﻿Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2016 01
Ran by Medcin (administrator) on MEDCIN-PC (16-08-2016 20:23:51)
Running from C:\Users\Medcin\Desktop
Loaded Profiles: Medcin (Available Profiles: Medcin & Host & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(Saitek) C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Advanced Micro Devices, Inc.) D:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
() D:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
(VMware, Inc.) D:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(StarWind Software) D:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
() D:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
() D:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
(Flux Software LLC) C:\Users\Medcin\AppData\Local\FluxSoftware\Flux\flux.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieCtrl.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\USB Sound Blaster HD\Volume Panel\VolPanlu.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(VMware, Inc.) D:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Mister Group) D:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Mister Group) D:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Elaborate Bytes AG) D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Safer-Networking Ltd.) D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(forum.viry.cz) C:\Users\Medcin\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Creative SB Monitoring Utility] => RunDll32 sbavmon.dll,SBAVMonitor
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4867784 2015-12-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8483032 2015-05-28] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\USB Sound Blaster HD\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software)
HKLM-x32\...\Run: [vmware-tray.exe] => D:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114368 2014-11-20] (VMware, Inc.)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "D:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-08-09] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-04-27] (Raptr, Inc)
HKLM-x32\...\Run: [SDTray] => D:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2619202866-608722593-246454129-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-08-27] (Siber Systems)
HKU\S-1-5-21-2619202866-608722593-246454129-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-2619202866-608722593-246454129-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-2619202866-608722593-246454129-1000\...\Run: [Allway Sync] => D:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [94416 2014-06-26] ()
HKU\S-1-5-21-2619202866-608722593-246454129-1000\...\Run: [f.lux] => C:\Users\Medcin\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-2619202866-608722593-246454129-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8891608 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-2619202866-608722593-246454129-1000\...\Run: [SandboxieControl] => d:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-15] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2619202866-608722593-246454129-1000\...\Run: [Medcin] => explorer.exe hxxp://kb-ribaki.org <===== ATTENTION
HKU\S-1-5-21-2619202866-608722593-246454129-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2014-08-26]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{346081c0-416a-4418-b8f2-04d5047be56f}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{9238b79f-910b-4fc2-aacf-ac619aa08830}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{dc89cb83-7d66-422e-b0bc-eadcfabd9536}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-08-20] (Siber Systems Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-15] (Microsoft Corporation)
BHO-x32: No Name -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2014-08-20] (Siber Systems Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-15] (Microsoft Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-08-20] (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2014-08-20] (Siber Systems Inc.)
Toolbar: HKLM-x32 - No Name - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} -  No File
Toolbar: HKU\S-1-5-21-2619202866-608722593-246454129-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-08-20] (Siber Systems Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - D:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - D:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom)
FF Plugin HKU\S-1-5-21-2619202866-608722593-246454129-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Medcin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2619202866-608722593-246454129-1000: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-03]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-03-10] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - D:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - D:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2014-10-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-03]

Chrome: 
=======
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Torrent Search) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee [2016-08-14]
CHR Extension: (Dokumenty Google) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (500px) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\egpociadnldbkfkjpmjoaibnbcoeplja [2014-09-28]
CHR Extension: (Avast SafePrice) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-08-16]
CHR Extension: (My JDownloader) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2016-08-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (Planetarium) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2015-08-06]
CHR Extension: (Avast Online Security) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-20]
CHR Extension: (Pocket Website) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap [2014-08-26]
CHR Extension: (Save to Pocket) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-08-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-16]
CHR Extension: (RoboForm Password Manager) - C:\Users\Medcin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-03-18]
CHR HKU\S-1-5-21-2619202866-608722593-246454129-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-05-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-03]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-08-27]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; D:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-07-18] (Advanced Micro Devices) [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-03] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5570272 2016-05-03] (Avast Software)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S2 AxAutoMntSrv; D:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 BotkindSyncService; D:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2014-06-24] () [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [344288 2015-03-20] (Futuremark)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 OpenVPNService; D:\Program Files\OpenVPN\bin\openvpnserv.exe [37504 2016-03-10] (The OpenVPN Project)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-08-09] (Plays.tv, LLC)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-05-18] ()
R2 SaiDOutput; C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe [233984 2014-07-30] (Saitek) [File not signed]
R2 SbieSvc; d:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-15] (Sandboxie Holdings, LLC)
R2 SDScannerService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; D:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 StarWindServiceAE; D:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 SystemExplorerHelpService; D:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7248144 2016-08-08] (TeamViewer GmbH)
R2 VMAuthdService; D:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [87744 2014-11-20] (VMware, Inc.)
