - 0001064 _____ () C:\Users\Tomas\AppData\Local\recently-used.xbel
2015-09-30 15:42 - 2015-09-30 15:42 - 0007605 _____ () C:\Users\Tomas\AppData\Local\Resmon.ResmonCfg
2016-01-07 16:20 - 2016-01-07 16:20 - 0000003 _____ () C:\Users\Tomas\AppData\Local\updater.log
2016-01-07 16:20 - 2016-01-07 16:20 - 0000424 _____ () C:\Users\Tomas\AppData\Local\UserProducts.xml
2015-09-23 11:29 - 2015-09-23 11:29 - 0000000 _____ () C:\Users\Tomas\AppData\Local\{C7164F54-A819-4C1D-8F9A-A76D551A1A9A}
2015-09-23 12:37 - 2015-09-23 12:37 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-09-22 11:27 - 2015-09-22 11:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-27 17:13 - 2015-09-27 17:13 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-07 20:39
==================== End of FRST.txt ============================
Ran by Tomas (administrator) on TOMAS-PC (10-07-2016 15:30:19)
Running from C:\Users\Tomas\Desktop
Loaded Profiles: Tomas (Available Profiles: Tomas)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
() C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Windows\SysWOW64\HsMgr.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Windows\system\HsMgr64.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CMedia) C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7640944 2014-09-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-07-03] (COMODO)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2015-12-28] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2015-12-28] ()
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-06-01] (Oracle Corporation)
HKLM-x32\...\Run: [InstalledTime] => 7-10-2016
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Run: [GPU Tweak Main] => C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe [3431672 2016-07-10] (ASUS)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Policies\Explorer: []
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.1.213\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CBCDDB50-3195-4042-B7D5-109D87E1F755}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-01] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3061203490-3799476124-1463932836-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FireFox:
========
FF ProfilePath: C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\lnagqaf9.default-1453036539048
FF NetworkProxy: "http", "85.207.69.6"
FF NetworkProxy: "http_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2016-04-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3061203490-3799476124-1463932836-1000: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2012-12-19] (Verimatrix, Inc.)
FF Extension: New Tab Override (browser.newtab.url replacement) - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\lnagqaf9.default-1453036539048\Extensions\newtaboverride@agenedia.com.xpi [2016-06-29]
FF Extension: Adblock Plus - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\lnagqaf9.default-1453036539048\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Extension: YouTube Flash Video Player - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\lnagqaf9.default-1453036539048\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2016-06-17]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFAddon => not found
FF HKLM-x32\...\Firefox\Extensions: [{40211632-250D-4B8C-B04E-DA45BAE6DF8C}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn => not found
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFAddon => not found
FF HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Profile: C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-19]
CHR Extension: (Dokumenty Google) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-20]
CHR Extension: (Disk Google) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (YouTube) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20]
CHR Extension: (Adblock Plus) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-09]
CHR Extension: (Google Search) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-03-22]
CHR Extension: (Tabuľky Google) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Norton Safe) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-04-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-12]
CHR Extension: (Gmail) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-20]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-04-25] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-01-22] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-08-04] (ASUSTeK Computer Inc.) [File not signed]
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817712 2016-07-03] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-07-03] (COMODO)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-05-24] (Futuremark)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
R2 MSSQL$ASUSHOMECLOUD; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe [43129288 2012-06-29] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [449472 2016-07-09] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [449472 2016-07-09] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-07-09] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-18] (Electronic Arts)
S4 SQLAgent$ASUSHOMECLOUD; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\SQLAGENT.EXE [379848 2012-06-29] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2016-07-10] (MCCI Corporation)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-06-15] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [829600 2016-06-15] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56472 2016-06-15] (COMODO)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2735616 2015-12-28] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-09-22] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-06-15] (COMODO)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-08-04] (ASUSTeK Computer Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-07-09] (NVIDIA Corporation)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
S3 AIDA64Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz138; \??\C:\Users\Tomas\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\NZXT\CAM\CAM_Client_V2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-10 15:30 - 2016-07-10 15:30 - 00020519 _____ C:\Users\Tomas\Desktop\FRST.txt
2016-07-10 12:01 - 2016-07-10 12:01 - 00020976 _____ C:\ComboFix.txt
2016-07-10 11:54 - 2016-07-10 11:51 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-07-10 11:54 - 2016-07-10 11:51 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-07-10 11:54 - 2016-07-10 11:51 - 00256000 _____ C:\Windows\PEV.exe
2016-07-10 11:54 - 2016-07-10 11:51 - 00208896 _____ C:\Windows\MBR.exe
2016-07-10 11:54 - 2016-07-10 11:51 - 00098816 _____ C:\Windows\sed.exe
2016-07-10 11:54 - 2016-07-10 11:51 - 00080412 _____ C:\Windows\grep.exe
2016-07-10 11:54 - 2016-07-10 11:51 - 00068096 _____ C:\Windows\zip.exe
2016-07-10 11:54 - 2016-07-10 11:51 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-07-10 11:52 - 2016-07-10 12:01 - 00000000 ____D C:\Qoobox
2016-07-10 11:51 - 2016-07-10 12:00 - 00000000 ____D C:\Windows\erdnt
2016-07-10 11:27 - 2016-07-10 11:44 - 225979944 _____ C:\Users\Tomas\Downloads\AISuiteIII_Win7-8-81-10_Z97-series_V10102.zip
2016-07-10 11:19 - 2016-07-10 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-07-10 11:19 - 2016-07-10 11:19 - 00001043 _____ C:\Users\Public\Desktop\ASUS GPU Tweak.lnk
2016-07-10 11:19 - 2016-07-10 11:19 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS
2016-07-10 11:16 - 2016-07-10 11:19 - 30922632 _____ C:\Users\Tomas\Downloads\GPUTweak_2_8_3_0.zip
2016-07-09 23:29 - 2016-07-09 23:29 - 00003200 _____ C:\Windows\System32\Tasks\{E86F11EB-2B87-488E-9906-DDCC3F83BDFE}
2016-07-09 23:02 - 2016-07-09 23:24 - 00000000 ____D C:\KVRT_Data
2016-07-09 22:54 - 2016-07-09 23:02 - 99798872 _____ (Kaspersky Lab ZAO) C:\Users\Tomas\Downloads\KVRT.exe
2016-07-09 21:38 - 2016-07-10 11:50 - 05659622 ____R (Swearware) C:\Users\Tomas\Desktop\ComboFix.exe
2016-07-09 20:31 - 2016-07-09 20:31 - 02390016 _____ (Farbar) C:\Users\Tomas\Desktop\FRST64.exe
2016-07-09 20:08 - 2016-07-09 20:08 - 00104384 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-07-09 20:08 - 2016-07-09 20:08 - 00094144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-07-09 20:08 - 2016-07-09 20:08 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-07-09 19:26 - 2016-07-09 19:26 - 03712064 _____ C:\Users\Tomas\Downloads\adwcleaner_5.201.exe
2016-07-08 12:48 - 2016-07-08 12:48 - 00003584 _____ C:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-08 12:48 - 2016-07-08 12:47 - 04932764 _____ C:\Users\Tomas\Desktop\Video_2016-07-08_124758.wmv
2016-07-08 12:44 - 2016-07-08 12:44 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\FastStone
2016-07-08 12:44 - 2016-07-08 12:44 - 00000000 ____D C:\Users\Tomas\AppData\Local\FastStone
2016-07-08 12:42 - 2016-07-08 12:42 - 09880924 _____ C:\Users\Tomas\Downloads\faststone-capture_7.3Shareware.exe
2016-07-08 12:39 - 2016-07-08 12:40 - 06770043 _____ ( ) C:\Users\Tomas\Downloads\screenrecorderfree.exe
2016-07-08 12:22 - 2016-07-08 12:23 - 10353883 _____ C:\Users\Tomas\Downloads\camstudio_2.6beta.exe
2016-07-08 11:51 - 2016-07-08 11:51 - 02915464 _____ (NTWind Software) C:\Users\Tomas\Downloads\WinSnap_4.5.3-setup.exe
2016-07-05 19:40 - 2016-07-05 19:40 - 00000000 ____D C:\2-click run
2016-07-04 11:36 - 2016-07-05 18:14 - 00000000 ____D C:\Users\Tomas\Downloads\Rocket League v1.17 (6 DLC)(2-click run)
2016-07-03 18:37 - 2016-07-03 18:37 - 01181560 _____ (EnTech Taiwan ) C:\Users\Tomas\Downloads\ddmsetup1800.exe
2016-07-03 13:11 - 2016-07-03 13:14 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\siw_tmp
2016-07-03 13:11 - 2016-07-03 13:11 - 00000000 ____D C:\Users\Tomas\AppData\Local\CrashRpt
2016-07-03 13:10 - 2016-07-03 13:14 - 00000000 ____D C:\Users\Tomas\Downloads\siw_tech
2016-07-03 13:09 - 2016-07-03 13:10 - 05885848 _____ C:\Users\Tomas\Downloads\siw_tech.zip
2016-07-01 21:37 - 2016-07-09 20:08 - 00003832 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-09 20:08 - 00003832 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-09 20:08 - 00003770 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-09 20:08 - 00003534 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-01 21:37 - 00003782 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-07-01 21:37 - 2016-07-01 21:37 - 00001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-07-01 21:37 - 2016-06-30 18:12 - 01799104 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 01403328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-07-01 21:23 - 2016-07-01 21:32 - 65850568 _____ (NVIDIA Corporation) C:\Users\Tomas\Downloads\GeForce_Experience_Beta_v3.0.2.190.exe