R2 VMwareHostd; D:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12730560 2014-11-20] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [313760 2016-07-25] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; D:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-05-08] ()
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [79216 2016-07-31] (AVAST Software)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [110096 2016-04-26] (Advanced Micro Devices)
R3 AVerFx2hbtv64; C:\Windows\system32\drivers\AVerFx2hbtv64.sys [512512 2009-12-08] (AVerMedia TECHNOLOGIES, Inc.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-08-16] ()
R3 ksaud; C:\Windows\system32\drivers\ksaud.sys [1558528 2013-03-26] (Creative Technology Ltd.)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [161760 2016-05-03] (AVAST Software)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek                                            )
R3 SaiK0762; C:\Windows\System32\drivers\SaiK0762.sys [179872 2014-08-05] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SbieDrv; d:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-15] (Sandboxie Holdings, LLC)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [323392 2016-05-03] (Avast Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2014-11-17] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 cpuz138; \??\C:\WINDOWS\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 GPUZ; \??\C:\WINDOWS\TEMP\GPUZ.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-16 20:23 - 2016-08-16 20:24 - 00029465 _____ C:\Users\Medcin\Desktop\FRST.txt
2016-08-16 20:22 - 2016-08-16 20:22 - 00112640 _____ (forum.viry.cz) C:\Users\Medcin\Desktop\FRSTLauncher.exe
2016-08-16 20:01 - 2016-08-16 20:23 - 00000000 ____D C:\FRST
2016-08-16 20:01 - 2016-08-16 20:01 - 00048720 _____ C:\Users\Medcin\Desktop\Fixlog.txt
2016-08-16 19:58 - 2016-08-16 20:23 - 02394624 _____ (Farbar) C:\Users\Medcin\Desktop\FRST64.exe
2016-08-16 19:47 - 2016-08-16 19:50 - 00000000 ____D C:\AdwCleaner
2016-08-16 19:41 - 2016-08-16 19:47 - 03784256 _____ C:\Users\Medcin\Desktop\adwcleaner_6.000.exe
2016-08-16 19:09 - 2016-08-16 19:09 - 00000000 _____ C:\autoexec.bat
2016-08-16 19:03 - 2016-08-16 19:03 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-08-16 06:32 - 2016-08-16 06:32 - 00000000 ____D C:\Users\Medcin\Documents\ProcAlyzer Dumps
2016-08-15 23:45 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-08-15 23:41 - 2016-08-15 23:44 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-15 23:38 - 2016-08-16 06:21 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-15 23:38 - 2016-08-15 23:38 - 00001098 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-15 23:38 - 2016-08-15 23:38 - 00001098 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-15 23:38 - 2016-08-15 23:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-15 23:38 - 2016-08-15 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-15 23:38 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-08-15 23:29 - 2016-08-15 23:37 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Medcin\Downloads\spybot-2.4.exe
2016-08-15 18:32 - 2016-08-15 18:42 - 80646993 _____ (Aslain ) C:\Users\Medcin\Downloads\Aslains_WoT_Modpack_Installer_v.9.15.1.1.03.exe
2016-08-14 11:40 - 2016-08-14 11:40 - 01002393 _____ C:\Users\Medcin\Downloads\9.15.1.1-[ZJ]-AimBot---Shaytan-AimBOT-Build-076-TRIAL-By-ZorroJan.zip
2016-08-14 11:37 - 2016-08-14 11:48 - 69790951 _____ (Aslain ) C:\Users\Medcin\Downloads\Aslains_WoT_Modpack_Installer_v.9.15.1.1.02.exe
2016-08-13 21:49 - 2016-08-13 21:49 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-13 21:47 - 2016-08-13 21:48 - 08136664 _____ (Piriform Ltd) C:\Users\Medcin\Downloads\ccsetup520.exe
2016-08-09 20:24 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-09 20:24 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-09 20:24 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-09 20:24 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-09 20:24 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-09 20:24 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-09 20:24 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-09 20:24 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-09 20:24 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-09 20:24 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-09 20:24 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-09 20:24 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-09 20:24 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-09 20:24 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-09 20:24 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-09 20:24 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-09 20:24 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-09 20:24 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-09 20:24 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-09 20:24 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-09 20:24 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-09 20:24 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-09 20:24 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-09 20:24 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-09 20:24 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-09 20:24 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-09 20:24 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-09 20:24 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-09 20:24 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-09 20:24 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-09 20:24 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-09 20:24 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-09 20:24 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-09 20:24 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-09 20:24 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-09 20:24 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-09 20:24 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-09 20:24 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-09 20:24 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-09 20:24 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-09 20:24 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-09 20:24 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-09 20:24 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-09 20:24 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-09 20:24 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-09 20:24 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-09 20:24 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-09 20:24 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-09 20:24 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-09 20:24 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-09 20:24 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-09 20:24 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-09 20:24 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-09 20:24 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-09 20:24 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-09 20:24 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-09 20:24 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-09 20:24 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-09 20:24 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-09 20:24 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-09 20:24 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-09 20:24 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-09 20:24 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-09 20:24 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-09 20:24 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-09 20:24 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-09 20:24 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-09 20:24 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-09 20:24 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-09 20:24 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-09 20:24 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-09 20:24 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-09 20:24 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-09 20:24 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-09 20:24 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-09 20:24 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-09 20:24 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-09 20:24 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-09 20:24 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-09 20:24 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-09 20:24 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-09 20:24 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-09 20:24 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-09 20:24 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-09 20:24 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-09 20:24 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-09 20:24 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-09 20:23 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-09 20:23 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-09 20:23 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-09 20:23 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-09 20:23 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-09 20:23 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-09 20:23 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-09 20:23 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-09 20:23 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-09 20:23 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-09 20:23 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-09 20:23 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-09 20:23 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-09 20:23 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-09 20:23 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-09 20:23 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-09 20:23 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-09 20:23 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-09 20:23 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-09 20:23 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-09 20:23 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-09 20:23 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-09 20:23 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-09 20:23 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-09 20:23 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-09 20:23 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-09 20:23 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-09 20:23 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-09 20:23 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-09 20:23 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-09 20:23 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-09 20:23 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-09 20:23 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-09 20:23 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-09 20:23 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-09 20:23 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-09 20:23 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-09 20:23 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-09 20:23 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-09 20:23 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-09 20:23 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-09 20:23 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-01 18:32 - 2016-08-01 18:32 - 02166272 _____ (LinGon) C:\Users\Medcin\Desktop\TheWitcher3_WH+32Tr-LNG_v1.22_rev1.exe