2016-06-30 16:26 - 2016-07-03 14:53 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-30 16:19 - 2016-06-30 16:19 - 00000000 ____D C:\Users\Tomas\AppData\Local\Steam
2016-06-30 16:07 - 2016-06-30 16:07 - 01444992 _____ C:\Users\Tomas\Downloads\SteamSetup.exe
2016-06-30 15:48 - 2016-06-30 15:48 - 00000000 ____D C:\Program Files (x86)\Futuremark
2016-06-30 15:47 - 2016-06-30 15:53 - 00000000 ____D C:\Users\Tomas\Documents\3DMark 11
2016-06-30 15:47 - 2016-06-30 15:48 - 02949120 _____ C:\Users\Tomas\Downloads\Futuremark_SystemInfo_v446_installer.msi
2016-06-30 15:47 - 2016-06-30 15:47 - 00000000 ____D C:\Users\Tomas\AppData\Local\Futuremark
2016-06-30 14:15 - 2016-06-30 14:44 - 271860249 _____ C:\Users\Tomas\Downloads\3DMark11-v1-0-132.zip
2016-06-29 17:42 - 2016-06-29 17:42 - 00002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2016-06-29 17:42 - 2016-06-29 17:42 - 00000000 ____D C:\Users\Tomas\AppData\LocalLow\Google
2016-06-29 17:38 - 2016-06-29 17:38 - 00987728 _____ (Google Inc.) C:\Users\Tomas\Downloads\GoogleEarthProSetup.exe
2016-06-27 17:15 - 2016-06-27 17:17 - 00000000 ___HD C:\Users\Tomas\Desktop\.picasaoriginals
2016-06-23 13:37 - 2016-06-23 23:23 - 01065984 _____ C:\Users\Tomas\AppData\Local\file__0.localstorage
2016-06-23 13:37 - 2016-06-23 13:53 - 00000000 ____D C:\Users\Tomas\Heaven
2016-06-23 13:35 - 2016-06-23 13:35 - 00002121 _____ C:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
2016-06-23 13:35 - 2016-06-23 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2016-06-23 13:35 - 2016-06-23 13:35 - 00000000 ____D C:\Program Files (x86)\Unigine
2016-06-23 13:25 - 2016-06-23 13:30 - 258728440 _____ (Unigine Corp. ) C:\Users\Tomas\Downloads\Unigine_Heaven-4.0.exe
2016-06-21 21:44 - 2016-06-21 21:45 - 04856780 _____ (Geeks3D.com ) C:\Users\Tomas\Downloads\FurMark_1.10.2_Setup.exe
2016-06-21 21:33 - 2016-06-21 21:36 - 16335712 _____ (FinalWire Ltd. ) C:\Users\Tomas\Downloads\aida64extreme570.exe
2016-06-21 20:59 - 2016-06-21 21:15 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\NVIDIA
2016-06-21 20:24 - 2016-07-10 13:25 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-21 20:24 - 2016-06-03 09:38 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-06-21 20:24 - 2016-06-03 09:38 - 00203320 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 06362560 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 02453952 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 01351104 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-06-21 20:24 - 2016-06-03 05:26 - 00534072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-06-21 20:24 - 2016-06-03 05:26 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-06-21 20:24 - 2016-06-03 05:19 - 00113208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-06-21 20:24 - 2016-06-02 14:19 - 06452948 _____ C:\Windows\system32\nvcoproc.bin
2016-06-21 20:22 - 2016-06-03 09:38 - 39979576 _____ C:\Windows\system32\nvcompiler.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 35115456 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 31603768 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 25377848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 21802280 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 21346712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 19180152 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 18143912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 17738592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 17290416 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 16756888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 14346320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 13460536 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-06-21 20:22 - 2016-06-03 09:38 - 10643240 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 08733608 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 03825896 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 03512888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 03383472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 03065280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 01922616 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436839.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 01581624 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436839.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00985144 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00908736 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00769984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00707520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00669952 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00565392 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00502080 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00476664 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00422752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00394912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00178136 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00153416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00141256 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-06-21 20:22 - 2016-06-03 09:38 - 00131768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-06-21 20:22 - 2016-06-03 09:38 - 00039124 _____ C:\Windows\system32\nvinfo.pb
2016-06-21 20:22 - 2016-06-03 09:38 - 00000594 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-06-21 20:22 - 2016-06-03 09:38 - 00000594 _____ C:\Windows\system32\nv-vk64.json
2016-06-20 15:10 - 2016-06-20 15:10 - 00002488 _____ C:\Users\Tomas\Downloads\setup registry file edit this.reg
2016-06-20 15:09 - 2016-06-20 15:09 - 00000546 _____ C:\Users\Tomas\Downloads\setup help read.txt
2016-06-20 10:08 - 2016-06-20 12:11 - 00000000 ____D C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Patch.1.22-GOG
2016-06-20 10:07 - 2016-06-20 10:07 - 00028569 _____ C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Patch.v1.22-GOG.torrent
2016-06-18 18:31 - 2016-07-09 11:43 - 00000000 ____D C:\Users\Tomas\AppData\Local\Ethash
2016-06-18 18:17 - 2016-06-18 18:17 - 00001401 _____ C:\Users\Tomas\Desktop\The Witcher 3 Wild Hunt Blood and Wine.lnk
2016-06-18 18:17 - 2016-06-18 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 Wild Hunt Blood and Wine
2016-06-18 18:07 - 2016-06-18 18:17 - 00000000 ____D C:\Program Files (x86)\The Witcher 3 Wild Hunt Blood and Wine
2016-06-18 17:56 - 2016-06-18 18:18 - 00000000 ____D C:\Users\Tomas\Documents\FLiNGTrainer
2016-06-18 17:55 - 2016-06-18 17:55 - 00000000 ____D C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG
2016-06-18 17:51 - 2016-06-18 17:52 - 00729141 _____ C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG.rar
2016-06-18 15:20 - 2016-06-18 15:42 - 00000000 ____D C:\Users\Tomas\Downloads\Crash.Bandicoot.3.&.Tekken.3+PS1.Emulator-FrosCh
2016-06-16 20:34 - 2016-06-16 20:34 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Verimatrix
2016-06-16 20:30 - 2016-06-16 20:31 - 21124608 _____ C:\Users\Tomas\Downloads\ViewRightWebInstaller(1).msi
2016-06-16 12:31 - 2016-06-16 12:31 - 04182046 _____ C:\Users\Tomas\Downloads\zoznam_dlznikov_20_05_2016_csv.zip
2016-06-13 13:40 - 2016-06-13 13:40 - 00000000 ____D C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk
2016-06-13 13:31 - 2016-06-13 13:33 - 20621617 _____ C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk.cbr
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-10 15:30 - 2016-01-20 19:05 - 00000000 ____D C:\FRST
2016-07-10 15:24 - 2015-09-23 12:59 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Skype
2016-07-10 15:23 - 2015-11-22 22:12 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2016-07-10 14:35 - 2015-10-19 13:07 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-10 14:35 - 2015-09-23 15:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-10 13:35 - 2015-10-19 13:07 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-10 13:33 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-10 13:33 - 2009-07-14 06:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-10 13:29 - 2009-07-14 07:13 - 00007028 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-10 13:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-10 13:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-10 13:23 - 2015-09-23 23:10 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2016-07-10 11:59 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-07-10 11:57 - 2015-10-30 18:43 - 00000000 ____D C:\ProgramData\TEMP
2016-07-10 11:54 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2016-07-10 11:47 - 2015-09-22 11:00 - 00000000 ____D C:\ProgramData\ASUS
2016-07-10 11:46 - 2015-09-22 10:55 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2016-07-10 11:46 - 2015-09-22 10:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-10 11:45 - 2015-09-22 10:53 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-07-10 11:44 - 2011-09-20 06:25 - 00046152 _____ (MCCI Corporation) C:\Windows\SysWOW64\Drivers\ASUSFILTER.sys
2016-07-10 11:19 - 2015-09-22 11:15 - 00000000 ____D C:\Windows\Downloaded Installations
2016-07-10 11:19 - 2012-01-16 20:24 - 00055296 _____ C:\Windows\SysWOW64\ASGT.exe
2016-07-09 21:59 - 2015-11-23 16:28 - 00470560 _____ C:\Windows\system32\Drivers\fvstore.dat
2016-07-09 20:05 - 2015-09-27 18:36 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\uTorrent
2016-07-09 19:55 - 2015-10-19 18:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-09 19:32 - 2015-10-07 10:22 - 00000000 ____D C:\AdwCleaner
2016-07-09 11:11 - 2016-05-18 15:25 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Seznam.cz
2016-07-08 12:37 - 2015-09-23 18:36 - 00000000 ____D C:\Users\Tomas\AppData\Local\CrashDumps
2016-07-08 11:47 - 2015-12-15 18:18 - 00000000 ____D C:\Program Files\Recuva
2016-07-06 21:11 - 2015-09-24 17:25 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\foobar2000
2016-07-05 19:42 - 2016-02-10 16:26 - 00000000 ____D C:\Users\Tomas\Documents\My Games
2016-07-04 20:37 - 2015-09-22 11:03 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\DAEMON Tools Pro
2016-07-03 13:43 - 2015-11-22 22:12 - 00024802 _____ C:\Windows\system32\perfh041.dat
2016-07-03 13:43 - 2015-11-22 22:12 - 00016098 _____ C:\Windows\system32\perfc041.dat
2016-07-03 13:43 - 2015-11-22 22:12 - 00001985 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2016-07-03 12:56 - 2015-10-26 17:22 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-07-02 11:57 - 2015-09-22 11:14 - 00000000 ____D C:\Users\Tomas\AppData\Local\NVIDIA Corporation
2016-07-01 21:37 - 2015-09-22 11:14 - 00000000 ____D C:\Users\Tomas\AppData\Local\NVIDIA