2016-08-01 07:21 - 2016-07-31 19:01 - 00079216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2016-07-31 23:04 - 2016-07-31 23:04 - 01819136 _____ (3DMGAME) C:\Users\Medcin\Desktop\The Witcher 3 Wild Hunt v1.02-v1.22 Plus 22 Trainer.exe
2016-07-31 23:01 - 2016-07-31 23:02 - 01963449 _____ C:\Users\Medcin\Downloads\TheWitcher3_WH+32Tr-LNG_v1.22.rar
2016-07-25 22:55 - 2016-07-25 22:55 - 08653128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 07044704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00474992 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00151456 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00135288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00119744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00119744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00102040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 00102040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-07-25 22:54 - 2016-07-25 22:54 - 00155616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 26632720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00874520 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00279056 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00267288 _____ C:\WINDOWS\system32\GameManager64.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00261656 _____ C:\WINDOWS\system32\clinfo.exe
2016-07-25 22:53 - 2016-07-25 22:53 - 00260112 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00232472 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00225808 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00151056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00128528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00126488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00121872 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00110104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00012824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00012816 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 15720464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00513040 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-07-25 22:52 - 2016-07-25 22:52 - 00451088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00278544 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-07-25 22:52 - 2016-07-25 22:52 - 00222736 _____ C:\WINDOWS\system32\atieah64.exe
2016-07-25 22:52 - 2016-07-25 22:52 - 00200720 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-07-25 22:52 - 2016-07-25 22:52 - 00194064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00115216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00102416 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00099856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00099856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00071184 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00060944 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 00059920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2016-07-25 22:51 - 2016-07-25 22:51 - 48806416 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 14311440 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 08827920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 07084560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 02369040 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 02279440 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 02138640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 01828880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 01318416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 00985104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 00394256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-07-25 22:51 - 2016-07-25 22:51 - 00064528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 00057872 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 00052240 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-07-25 22:50 - 2016-07-25 22:50 - 27480592 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-07-25 22:50 - 2016-07-25 22:50 - 00059408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-07-25 22:50 - 2016-07-25 22:50 - 00047120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 08619024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 06947344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00742928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00618512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00313760 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2016-07-25 22:49 - 2016-07-25 22:49 - 00213520 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00193040 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00173072 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00104984 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00095760 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00075280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-07-25 22:49 - 2016-07-25 22:49 - 00058896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-07-25 22:46 - 2016-07-25 22:46 - 00033255 _____ C:\Users\Medcin\Downloads\The_Witcher_3_OST_(Ultimate_Collection_Soundtrack).torrent