2016-07-01 21:37 - 2015-09-22 11:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-01 21:37 - 2015-09-22 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-07-01 21:37 - 2015-09-22 11:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-01 21:37 - 2015-09-22 11:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-30 16:25 - 2015-09-22 11:24 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-30 15:53 - 2015-09-22 12:13 - 00000022 _____ C:\Windows\GPU-Z.INI
2016-06-29 17:42 - 2015-09-22 11:09 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-28 19:29 - 2015-09-23 15:16 - 00000000 ____D C:\Users\Tomas\AppData\Local\Adobe
2016-06-23 13:37 - 2015-09-22 10:51 - 00000000 ____D C:\Users\Tomas
2016-06-23 13:24 - 2015-10-26 19:58 - 00000000 ____D C:\Users\Tomas\Documents\The Witcher 3
2016-06-21 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2016-06-18 23:21 - 2015-10-06 16:13 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Origin
2016-06-18 23:21 - 2015-10-06 15:56 - 00000000 ____D C:\ProgramData\Origin
2016-06-18 23:18 - 2015-10-06 15:56 - 00000000 ____D C:\Program Files (x86)\Origin
2016-06-18 18:07 - 2015-09-22 11:38 - 00000000 ____D C:\Users\Tomas\AppData\Roaming\Intel Corporation
2016-06-18 12:39 - 2015-10-19 13:26 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 11:37 - 2015-09-23 15:17 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 11:37 - 2015-09-23 15:17 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-17 11:37 - 2015-09-23 15:17 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-16 20:32 - 2015-09-23 14:54 - 00000000 ____D C:\Program Files (x86)\Verimatrix
2016-06-15 08:12 - 2015-11-18 18:14 - 00829600 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2016-06-15 08:12 - 2015-11-18 18:14 - 00031648 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2016-06-15 08:12 - 2015-08-05 01:31 - 00116248 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2016-06-15 08:12 - 2015-08-05 01:31 - 00056472 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2016-06-15 08:08 - 2015-09-03 12:52 - 00793104 _____ (COMODO) C:\Windows\system32\guard64.dll
2016-06-15 08:08 - 2015-09-03 12:52 - 00626288 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2016-06-15 08:08 - 2015-08-05 01:29 - 00051800 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2016-06-15 08:04 - 2015-08-05 01:28 - 00365752 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2016-06-15 08:02 - 2015-08-05 01:28 - 00051896 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2016-06-15 07:58 - 2015-08-05 01:27 - 00296120 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2016-06-15 07:56 - 2015-08-05 01:26 - 00046776 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll
2016-06-14 20:46 - 2015-09-27 22:40 - 00000000 ____D C:\Users\Tomas\AppData\Local\ElevatedDiagnostics
2016-06-13 11:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-13 11:22 - 2009-07-14 07:08 - 00032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-12 12:17 - 2015-12-14 12:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-12 12:17 - 2015-09-23 12:59 - 00000000 ____D C:\ProgramData\Skype
==================== Files in the root of some directories =======
2015-09-26 22:23 - 2015-09-30 12:41 - 0000098 _____ () C:\Users\Tomas\AppData\Roaming\LauncherSettings_live.cfg
2015-09-26 15:11 - 2015-09-29 14:40 - 0000040 _____ () C:\Users\Tomas\AppData\Roaming\TheHunterSettings_live.cfg
2016-07-08 12:48 - 2016-07-08 12:48 - 0003584 _____ () C:\Users\Tomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-23 13:37 - 2016-06-23 23:23 - 1065984 _____ () C:\Users\Tomas\AppData\Local\file__0.localstorage
2016-05-18 15:26 - 2016-05-18 15:26 - 0001064 _____ () C:\Users\Tomas\AppData\Local\recently-used.xbel
2015-09-30 15:42 - 2015-09-30 15:42 - 0007605 _____ () C:\Users\Tomas\AppData\Local\Resmon.ResmonCfg
2016-01-07 16:20 - 2016-01-07 16:20 - 0000003 _____ () C:\Users\Tomas\AppData\Local\updater.log
2016-01-07 16:20 - 2016-01-07 16:20 - 0000424 _____ () C:\Users\Tomas\AppData\Local\UserProducts.xml
2015-09-23 11:29 - 2015-09-23 11:29 - 0000000 _____ () C:\Users\Tomas\AppData\Local\{C7164F54-A819-4C1D-8F9A-A76D551A1A9A}
2015-09-23 12:37 - 2015-09-23 12:37 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-09-22 11:27 - 2015-09-22 11:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-27 17:13 - 2015-09-27 17:13 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-07 20:39
==================== End of FRST.txt ============================
Re: pro motji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2016
Ran by Tomas (2016-07-10 15:30:41)
Running from C:\Users\Tomas\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-09-22 08:51:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3061203490-3799476124-1463932836-500 - Administrator - Disabled)
Guest (S-1-5-21-3061203490-3799476124-1463932836-501 - Limited - Disabled)
Tomas (S-1-5-21-3061203490-3799476124-1463932836-1000 - Administrator - Enabled) => C:\Users\Tomas
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: COMODO Antivirus (Enabled - Up to date) {D0CC7563-ABD2-DEBE-138E-FDD553335AF2}
AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.02 - ASUSTeK Computer Inc.)
Aktualizácie NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.8.3.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.8.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS HomeCloud Launcher (HKLM-x32\...\4ff11ffb-5880-4338-90e0-1502e835b184) (Version: 1.01.04 - ASUSTeK Computer Inc.)
Autodesk BIM 360 Revit 2016 Add-in 64 bit (HKLM\...\{C5A83116-8654-47A3-A3B1-B76905C8A198}) (Version: 4.35.3969 - Autodesk)
Autodesk Workflows 2016 (HKLM\...\{535CDED0-D690-4738-83EE-09056A365BAC}) (Version: 6.3.0.18 - Autodesk, Inc.)
CAM (HKLM-x32\...\{B06820C7-D39B-4FBD-BB63-C1F53699A500}) (Version: 2.1.71 - NZXT)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
COMODO Internet Security Premium (HKLM\...\{04833277-EE61-4251-9273-0CF86C0FE710}) (Version: 8.2.0.4792 - COMODO Security Solutions Inc.)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0387 - Disc Soft Ltd)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Futuremark SystemInfo (HKLM-x32\...\{4DB65855-2E10-47A2-AC3B-F8F826840125}) (Version: 4.46.595.0 - Futuremark)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Deskjet 3520 series Basic Device Software (HKLM\...\{A0A03B53-927D-4454-A456-CB0A72A4912F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Help (HKLM-x32\...\{C13E1F46-84FE-4D3B-8581-0F2F624C7EEC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Product Improvement Study (HKLM\...\{14ABDFC2-491B-4AF0-8134-CC5596D0EF57}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Instant Eyedropper 1.8.5.1 (HKLM-x32\...\Instant Eyedropper_is1) (Version: - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Malwarebytes Anti-Malware verzia 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Streamer (HKLM-x32\...\{B457E718-00CA-45C8-9F75-45D66F8DAFF6}) (Version: 2.00.15 - ASUSTeK Computer Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{7419AE1A-D1A5-4B24-BD78-C7ABCC26016F}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 sk) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 sk)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
NVIDIA 3D Vision radič ovládača 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.2.190 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.2.190 - NVIDIA Corporation)
NVIDIA Grafický ovládač 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.2.191 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 368.39 (Version: 368.39 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version: - Kakao Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.1.1.12 - Steppschuh)
Revit Architecture 2016 (Version: 16.0.428.0 - Autodesk) Hidden
Revit Architecture Content Libraries 2016 (Version: 16.0.428.0 - Autodesk) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Room EQ Wizard 5.13 (HKLM-x32\...\4549-9647-2313-4375) (Version: 5.13 - John Mulcahy)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SHIELD Streaming (Version: 7.1.0300 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.2.191 - NVIDIA Corporation) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
SQL Server 2008 R2 SP2 Common Files (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Witcher 3 Wild Hunt Blood and Wine (HKLM-x32\...\The Witcher 3 Wild Hunt Blood and Wine_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
ViewRight Web PC (HKLM-x32\...\{B62D5F4C-BEB2-4DCD-A8B4-EE21CCAEC28A}) (Version: 3.3.0.0 - Verimatrix, Inc.)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08E443E4-0472-4E0E-8739-0912C2DC23F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-19] (Google Inc.)
Task: {08FBC576-72AA-469B-9CB0-81A80DA84468} - System32\Tasks\{41E7C65A-79E2-4843-87F5-731C1CEEBDA7} => pcalua.exe -a C:\Users\Tomas\AppData\Local\Temp\jre-8u77-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {11FCC7A1-0F3D-4639-9505-0DE348C5509E} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {124919B2-5599-455E-B4B1-4D6489BA5782} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-19] (Google Inc.)
Task: {17269CA3-768B-48AC-8A69-DAE50E411634} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-07-09] (NVIDIA Corporation)
Task: {1E1A5FF9-3CD6-40EA-8B92-CE6BD25919BE} - System32\Tasks\{A89A6F83-DCCB-4C80-94A1-822ED290C10D} => C:\Users\Tomas\Downloads\ASSSDBenchmark\AS SSD Benchmark.exe
Task: {20C890AB-3F33-4193-9867-7EA2C48CCA8E} - System32\Tasks\{6FF55281-2905-4E44-A63D-39266750B33B} => pcalua.exe -a "C:\Program Files (x86)\YTD\setup.exe" -d "C:\Program Files (x86)\YTD"
Task: {222DB7A6-8EC6-4E27-82F9-358476A2E595} - System32\Tasks\{74D8D0C1-A21A-4089-B315-24141C510B09} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall PROR /dll OSETUP.DLL
Task: {259DDA37-D5F2-4717-8560-7E9814231649} - System32\Tasks\ASUS\ASUS Media Streamer DMR => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe [2014-07-15] ()
Task: {276FF20A-5438-44A4-86D5-A0442438A2B2} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2016-07-10] (ASUSTeK Computer Inc.)
Task: {2C1DAD89-13D2-4871-9E16-554FB0EDA522} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {2C4C7906-80A1-4E0E-B92F-3EECBCEFF555} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {45D9668C-A08B-4357-988E-40802FABB86E} - System32\Tasks\{E86F11EB-2B87-488E-9906-DDCC3F83BDFE} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -c /M{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}
Task: {4F2DE321-9782-470B-9004-6654E2544D4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-07-09] (NVIDIA Corporation)
Task: {53090F3C-E5A8-40F5-B50B-F32686ADECB9} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-07-03] (COMODO)
Task: {59D3EB20-4B9F-43D0-882C-B56BDD55DAC2} - System32\Tasks\ASUS\i-Setup112256 => C:\Windows\Chipset\AsusSetup.exe [2013-09-09] (ASUSTeK Computer Inc.)
Task: {5CB5EA8C-5D99-4B0D-B7A4-8B923DF10BBF} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-07-09] (NVIDIA Corporation)
Task: {6549E1D1-6614-45D3-A32A-9206DE6F89D4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-07-09] (NVIDIA Corporation)
Task: {6708F241-5450-4FA5-B5E0-6C496ADFBA74} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {6BAD0851-63EF-4532-9CBE-67553AE470E3} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {7844BFE4-273D-4685-AD88-A0F945F9F161} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2016-07-10] (ASUSTeK Computer Inc.)
Task: {810F5D3C-A8C7-41E0-BBCF-C9DA4CC55E9A} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {8687BF49-F653-4025-A5AC-198FCCADE706} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3061203490-3799476124-1463932836-1000
Task: {8D02470F-C915-41C5-9F08-2EF846B76828} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-07-09] (NVIDIA Corporation)
Task: {8F7C6FD2-DCAA-48BB-A1B2-0E9B4057DC8A} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2016-07-10] (ASUSTeK Computer Inc.)
Task: {9AB89A52-5ABC-4DC7-A78A-397157625BD8} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_Client_V2.exe [2015-09-10] ()
Task: {9ED6FF1B-8417-4BDB-81D6-7AFC1A9AAE4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {A4849414-DD55-4393-985A-20FC3D97860E} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {BF787E2B-7FC5-4164-AEAD-AC4E1B4EF2DE} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2016-07-10] (TODO: <Company name>)
Task: {C0D9605A-279D-43C9-B297-A8DB78FAD260} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2016-07-10] ()
Task: {DD940E93-D772-4911-A853-1F5ABA957AB9} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2016-07-10] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-06-21 20:24 - 2016-06-03 05:26 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-25 00:03 - 2014-04-25 00:03 - 00936728 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-09-22 10:55 - 2014-07-15 15:02 - 00295936 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
2016-07-10 11:45 - 2016-07-10 11:45 - 01430328 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2016-07-10 11:45 - 2016-07-10 11:45 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2015-12-28 16:10 - 2015-12-28 16:10 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2015-12-28 16:10 - 2015-12-28 16:10 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2016-07-01 21:37 - 2016-07-04 10:50 - 00062912 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 00308160 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\MessageBus.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 04488640 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 00396736 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\nvspserviceplugin64.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\NvStreamBase.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 03070912 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_NvStreamControl.dll
2015-09-16 21:33 - 2015-09-16 21:33 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 01065272 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
2016-07-10 11:45 - 2016-07-10 11:45 - 00036152 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
2016-07-10 11:45 - 2016-07-10 11:45 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
2015-01-08 23:02 - 2016-03-16 12:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-09-22 10:55 - 2016-07-10 13:24 - 00034960 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-09-22 10:55 - 2014-04-25 00:03 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 04239360 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00828928 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2015-09-22 11:01 - 2014-08-04 11:25 - 00053248 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-09-22 11:01 - 2014-08-04 11:25 - 00278528 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00663552 _____ () C:\Program Files (x86)\ASUS\AI Suite III\aaHMLib.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 05778096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2015-12-28 16:10 - 2015-12-28 16:10 - 00143360 ____N () C:\Program Files\UNi Xonar Audio\Customapp\VmixP8.dll
2016-07-01 21:37 - 2016-07-04 09:35 - 02766392 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-07-01 21:37 - 2016-07-04 09:35 - 00489920 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-07-01 21:37 - 2016-07-04 09:35 - 00253888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-07-01 21:37 - 2016-07-04 09:35 - 00246328 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-07-01 21:37 - 2016-07-04 09:35 - 00415680 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-07-01 21:37 - 2016-07-04 09:35 - 00202808 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-07-10 11:45 - 2016-07-10 11:45 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-04-29 16:23 - 2014-04-29 16:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00643584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMiniMsg.dll
2012-06-20 15:09 - 2012-06-20 15:09 - 00634880 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\SDL.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 01160888 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\avformat-52.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 05103868 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\avcodec-52.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 00192717 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\avutil-50.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 00262092 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\swscale-0.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\difxapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\grep.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\MBR.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\NIRCMD.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\PEV.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\sed.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SWREG.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SWSC.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SWXCACLS.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\zip.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\CmiFltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsMgr64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsSrv64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsSrv642.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmasiopx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Cmeauoxy.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CmiCnfgP.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CmiInstallResAll64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmudaxp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Cm_Oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nvaudcap64v.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xinput1_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ASGT.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cmasiop.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CmiCnfgp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CmiFltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Cmpaoxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Cm_Oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\HsMgr.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\HsSrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\HsSrv2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nvaudcap32v.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VmixP8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\cmudaxp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\nvvad64v.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Drivers\ASUSFILTER.sys:$CmdZnID [26]
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [258]
AlternateDataStreams: C:\Users\Tomas\Desktop\$_35.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\10296375_777680752251433_7520339795265519082_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\10440821_10203854994162871_1373651193093004697_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\11738055_1009909505708560_2655345021947015536_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\13516334_10201750055831248_3829009012877130994_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\16-i28230.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\20160416_180520.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Desktop\20160416_180520.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\22702-univerzum-vseobecna-encyklopedia-pre-21-storocie-nestandard1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\276284.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\276720_570f68c5d73a480cbdbcf3d2cf41c454.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\2_thumb_1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\486479.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\4c7f73b0b855a.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4276900_142908_20140727_14439.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4813564_60882_20141203_35212.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4830080_50689_20141206_29945.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N6273986_43463_20160116_12702.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N6726077_61082_20160504_35509.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\ComboFix.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Desktop\FRST64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\Giraffe.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l.php.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l20511.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l37526.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-americky_pitbulterier.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-ludske_telo_unikatny_obrazovy_sprievodca.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-predhistoria.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\ml4587.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\papoucsimadagaskar.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\The-Elephant-portrait.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\01 - Cancion Del Mariachi (Desperado).flac:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\01 - Cancion Del Mariachi (Desperado).flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\032 - Snoop Dogg & Wiz Khalifa ft. Bruno Mars - Young Wild And Free.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\032 - Snoop Dogg & Wiz Khalifa ft. Bruno Mars - Young Wild And Free.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\11_-_Adele_-_Someone_Like_You.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\11_-_Adele_-_Someone_Like_You.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\12247046_997043553690002_6538794650488572407_n.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\13563400_1050942081626131_1626193806_n.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\13563400_1050942081626131_1626193806_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\16---The-Hanging-Tree---James-Newton-Howard.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\16---The-Hanging-Tree---James-Newton-Howard.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\1_jpeg644da3ea2039ec50616a9fd0f1a43580.jpeg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\1_jpeg644da3ea2039ec50616a9fd0f1a43580.jpeg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\20151105_181534.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\20151105_181534.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\20160416_191101.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\20160416_191101.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\2afb89a5e696a5388e3667776c534c3c.gif:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\3DMark11-v1-0-132.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\3DMark11-v1-0-132.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\55843193.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\946777_1742916139262940_5888588043330652952_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\adwcleaner_5.201.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\adwcleaner_5.201.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\aida64extreme570.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\AISuiteIII_Win7-8-81-10_Z97-series_V10102.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\AISuiteIII_Win7-8-81-10_Z97-series_V10102.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E01(0000268085).srt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E01(0000268085).srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E02(0000268819).srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals.S01E01.HDTV.x264-KILLERS[ettv].mp4:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals.S01E01.HDTV.x264-KILLERS[ettv].mp4:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\arrow.s04e22.hdtv.x264-lol.srt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\arrow.s04e22.hdtv.x264-lol.srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\arulersetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\arulersetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Baumit_Jpeg.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\Baumit_Jpeg.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\blockposter-132043.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\blockposter-132043.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\camstudio_2.6beta.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\camstudio_2.6beta.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ddmsetup1800.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ddmsetup1800.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\faststone-capture_7.3Shareware.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\faststone-capture_7.3Shareware.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup 45.0.1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup 45.0.1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\fotky.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\fotky.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\FT5S+Abosch+faces+of+ireland+dublin+airport.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\FurMark_1.10.2_Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Futuremark_SystemInfo_v446_installer.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Futuremark_SystemInfo_v446_installer.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\GeForce_Experience_Beta_v3.0.2.190.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\GeForce_Experience_Beta_v3.0.2.190.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\gimp-2.8.16-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\gimp-2.8.16-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\GoogleEarthProSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\GoogleEarthProSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\GPUTweak_2_8_3_0.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\GPUTweak_2_8_3_0.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Guns N' Roses - Sweet Child O'Mine.flac:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\Guns N' Roses - Sweet Child O'Mine.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1578.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1578.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1579.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1579.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1580.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1580.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1581.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1581.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\instant-eyedropper-1.8.5.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\instant-eyedropper-1.8.5.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\iview442_x64_setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\iview442_x64_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\konečna verzia.