2016-07-25 22:45 - 2016-07-25 22:45 - 32548376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-07-25 22:45 - 2016-07-25 22:45 - 00341520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2016-07-25 22:45 - 2016-07-25 22:45 - 00283664 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-07-25 22:45 - 2016-07-25 22:45 - 00240664 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-07-25 22:45 - 2016-07-25 22:45 - 00100880 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-07-25 22:40 - 2016-07-25 22:40 - 00019650 _____ C:\Users\Medcin\Downloads\[Defloration]_Dunya_Konoplya_(Hardcore_-_23.07.2015).torrent
2016-07-25 18:52 - 2016-07-25 21:30 - 1164180103 _____ C:\Users\Medcin\Downloads\Dunya Konoplya - Solo.mp4
2016-07-25 18:39 - 2016-07-25 18:39 - 00024595 _____ C:\Users\Medcin\Downloads\[Defloration]_Alesya_Gagarina_(aka_Aleysa_Gagarina,_Eva_Briancon)_(Losing_of_Virginity)_[2016].torrent
2016-07-25 18:34 - 2016-07-25 18:34 - 00008595 _____ C:\Users\Medcin\Downloads\vpngate_vpn217994201.opengw.net_udp_1753 (1).ovpn
2016-07-25 13:40 - 2016-07-25 13:40 - 00149008 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2016-07-25 13:40 - 2016-07-25 13:40 - 00117808 _____ C:\WINDOWS\system32\kapp_ci.sbin
2016-07-25 13:40 - 2016-07-25 13:40 - 00112336 _____ C:\WINDOWS\system32\kapp_si.sbin
2016-07-25 13:39 - 2016-07-25 13:39 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-07-25 13:39 - 2016-07-25 13:39 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-07-25 13:39 - 2016-07-25 13:39 - 00368672 _____ C:\WINDOWS\system32\ativvaxy_el_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00322996 _____ C:\WINDOWS\system32\ativvaxy_vi.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00322736 _____ C:\WINDOWS\system32\ativvaxy_vi_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00270912 _____ C:\WINDOWS\system32\ativvaxy_stn_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00266816 _____ C:\WINDOWS\system32\ativvaxy_cz_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00260980 _____ C:\WINDOWS\system32\ativvaxy_FJ.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00260720 _____ C:\WINDOWS\system32\ativvaxy_FJ_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00234292 _____ C:\WINDOWS\system32\ativvaxy_cik.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00234032 _____ C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00177280 _____ C:\WINDOWS\system32\ativce03.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat
2016-07-25 13:38 - 2016-07-25 13:38 - 00731440 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-07-25 13:38 - 2016-07-25 13:38 - 00731440 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-07-25 13:37 - 2016-07-25 13:37 - 00890373 _____ C:\WINDOWS\system32\amdicdxx.dat
2016-07-25 13:37 - 2016-07-25 13:37 - 00175584 _____ C:\WINDOWS\system32\amde31a.dat
2016-07-25 13:37 - 2016-07-25 13:37 - 00166624 _____ C:\WINDOWS\system32\amde34b.dat
2016-07-25 13:37 - 2016-07-25 13:37 - 00166624 _____ C:\WINDOWS\system32\amde34a.dat
2016-07-25 13:37 - 2016-07-25 13:37 - 00016827 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2016-07-25 10:57 - 2016-07-25 15:57 - 00001450 _____ C:\Users\Medcin\Desktop\witcher3 – zástupce.lnk
2016-07-25 09:10 - 2016-07-25 09:10 - 00001071 _____ C:\Users\Public\Desktop\The Witcher 3 Wild Hunt.lnk
2016-07-25 08:21 - 2016-07-25 08:21 - 00003544 _____ C:\WINDOWS\System32\Tasks\Medcin
2016-07-24 23:13 - 2016-07-24 23:14 - 00000000 ____D C:\Users\Medcin\Documents\FLiNGTrainer
2016-07-24 23:12 - 2016-07-24 23:12 - 00729141 _____ C:\Users\Medcin\Downloads\The.Witcher.3.Wild.Hunt.v1.02-v1.22.Plus.22.Trainer-FLiNG.rar
2016-07-24 14:58 - 2016-07-24 14:58 - 00039023 _____ C:\Users\Medcin\Downloads\liz_et3.mid
2016-07-24 10:24 - 2016-07-24 10:25 - 00379464 _____ C:\Users\Medcin\Downloads\unrarw32.exe
2016-07-23 21:17 - 2016-07-23 21:17 - 00000509 _____ C:\Users\Public\Desktop\FSC 9.lnk
2016-07-23 16:03 - 2016-07-23 16:29 - 137986218 _____ (Aslain ) C:\Users\Medcin\Downloads\Aslains_WoT_Modpack_Installer_v.9.15.34.exe
2016-07-23 13:54 - 2016-07-23 13:54 - 00312490 _____ C:\Users\Medcin\Downloads\FS2Crew_RAAS_PMDG_777_Update (1).zip
2016-07-18 17:02 - 2016-07-18 17:02 - 02412544 _____ C:\WINDOWS\system32\amdacpusl.pdb
2016-07-18 16:51 - 2016-07-18 16:51 - 00364544 _____ (Advanced Micro Devices) C:\WINDOWS\system32\amdacpusl.dll
2016-07-18 16:51 - 2016-07-18 16:51 - 00306176 _____ C:\WINDOWS\system32\amdacpusl.pdb.pub
2016-07-18 16:51 - 2016-07-18 16:51 - 00248832 _____ (Advanced Micro Devices) C:\WINDOWS\SysWOW64\amdacpusl.dll
2016-07-18 00:43 - 2016-07-18 00:45 - 00000000 ____D C:\Users\Medcin\Downloads\Professional Flight Planner X v1.23 + kEYGEN
2016-07-18 00:39 - 2016-07-18 00:39 - 00000000 ___RD C:\Sandbox
2016-07-18 00:36 - 2016-07-18 00:35 - 00000890 _____ C:\Users\Medcin\Desktop\Sandbox webový prohlížeč.lnk
2016-07-18 00:35 - 2016-08-16 19:53 - 00001748 _____ C:\WINDOWS\Sandboxie.ini
2016-07-18 00:35 - 2016-07-18 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-07-17 21:08 - 2016-07-18 00:35 - 08969872 _____ (Sandboxie Holdings, LLC) C:\Users\Medcin\Downloads\SandboxieInstall.exe
2016-07-17 20:26 - 2016-07-17 20:26 - 00013088 _____ C:\Users\Medcin\Downloads\84E214E96A27FA2002052BB32635B6E01D948D83.torrent
2016-07-17 20:19 - 2016-07-17 20:19 - 00003604 _____ C:\Users\Medcin\Downloads\Professional.Flight.Planner.X.v1.23.+.kEYGEN.torrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-16 20:17 - 2016-05-05 16:56 - 00000000 ____D C:\Users\Medcin\AppData\Roaming\PlaysTV