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\konečna verzia.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\KVRT.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\KVRT.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\MEGAsyncSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\MEGAsyncSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Metallica_-_Nothing_Else_Matters.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Metallica_-_Nothing_Else_Matters.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Michonnin príbeh SK.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Michonnin príbeh SK.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ml15338.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\moj-komp.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\MUM52131.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\netscan_portable.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\netscan_portable.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Oznamenie pre rodicov A (1).doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Oznamenie pre rodicov A.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PONUKA PRE MS.eml:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTray320.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTray320.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTrayPlugins_beta6.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTrayPlugins_beta6.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Punisher Akční 2004 cz.avi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Punisher Akční 2004 cz.avi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\R.E.M.---Out-Of-Time---02.-Losing-My-Religion.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\R.E.M.---Out-Of-Time---02.-Losing-My-Religion.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\screenrecorderfree.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\screenrecorderfree.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup help read.txt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup help read.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup registry file edit this.reg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup registry file edit this.reg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\siw_tech.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\siw_tech.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Star-Wars-Volume-1.cz.fenixprodabing.avi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Star-Wars-Volume-1.cz.fenixprodabing.avi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\SteamSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\SteamSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Survivor---Eye-of-the-Tiger.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Survivor---Eye-of-the-Tiger.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-(2016)-(Digital)-(Minutemen-Acan).cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-(2016)-(Digital)-(Minutemen-Acan).cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-sk.cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-sk.cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk.cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk.cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Blood.and.Wine-CODEX.torrent:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Blood.and.Wine-CODEX.torrent:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Patch.v1.22-GOG.torrent:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Unigine_Heaven-4.0.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Unigine_Heaven-4.0.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller(1).msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller(1).msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\WinSnap_4.5.3-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\WinSnap_4.5.3-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\zivotopis(1).docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\zivotopis(1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\zoznam_dlznikov_20_05_2016_csv.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\zoznam_dlznikov_20_05_2016_csv.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ZS - rocenka grafity.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ZS - rocenka grafity.jpg:$CmdZnID [26]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2016-07-10 11:59 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dell Display Manager.lnk => C:\Windows\pss\Dell Display Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Tomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 3520 series.lnk => C:\Windows\pss\Monitor Ink Alerts - HP Deskjet 3520 series.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Tomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Akamai NetSession Interface =>
MSCONFIG\startupreg: AO Link Server =>
MSCONFIG\startupreg: CAM => C:\Program Files (x86)\NZXT\CAM\CAMLauncher.exe -autostart
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: HomeCloud Drive => C:\Program Files (x86)\ASUS\LocalDrive\LocalDrive.exe --useArgs
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: OscarEditor => "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Tomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: WebStorage => C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\AsusWSPanel.exe /S
MSCONFIG\startupreg: windirs => C:\Users\Tomas\AppData\Local\Temp\trwe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2D69DA90-E171-4A01-B93A-A52D75D02B21}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
FirewallRules: [{5D762B29-69CA-4CBA-8FC7-B5FE0E4012DB}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
FirewallRules: [{27B63CBD-FB22-48B8-95DB-D24ECBC3F6AD}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe
FirewallRules: [{9C355E3B-3794-444A-AF2F-8DCA1310F861}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe
FirewallRules: [{0FF88CCF-1E91-490D-9EA3-4FA5BCA21E3F}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe
FirewallRules: [{8631306A-B90F-4C86-8548-4EAAE51AB2C9}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe
FirewallRules: [{867B897B-FA84-4C78-93DE-AA3DD8E9FC5B}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe
FirewallRules: [{130135FA-B994-4732-94CF-F9723A713809}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe
FirewallRules: [{4A734950-966E-4276-902E-232C1501A26A}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe
FirewallRules: [{247921E6-2ADD-4DF0-9BDE-3BEB648F3345}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe
FirewallRules: [{EE7B16CA-94A5-4BA9-BA89-21116F911CA9}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{86AAE7E1-3622-445D-BBC2-A4FD76079647}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{6F1D4383-7E36-478D-95B6-0DFCF08A50EB}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{370B314D-65EA-4D45-9571-3DFF9D081754}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8C245B44-EAEB-4926-BBEE-507E210004D0}] => (Allow) LPort=9143
FirewallRules: [{4F958F4F-F4D0-4266-A80B-34546DC1E4F1}] => (Allow) LPort=2333
FirewallRules: [{869C77B9-FBFA-4F20-86DE-E5C819E40CF1}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{A915DED3-0D61-43E1-84FA-37F308DC8FDE}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{BAF12481-2A30-46BF-A7A5-9A02E212C55F}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DB7D7DD0-4B0B-4F95-ADFC-C43C6490DD12}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{75776EFF-7013-464A-9F1F-AEC114DA751B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8CA5A74B-3D61-4B9F-95D7-E9A7DD4FA721}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{041DFFE8-893E-40F2-8CF3-76653D6BDB8B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C0F3E36A-2F27-460E-9471-137CB1F87402}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{642F4AFE-422E-4614-A36E-538CBC82F971}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F2CFF811-53D8-4CB9-AD90-93648A749575}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{149A6D3A-0E80-4E2A-AC1B-F92AF5B638CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{EDE986A5-5DBC-4E41-BE7B-B378D9B44E1F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FBCEDD99-82FE-466F-B2CF-F7AFC7A9EC8E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FFF1CE12-316C-4EC7-97A3-53576741A565}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{312B813C-FCA7-45C9-919E-642760F406D4}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [{CAB7DAE8-FA18-4FF2-8700-5984ECEDA99D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
==================== Restore Points =========================
09-07-2016 23:28:49 Removed ASUS Product Register Program
09-07-2016 23:29:03 Configured GPUTweakStreaming
09-07-2016 23:29:37 Configured GPUTweakStreaming
09-07-2016 23:31:49 Configured ASUS GPU Tweak
09-07-2016 23:32:39 Removed DIP4
09-07-2016 23:32:46 Removed EZ Update
09-07-2016 23:33:03 Removed Push Notice
09-07-2016 23:33:08 Removed System Information
09-07-2016 23:33:17 Removed USB 3.0 Boost
09-07-2016 23:33:21 Removed Matrix
10-07-2016 11:19:48 Installed ASUS GPU Tweak
10-07-2016 11:45:05 Installed Matrix
10-07-2016 11:45:18 Installed EZ Update
10-07-2016 11:45:33 Installed DIP4
10-07-2016 11:45:53 Installed Push Notice
10-07-2016 11:46:03 Installed System Information
10-07-2016 11:46:13 Installed USB 3.0 Boost
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/10/2016 01:29:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/10/2016 01:29:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/10/2016 01:29:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (07/10/2016 01:25:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2016 12:09:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/10/2016 12:09:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/10/2016 12:09:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (07/10/2016 12:05:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2016 12:04:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: nvcontainer.exe, verzia: 1.0.0.0, časová značka: 0x576ac00f
Názov chybového modulu: KERNELBASE.dll, verzia: 6.1.7601.19110, časová značka: 0x568429dd
Kód výnimky: 0xe06d7363
Odstup chyby: 0x000000000000b16d
Identifikácia chybného procesu: 0xac4
Čas spustenia chybnej aplikácie: 0xnvcontainer.exe0
Cesta chybnej aplikácie: nvcontainer.exe1
Cesta chybného modulu: nvcontainer.exe2
Identifikácia hlásenia: nvcontainer.exe3
Error: (07/10/2016 11:52:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (07/10/2016 11:59:22 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.
Error: (07/10/2016 11:58:56 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (07/10/2016 11:56:53 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.
Error: (07/10/2016 11:20:05 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (07/10/2016 11:19:46 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -Embedding740{B3EDE298-AE75-4A1C-AB7E-1B9229B77BBE}
Error: (07/09/2016 11:29:01 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -Embedding740{B3EDE298-AE75-4A1C-AB7E-1B9229B77BBE}
Error: (07/09/2016 07:29:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (07/09/2016 07:29:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (07/09/2016 07:29:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (07/09/2016 07:29:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Integrated Clock Controller Service - Intel(R) ICCS sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
CodeIntegrity:
===================================
Date: 2016-07-10 11:58:56.818
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-10 11:58:56.803
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-24 13:12:56.865
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Tomas\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-24 13:12:56.846
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Tomas\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Ran by Tomas (2016-07-10 15:30:41)
Running from C:\Users\Tomas\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-09-22 08:51:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3061203490-3799476124-1463932836-500 - Administrator - Disabled)
Guest (S-1-5-21-3061203490-3799476124-1463932836-501 - Limited - Disabled)
Tomas (S-1-5-21-3061203490-3799476124-1463932836-1000 - Administrator - Enabled) => C:\Users\Tomas
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: COMODO Antivirus (Enabled - Up to date) {D0CC7563-ABD2-DEBE-138E-FDD553335AF2}
AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.02 - ASUSTeK Computer Inc.)
Aktualizácie NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.8.3.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.8.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS HomeCloud Launcher (HKLM-x32\...\4ff11ffb-5880-4338-90e0-1502e835b184) (Version: 1.01.04 - ASUSTeK Computer Inc.)
Autodesk BIM 360 Revit 2016 Add-in 64 bit (HKLM\...\{C5A83116-8654-47A3-A3B1-B76905C8A198}) (Version: 4.35.3969 - Autodesk)
Autodesk Workflows 2016 (HKLM\...\{535CDED0-D690-4738-83EE-09056A365BAC}) (Version: 6.3.0.18 - Autodesk, Inc.)
CAM (HKLM-x32\...\{B06820C7-D39B-4FBD-BB63-C1F53699A500}) (Version: 2.1.71 - NZXT)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
COMODO Internet Security Premium (HKLM\...\{04833277-EE61-4251-9273-0CF86C0FE710}) (Version: 8.2.0.4792 - COMODO Security Solutions Inc.)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0387 - Disc Soft Ltd)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski)
Futuremark SystemInfo (HKLM-x32\...\{4DB65855-2E10-47A2-AC3B-F8F826840125}) (Version: 4.46.595.0 - Futuremark)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Deskjet 3520 series Basic Device Software (HKLM\...\{A0A03B53-927D-4454-A456-CB0A72A4912F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Help (HKLM-x32\...\{C13E1F46-84FE-4D3B-8581-0F2F624C7EEC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Product Improvement Study (HKLM\...\{14ABDFC2-491B-4AF0-8134-CC5596D0EF57}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Instant Eyedropper 1.8.5.1 (HKLM-x32\...\Instant Eyedropper_is1) (Version: - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Malwarebytes Anti-Malware verzia 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Streamer (HKLM-x32\...\{B457E718-00CA-45C8-9F75-45D66F8DAFF6}) (Version: 2.00.15 - ASUSTeK Computer Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{7419AE1A-D1A5-4B24-BD78-C7ABCC26016F}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 sk) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 sk)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
NVIDIA 3D Vision radič ovládača 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.2.190 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.2.190 - NVIDIA Corporation)
NVIDIA Grafický ovládač 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.2.191 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 368.39 (Version: 368.39 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version: - Kakao Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.1.1.12 - Steppschuh)
Revit Architecture 2016 (Version: 16.0.428.0 - Autodesk) Hidden
Revit Architecture Content Libraries 2016 (Version: 16.0.428.0 - Autodesk) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Room EQ Wizard 5.13 (HKLM-x32\...\4549-9647-2313-4375) (Version: 5.13 - John Mulcahy)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SHIELD Streaming (Version: 7.1.0300 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.2.191 - NVIDIA Corporation) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
SQL Server 2008 R2 SP2 Common Files (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Witcher 3 Wild Hunt Blood and Wine (HKLM-x32\...\The Witcher 3 Wild Hunt Blood and Wine_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
ViewRight Web PC (HKLM-x32\...\{B62D5F4C-BEB2-4DCD-A8B4-EE21CCAEC28A}) (Version: 3.3.0.0 - Verimatrix, Inc.)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08E443E4-0472-4E0E-8739-0912C2DC23F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-19] (Google Inc.)
Task: {08FBC576-72AA-469B-9CB0-81A80DA84468} - System32\Tasks\{41E7C65A-79E2-4843-87F5-731C1CEEBDA7} => pcalua.exe -a C:\Users\Tomas\AppData\Local\Temp\jre-8u77-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1
Task: {11FCC7A1-0F3D-4639-9505-0DE348C5509E} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {124919B2-5599-455E-B4B1-4D6489BA5782} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-19] (Google Inc.)
Task: {17269CA3-768B-48AC-8A69-DAE50E411634} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-07-09] (NVIDIA Corporation)
Task: {1E1A5FF9-3CD6-40EA-8B92-CE6BD25919BE} - System32\Tasks\{A89A6F83-DCCB-4C80-94A1-822ED290C10D} => C:\Users\Tomas\Downloads\ASSSDBenchmark\AS SSD Benchmark.exe
Task: {20C890AB-3F33-4193-9867-7EA2C48CCA8E} - System32\Tasks\{6FF55281-2905-4E44-A63D-39266750B33B} => pcalua.exe -a "C:\Program Files (x86)\YTD\setup.exe" -d "C:\Program Files (x86)\YTD"
Task: {222DB7A6-8EC6-4E27-82F9-358476A2E595} - System32\Tasks\{74D8D0C1-A21A-4089-B315-24141C510B09} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall PROR /dll OSETUP.DLL
Task: {259DDA37-D5F2-4717-8560-7E9814231649} - System32\Tasks\ASUS\ASUS Media Streamer DMR => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe [2014-07-15] ()
Task: {276FF20A-5438-44A4-86D5-A0442438A2B2} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2016-07-10] (ASUSTeK Computer Inc.)
Task: {2C1DAD89-13D2-4871-9E16-554FB0EDA522} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {2C4C7906-80A1-4E0E-B92F-3EECBCEFF555} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {45D9668C-A08B-4357-988E-40802FABB86E} - System32\Tasks\{E86F11EB-2B87-488E-9906-DDCC3F83BDFE} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -c /M{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}
Task: {4F2DE321-9782-470B-9004-6654E2544D4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-07-09] (NVIDIA Corporation)
Task: {53090F3C-E5A8-40F5-B50B-F32686ADECB9} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-07-03] (COMODO)
Task: {59D3EB20-4B9F-43D0-882C-B56BDD55DAC2} - System32\Tasks\ASUS\i-Setup112256 => C:\Windows\Chipset\AsusSetup.exe [2013-09-09] (ASUSTeK Computer Inc.)
Task: {5CB5EA8C-5D99-4B0D-B7A4-8B923DF10BBF} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-07-09] (NVIDIA Corporation)
Task: {6549E1D1-6614-45D3-A32A-9206DE6F89D4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-07-09] (NVIDIA Corporation)
Task: {6708F241-5450-4FA5-B5E0-6C496ADFBA74} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {6BAD0851-63EF-4532-9CBE-67553AE470E3} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {7844BFE4-273D-4685-AD88-A0F945F9F161} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2016-07-10] (ASUSTeK Computer Inc.)
Task: {810F5D3C-A8C7-41E0-BBCF-C9DA4CC55E9A} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-07-03] (COMODO)
Task: {8687BF49-F653-4025-A5AC-198FCCADE706} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3061203490-3799476124-1463932836-1000
Task: {8D02470F-C915-41C5-9F08-2EF846B76828} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-07-09] (NVIDIA Corporation)
Task: {8F7C6FD2-DCAA-48BB-A1B2-0E9B4057DC8A} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2016-07-10] (ASUSTeK Computer Inc.)
Task: {9AB89A52-5ABC-4DC7-A78A-397157625BD8} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_Client_V2.exe [2015-09-10] ()
Task: {9ED6FF1B-8417-4BDB-81D6-7AFC1A9AAE4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {A4849414-DD55-4393-985A-20FC3D97860E} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {BF787E2B-7FC5-4164-AEAD-AC4E1B4EF2DE} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2016-07-10] (TODO: <Company name>)
Task: {C0D9605A-279D-43C9-B297-A8DB78FAD260} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2016-07-10] ()
Task: {DD940E93-D772-4911-A853-1F5ABA957AB9} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2016-07-10] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-06-21 20:24 - 2016-06-03 05:26 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-25 00:03 - 2014-04-25 00:03 - 00936728 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-09-22 10:55 - 2014-07-15 15:02 - 00295936 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
2016-07-10 11:45 - 2016-07-10 11:45 - 01430328 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
2016-07-10 11:45 - 2016-07-10 11:45 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2015-12-28 16:10 - 2015-12-28 16:10 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2015-12-28 16:10 - 2015-12-28 16:10 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2016-07-01 21:37 - 2016-07-04 10:50 - 00062912 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 00308160 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\MessageBus.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 04488640 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-07-01 21:37 - 2016-06-30 18:12 - 00396736 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\nvspserviceplugin64.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\NvStreamBase.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 03070912 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_NvStreamControl.dll
2015-09-16 21:33 - 2015-09-16 21:33 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 01065272 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
2016-07-10 11:45 - 2016-07-10 11:45 - 00036152 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
2016-07-10 11:45 - 2016-07-10 11:45 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
2015-01-08 23:02 - 2016-03-16 12:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-09-22 10:55 - 2016-07-10 13:24 - 00034960 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-09-22 10:55 - 2014-04-25 00:03 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 04239360 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 01138176 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00828928 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2015-09-22 11:01 - 2014-08-04 11:25 - 00053248 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-09-22 11:01 - 2014-08-04 11:25 - 00278528 ____R () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00663552 _____ () C:\Program Files (x86)\ASUS\AI Suite III\aaHMLib.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 05778096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2015-12-28 16:10 - 2015-12-28 16:10 - 00143360 ____N () C:\Program Files\UNi Xonar Audio\Customapp\VmixP8.dll
2016-07-01 21:37 - 2016-07-04 09:35 - 02766392 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-07-01 21:37 - 2016-07-04 09:35 - 00489920 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-07-01 21:37 - 2016-07-04 09:35 - 00253888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-07-01 21:37 - 2016-07-04 09:35 - 00246328 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-07-01 21:37 - 2016-07-04 09:35 - 00415680 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-07-01 21:37 - 2016-07-04 09:35 - 00202808 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-07-10 11:45 - 2016-07-10 11:45 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2016-07-01 21:37 - 2016-07-04 10:50 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-04-29 16:23 - 2014-04-29 16:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2016-07-10 11:45 - 2016-07-10 11:45 - 00643584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMiniMsg.dll
2012-06-20 15:09 - 2012-06-20 15:09 - 00634880 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\SDL.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 01160888 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\avformat-52.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 05103868 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\avcodec-52.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 00192717 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\avutil-50.dll
2012-06-18 15:28 - 2012-06-18 15:28 - 00262092 _____ () C:\Program Files (x86)\Verimatrix\ViewRight Web\swscale-0.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\difxapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\grep.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\MBR.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\NIRCMD.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\PEV.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\sed.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SWREG.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SWSC.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SWXCACLS.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\zip.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\CmiFltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsMgr64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsSrv64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsSrv642.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmasiopx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Cmeauoxy.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CmiCnfgP.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CmiInstallResAll64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmudaxp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Cm_Oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nvaudcap64v.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xinput1_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ASGT.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cmasiop.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CmiCnfgp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CmiFltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Cmpaoxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Cm_Oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\HsMgr.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\HsSrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\HsSrv2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nvaudcap32v.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VmixP8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\cmudaxp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\nvvad64v.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Drivers\ASUSFILTER.sys:$CmdZnID [26]
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [258]
AlternateDataStreams: C:\Users\Tomas\Desktop\$_35.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\10296375_777680752251433_7520339795265519082_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\10440821_10203854994162871_1373651193093004697_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\11738055_1009909505708560_2655345021947015536_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\13516334_10201750055831248_3829009012877130994_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\16-i28230.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\20160416_180520.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Desktop\20160416_180520.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\22702-univerzum-vseobecna-encyklopedia-pre-21-storocie-nestandard1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\276284.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\276720_570f68c5d73a480cbdbcf3d2cf41c454.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\2_thumb_1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\486479.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\4c7f73b0b855a.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4276900_142908_20140727_14439.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4813564_60882_20141203_35212.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4830080_50689_20141206_29945.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N6273986_43463_20160116_12702.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N6726077_61082_20160504_35509.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\ComboFix.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Desktop\FRST64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\Giraffe.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l.php.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l20511.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l37526.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-americky_pitbulterier.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-ludske_telo_unikatny_obrazovy_sprievodca.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-predhistoria.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\ml4587.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\papoucsimadagaskar.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\The-Elephant-portrait.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\01 - Cancion Del Mariachi (Desperado).flac:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\01 - Cancion Del Mariachi (Desperado).flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\032 - Snoop Dogg & Wiz Khalifa ft. Bruno Mars - Young Wild And Free.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\032 - Snoop Dogg & Wiz Khalifa ft. Bruno Mars - Young Wild And Free.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\11_-_Adele_-_Someone_Like_You.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\11_-_Adele_-_Someone_Like_You.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\12247046_997043553690002_6538794650488572407_n.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\13563400_1050942081626131_1626193806_n.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\13563400_1050942081626131_1626193806_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\16---The-Hanging-Tree---James-Newton-Howard.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\16---The-Hanging-Tree---James-Newton-Howard.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\1_jpeg644da3ea2039ec50616a9fd0f1a43580.jpeg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\1_jpeg644da3ea2039ec50616a9fd0f1a43580.jpeg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\20151105_181534.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\20151105_181534.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\20160416_191101.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\20160416_191101.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\2afb89a5e696a5388e3667776c534c3c.gif:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\3DMark11-v1-0-132.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\3DMark11-v1-0-132.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\55843193.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\946777_1742916139262940_5888588043330652952_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\adwcleaner_5.201.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\adwcleaner_5.201.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\aida64extreme570.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\AISuiteIII_Win7-8-81-10_Z97-series_V10102.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\AISuiteIII_Win7-8-81-10_Z97-series_V10102.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E01(0000268085).srt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E01(0000268085).srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E02(0000268819).srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals.S01E01.HDTV.x264-KILLERS[ettv].mp4:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals.S01E01.HDTV.x264-KILLERS[ettv].mp4:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\arrow.s04e22.hdtv.x264-lol.srt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\arrow.s04e22.hdtv.x264-lol.srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\arulersetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\arulersetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Baumit_Jpeg.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\Baumit_Jpeg.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\blockposter-132043.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\blockposter-132043.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\camstudio_2.6beta.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\camstudio_2.6beta.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ddmsetup1800.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ddmsetup1800.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\faststone-capture_7.3Shareware.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\faststone-capture_7.3Shareware.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup 45.0.1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup 45.0.1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\fotky.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\fotky.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\FT5S+Abosch+faces+of+ireland+dublin+airport.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\FurMark_1.10.2_Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Futuremark_SystemInfo_v446_installer.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Futuremark_SystemInfo_v446_installer.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\GeForce_Experience_Beta_v3.0.2.190.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\GeForce_Experience_Beta_v3.0.2.190.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\gimp-2.8.16-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\gimp-2.8.16-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\GoogleEarthProSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\GoogleEarthProSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\GPUTweak_2_8_3_0.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\GPUTweak_2_8_3_0.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Guns N' Roses - Sweet Child O'Mine.flac:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\Guns N' Roses - Sweet Child O'Mine.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1578.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1578.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1579.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1579.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1580.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1580.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1581.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1581.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\instant-eyedropper-1.8.5.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\instant-eyedropper-1.8.5.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\iview442_x64_setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\iview442_x64_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\konečna verzia.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\konečna verzia.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\KVRT.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\KVRT.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\MEGAsyncSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\MEGAsyncSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Metallica_-_Nothing_Else_Matters.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Metallica_-_Nothing_Else_Matters.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Michonnin príbeh SK.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Michonnin príbeh SK.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ml15338.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\moj-komp.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\MUM52131.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\netscan_portable.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\netscan_portable.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Oznamenie pre rodicov A (1).doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Oznamenie pre rodicov A.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PONUKA PRE MS.eml:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTray320.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTray320.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTrayPlugins_beta6.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTrayPlugins_beta6.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Punisher Akční 2004 cz.avi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Punisher Akční 2004 cz.avi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\R.E.M.---Out-Of-Time---02.-Losing-My-Religion.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\R.E.M.---Out-Of-Time---02.-Losing-My-Religion.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\screenrecorderfree.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\screenrecorderfree.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup help read.txt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup help read.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup registry file edit this.reg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup registry file edit this.reg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\siw_tech.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\siw_tech.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Star-Wars-Volume-1.cz.fenixprodabing.avi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Star-Wars-Volume-1.cz.fenixprodabing.avi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\SteamSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\SteamSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Survivor---Eye-of-the-Tiger.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Survivor---Eye-of-the-Tiger.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-(2016)-(Digital)-(Minutemen-Acan).cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-(2016)-(Digital)-(Minutemen-Acan).cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-sk.cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-sk.cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk.cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk.cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Blood.and.Wine-CODEX.torrent:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Blood.and.Wine-CODEX.torrent:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Patch.v1.22-GOG.torrent:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Unigine_Heaven-4.0.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Unigine_Heaven-4.0.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller(1).msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller(1).msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\WinSnap_4.5.3-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\WinSnap_4.5.3-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\zivotopis(1).docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\zivotopis(1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\zoznam_dlznikov_20_05_2016_csv.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\zoznam_dlznikov_20_05_2016_csv.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ZS - rocenka grafity.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ZS - rocenka grafity.jpg:$CmdZnID [26]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2016-07-10 11:59 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dell Display Manager.lnk => C:\Windows\pss\Dell Display Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Tomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 3520 series.lnk => C:\Windows\pss\Monitor Ink Alerts - HP Deskjet 3520 series.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Tomas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Akamai NetSession Interface =>
MSCONFIG\startupreg: AO Link Server =>
MSCONFIG\startupreg: CAM => C:\Program Files (x86)\NZXT\CAM\CAMLauncher.exe -autostart
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: HomeCloud Drive => C:\Program Files (x86)\ASUS\LocalDrive\LocalDrive.exe --useArgs
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: OscarEditor => "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Tomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: WebStorage => C:\Program Files (x86)\ASUS\WebStorage\2.0.1.213\AsusWSPanel.exe /S
MSCONFIG\startupreg: windirs => C:\Users\Tomas\AppData\Local\Temp\trwe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2D69DA90-E171-4A01-B93A-A52D75D02B21}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
FirewallRules: [{5D762B29-69CA-4CBA-8FC7-B5FE0E4012DB}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
FirewallRules: [{27B63CBD-FB22-48B8-95DB-D24ECBC3F6AD}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe
FirewallRules: [{9C355E3B-3794-444A-AF2F-8DCA1310F861}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe
FirewallRules: [{0FF88CCF-1E91-490D-9EA3-4FA5BCA21E3F}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe
FirewallRules: [{8631306A-B90F-4C86-8548-4EAAE51AB2C9}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe
FirewallRules: [{867B897B-FA84-4C78-93DE-AA3DD8E9FC5B}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe
FirewallRules: [{130135FA-B994-4732-94CF-F9723A713809}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe
FirewallRules: [{4A734950-966E-4276-902E-232C1501A26A}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe
FirewallRules: [{247921E6-2ADD-4DF0-9BDE-3BEB648F3345}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe
FirewallRules: [{EE7B16CA-94A5-4BA9-BA89-21116F911CA9}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{86AAE7E1-3622-445D-BBC2-A4FD76079647}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{6F1D4383-7E36-478D-95B6-0DFCF08A50EB}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{370B314D-65EA-4D45-9571-3DFF9D081754}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{8C245B44-EAEB-4926-BBEE-507E210004D0}] => (Allow) LPort=9143
FirewallRules: [{4F958F4F-F4D0-4266-A80B-34546DC1E4F1}] => (Allow) LPort=2333
FirewallRules: [{869C77B9-FBFA-4F20-86DE-E5C819E40CF1}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{A915DED3-0D61-43E1-84FA-37F308DC8FDE}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{BAF12481-2A30-46BF-A7A5-9A02E212C55F}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DB7D7DD0-4B0B-4F95-ADFC-C43C6490DD12}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{75776EFF-7013-464A-9F1F-AEC114DA751B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8CA5A74B-3D61-4B9F-95D7-E9A7DD4FA721}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{041DFFE8-893E-40F2-8CF3-76653D6BDB8B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C0F3E36A-2F27-460E-9471-137CB1F87402}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{642F4AFE-422E-4614-A36E-538CBC82F971}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F2CFF811-53D8-4CB9-AD90-93648A749575}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{149A6D3A-0E80-4E2A-AC1B-F92AF5B638CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{EDE986A5-5DBC-4E41-BE7B-B378D9B44E1F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FBCEDD99-82FE-466F-B2CF-F7AFC7A9EC8E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FFF1CE12-316C-4EC7-97A3-53576741A565}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{312B813C-FCA7-45C9-919E-642760F406D4}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [{CAB7DAE8-FA18-4FF2-8700-5984ECEDA99D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
==================== Restore Points =========================
09-07-2016 23:28:49 Removed ASUS Product Register Program
09-07-2016 23:29:03 Configured GPUTweakStreaming
09-07-2016 23:29:37 Configured GPUTweakStreaming
09-07-2016 23:31:49 Configured ASUS GPU Tweak
09-07-2016 23:32:39 Removed DIP4
09-07-2016 23:32:46 Removed EZ Update
09-07-2016 23:33:03 Removed Push Notice
09-07-2016 23:33:08 Removed System Information
09-07-2016 23:33:17 Removed USB 3.0 Boost
09-07-2016 23:33:21 Removed Matrix
10-07-2016 11:19:48 Installed ASUS GPU Tweak
10-07-2016 11:45:05 Installed Matrix
10-07-2016 11:45:18 Installed EZ Update
10-07-2016 11:45:33 Installed DIP4
10-07-2016 11:45:53 Installed Push Notice
10-07-2016 11:46:03 Installed System Information
10-07-2016 11:46:13 Installed USB 3.0 Boost
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/10/2016 01:29:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/10/2016 01:29:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/10/2016 01:29:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (07/10/2016 01:25:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2016 12:09:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/10/2016 12:09:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (07/10/2016 12:09:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (07/10/2016 12:05:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2016 12:04:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: nvcontainer.exe, verzia: 1.0.0.0, časová značka: 0x576ac00f
Názov chybového modulu: KERNELBASE.dll, verzia: 6.1.7601.19110, časová značka: 0x568429dd
Kód výnimky: 0xe06d7363
Odstup chyby: 0x000000000000b16d
Identifikácia chybného procesu: 0xac4
Čas spustenia chybnej aplikácie: 0xnvcontainer.exe0
Cesta chybnej aplikácie: nvcontainer.exe1
Cesta chybného modulu: nvcontainer.exe2
Identifikácia hlásenia: nvcontainer.exe3
Error: (07/10/2016 11:52:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (07/10/2016 11:59:22 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.
Error: (07/10/2016 11:58:56 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (07/10/2016 11:56:53 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.
Error: (07/10/2016 11:20:05 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (07/10/2016 11:19:46 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -Embedding740{B3EDE298-AE75-4A1C-AB7E-1B9229B77BBE}
Error: (07/09/2016 11:29:01 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -Embedding740{B3EDE298-AE75-4A1C-AB7E-1B9229B77BBE}
Error: (07/09/2016 07:29:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (07/09/2016 07:29:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (07/09/2016 07:29:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (07/09/2016 07:29:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Integrated Clock Controller Service - Intel(R) ICCS sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
CodeIntegrity:
===================================
Date: 2016-07-10 11:58:56.818
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-10 11:58:56.803
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-24 13:12:56.865
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Tomas\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-24 13:12:56.846
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Tomas\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Re: pro motji
Date: 2015-09-24 13:12:56.806
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-24 13:12:56.792
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Percentage of memory in use: 40%
Total physical RAM: 8134.69 MB
Available physical RAM: 4828.09 MB
Total Virtual: 16267.59 MB
Available Virtual: 12458.52 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:4.35 GB) NTFS
Drive d: (Nový zväzok) (Fixed) (Total:931.51 GB) (Free:931.39 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 74F2D007)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DC6CB571)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-24 13:12:56.792
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Percentage of memory in use: 40%
Total physical RAM: 8134.69 MB
Available physical RAM: 4828.09 MB
Total Virtual: 16267.59 MB
Available Virtual: 12458.52 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:4.35 GB) NTFS
Drive d: (Nový zväzok) (Fixed) (Total:931.51 GB) (Free:931.39 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 74F2D007)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DC6CB571)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Re: pro motji
Jsou s pc ještě nějaké problémy? Doladíme ještě pár maličkostí, ale až večer, letím do práce. Omlouvám se za prodlevy, nestíhám.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: pro motji
Vsetko funguje v poriadku.
Re: pro motji
Pardon, nestíhám 
Otevřete poznámkvý blok a vložte do něj
Pak sem vložte log.
Otevřete poznámkvý blok a vložte do něj
-spustte Frst a dejte fix.HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\...\Run: [windirs] => C:\Users\Tomas\AppData\Roaming\dirs\trwe.exe
U5 BFE; <===== ATTENTION: Locked Service
AlternateDataStreams: C:\Windows\difxapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\CmiFltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsMgr64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsSrv64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system\HsSrv642.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmasiopx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Cmeauoxy.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CmiCnfgP.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CmiInstallResAll64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cmudaxp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Cm_Oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\nvaudcap64v.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\xinput1_2.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cmasiop.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CmiCnfgp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\CmiFltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Cmpaoxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Cm_Oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\HsMgr.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\HsSrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\HsSrv2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\nvaudcap32v.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\OpenAL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\usp10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\VmixP8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wrap_oal.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\cmudaxp.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\nvvad64v.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [64]
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [0]
AlternateDataStreams: C:\Users\Tomas\Desktop\$_35.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\10296375_777680752251433_7520339795265519082_o.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\10440821_10203854994162871_1373651193093004697_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\11738055_1009909505708560_2655345021947015536_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\13516334_10201750055831248_3829009012877130994_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\16-i28230.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\20160416_180520.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Desktop\20160416_180520.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\22702-univerzum-vseobecna-encyklopedia-pre-21-storocie-nestandard1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\276284.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\276720_570f68c5d73a480cbdbcf3d2cf41c454.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\2_thumb_1.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\486479.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\4c7f73b0b855a.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4276900_142908_20140727_14439.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4813564_60882_20141203_35212.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N4830080_50689_20141206_29945.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N6273986_43463_20160116_12702.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\b-N6726077_61082_20160504_35509.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\FRST64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Desktop\FRST64.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\Giraffe.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l.php.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l20511.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\l37526.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-americky_pitbulterier.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-ludske_telo_unikatny_obrazovy_sprievodca.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\large-predhistoria.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\ml4587.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\papoucsimadagaskar.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Desktop\The-Elephant-portrait.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\01 - Cancion Del Mariachi (Desperado).flac:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\01 - Cancion Del Mariachi (Desperado).flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\032 - Snoop Dogg & Wiz Khalifa ft. Bruno Mars - Young Wild And Free.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\032 - Snoop Dogg & Wiz Khalifa ft. Bruno Mars - Young Wild And Free.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\11_-_Adele_-_Someone_Like_You.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\11_-_Adele_-_Someone_Like_You.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\12247046_997043553690002_6538794650488572407_n.png:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\13563400_1050942081626131_1626193806_n.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\13563400_1050942081626131_1626193806_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\16---The-Hanging-Tree---James-Newton-Howard.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\16---The-Hanging-Tree---James-Newton-Howard.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\1_jpeg644da3ea2039ec50616a9fd0f1a43580.jpeg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\1_jpeg644da3ea2039ec50616a9fd0f1a43580.jpeg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\20151105_181534.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\20151105_181534.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\20160416_191101.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\20160416_191101.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\2afb89a5e696a5388e3667776c534c3c.gif:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\3DMark11-v1-0-132.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\3DMark11-v1-0-132.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\55843193.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\946777_1742916139262940_5888588043330652952_n.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\adwcleaner_5.201.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\adwcleaner_5.201.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\aida64extreme570.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E01(0000268085).srt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E01(0000268085).srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals-S01E02(0000268819).srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals.S01E01.HDTV.x264-KILLERS[ettv].mp4:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Animals.S01E01.HDTV.x264-KILLERS[ettv].mp4:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\arrow.s04e22.hdtv.x264-lol.srt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\arrow.s04e22.hdtv.x264-lol.srt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\arulersetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\arulersetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Baumit_Jpeg.zip:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\Baumit_Jpeg.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\blockposter-132043.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\blockposter-132043.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\camstudio_2.6beta.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\camstudio_2.6beta.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ddmsetup1800.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ddmsetup1800.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\faststone-capture_7.3Shareware.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\faststone-capture_7.3Shareware.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup 45.0.1.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup 45.0.1.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Firefox Setup Stub 45.0.2.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\fotky.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\fotky.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\FT5S+Abosch+faces+of+ireland+dublin+airport.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\FurMark_1.10.2_Setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Futuremark_SystemInfo_v446_installer.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Futuremark_SystemInfo_v446_installer.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\GeForce_Experience_Beta_v3.0.2.190.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\GeForce_Experience_Beta_v3.0.2.190.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\gimp-2.8.16-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\gimp-2.8.16-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\GoogleEarthProSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\GoogleEarthProSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Guns N' Roses - Sweet Child O'Mine.flac:$CmdTcID [130]
AlternateDataStreams: C:\Users\Tomas\Downloads\Guns N' Roses - Sweet Child O'Mine.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1578.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1578.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1579.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1579.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1580.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1580.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1581.JPG:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\IMG_1581.JPG:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\instant-eyedropper-1.8.5.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\instant-eyedropper-1.8.5.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\iview442_x64_setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\iview442_x64_setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\konečna verzia.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\konečna verzia.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\LeagueofLegends_EUNE_Installer_9_15_2014.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\MEGAsyncSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\MEGAsyncSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Metallica_-_Nothing_Else_Matters.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Metallica_-_Nothing_Else_Matters.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Michonnin príbeh SK.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Michonnin príbeh SK.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ml15338.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\moj-komp.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\MUM52131.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\netscan_portable.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\netscan_portable.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Oznamenie pre rodicov A (1).doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Oznamenie pre rodicov A.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PONUKA PRE MS.eml:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTray320.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTray320.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTrayPlugins_beta6.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\PopTrayPlugins_beta6.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Punisher Akční 2004 cz.avi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Punisher Akční 2004 cz.avi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\R.E.M.---Out-Of-Time---02.-Losing-My-Religion.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\R.E.M.---Out-Of-Time---02.-Losing-My-Religion.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\screenrecorderfree.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\screenrecorderfree.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup help read.txt:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup help read.txt:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup registry file edit this.reg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\setup registry file edit this.reg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\siw_tech.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\siw_tech.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Star-Wars-Volume-1.cz.fenixprodabing.avi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Star-Wars-Volume-1.cz.fenixprodabing.avi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\SteamSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\SteamSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Survivor---Eye-of-the-Tiger.flac:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Survivor---Eye-of-the-Tiger.flac:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-(2016)-(Digital)-(Minutemen-Acan).cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-(2016)-(Digital)-(Minutemen-Acan).cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-sk.cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-154-sk.cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk.cbr:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The-Walking-Dead-155-sk.cbr:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Blood.and.Wine-CODEX.torrent:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Blood.and.Wine-CODEX.torrent:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.Patch.v1.22-GOG.torrent:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG.rar:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG.rar:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ukoncenie spoluprace Zajaros.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\Unigine_Heaven-4.0.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\Unigine_Heaven-4.0.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller(1).msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller(1).msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller.msi:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ViewRightWebInstaller.msi:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\WinSnap_4.5.3-setup.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\WinSnap_4.5.3-setup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\zivotopis(1).docx:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\zivotopis(1).docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\zoznam_dlznikov_20_05_2016_csv.zip:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\zoznam_dlznikov_20_05_2016_csv.zip:$CmdZnID [26]
AlternateDataStreams: C:\Users\Tomas\Downloads\ZS - rocenka grafity.jpg:$CmdTcID [64]
AlternateDataStreams: C:\Users\Tomas\Downloads\ZS - rocenka grafity.jpg:$CmdZnID [26]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3061203490-3799476124-1463932836-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Pak sem vložte log.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?