2016-08-16 20:16 - 2016-02-24 00:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-16 20:16 - 2014-12-06 17:11 - 00000000 ____D C:\ProgramData\VMware
2016-08-16 20:15 - 2016-02-26 16:05 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-08-16 20:15 - 2015-10-30 08:28 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2016-08-16 19:13 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-16 19:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-16 19:09 - 2016-02-24 00:39 - 00000000 ____D C:\Users\Medcin
2016-08-16 02:00 - 2014-08-28 20:17 - 00000000 ____D C:\Users\Medcin\AppData\Local\Adobe
2016-08-15 23:45 - 2015-12-03 18:22 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-15 22:29 - 2014-08-26 20:44 - 00000000 ____D C:\Users\Medcin\Documents\AVerTV
2016-08-15 22:02 - 2015-08-11 20:46 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-08-15 20:16 - 2016-02-24 00:48 - 00000000 ____D C:\Users\Medcin\AppData\Local\Packages
2016-08-15 20:00 - 2014-08-26 20:43 - 00000000 ____D C:\Users\Medcin\AppData\Local\AVerMedia
2016-08-14 22:56 - 2014-08-27 22:51 - 00000000 ____D C:\Users\Medcin\AppData\Roaming\vlc
2016-08-14 03:58 - 2015-05-27 22:20 - 00000000 ____D C:\Users\Medcin\Documents\The Witcher 3
2016-08-14 00:38 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-13 22:51 - 2014-12-24 16:51 - 00000000 ____D C:\Users\Medcin\AppData\Local\Frontier_Developments
2016-08-13 22:32 - 2015-12-03 01:06 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-08-13 21:50 - 2016-03-03 17:28 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-10 20:30 - 2016-02-24 00:48 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-10 18:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-10 07:35 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-10 07:35 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 07:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-10 01:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 01:06 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-09 20:06 - 2014-08-25 23:23 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-09 20:00 - 2014-08-25 23:23 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-06 23:22 - 2016-02-24 00:39 - 00006774 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-06 23:22 - 2015-10-30 20:31 - 01108804 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-06 23:22 - 2015-10-30 20:31 - 00275858 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-06 18:26 - 2014-08-26 17:46 - 00000000 ____D C:\Users\Medcin\AppData\Local\AMD
2016-08-06 00:13 - 2015-05-29 00:18 - 00000000 ____D C:\Program Files\AMD
2016-08-05 16:38 - 2014-11-30 18:55 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-08-05 16:37 - 2014-08-26 06:20 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-03 19:29 - 2015-12-03 21:12 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-28 23:52 - 2014-08-29 21:39 - 00000000 ____D C:\Users\Medcin\AppData\Roaming\gsak
2016-07-28 22:48 - 2014-08-29 21:39 - 00000000 ____D C:\gsak
2016-07-28 17:17 - 2016-02-22 17:55 - 00000000 ____D C:\Users\Medcin\AppData\Roaming\Skype
2016-07-28 16:54 - 2016-06-14 19:44 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-28 16:54 - 2016-02-22 17:55 - 00000000 ____D C:\ProgramData\Skype
2016-07-26 23:45 - 2014-08-26 19:06 - 00000587 _____ C:\Users\Medcin\Desktop\Total Commander 64 bit.lnk
2016-07-25 22:56 - 2016-04-05 09:45 - 00149352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-07-25 22:56 - 2016-02-03 18:13 - 00180432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-07-25 22:56 - 2016-02-03 18:12 - 10284832 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-07-25 22:56 - 2016-02-03 18:12 - 09310736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-07-25 22:56 - 2016-02-03 18:12 - 08864056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-07-25 22:56 - 2016-02-03 18:12 - 07234256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-07-25 22:55 - 2016-04-05 09:43 - 09108624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-07-25 22:55 - 2016-02-03 18:12 - 10967952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-07-25 22:55 - 2016-02-03 18:12 - 01546848 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-07-25 22:55 - 2016-02-03 18:12 - 01272432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-07-25 22:55 - 2016-02-03 18:12 - 00160792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-07-25 22:55 - 2016-02-03 18:12 - 00133808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-07-25 22:54 - 2016-04-05 09:43 - 00134776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-07-25 22:52 - 2016-04-05 09:38 - 00167952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-07-25 22:52 - 2016-02-03 18:06 - 26717720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-07-25 22:52 - 2016-02-03 17:10 - 00509464 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-07-25 22:51 - 2016-04-05 09:37 - 00985104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-07-25 22:50 - 2016-04-05 09:35 - 38257680 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-07-25 22:50 - 2016-04-05 09:35 - 21632528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-07-25 15:13 - 2014-08-26 19:55 - 00000000 ____D C:\Users\Medcin\Documents\Flight Simulator X Files
2016-07-24 15:58 - 2014-08-26 17:43 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-23 21:17 - 2014-09-03 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2016-07-23 21:17 - 2014-08-25 22:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-23 21:14 - 2015-10-30 09:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-07-23 21:14 - 2015-10-30 09:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-07-23 21:14 - 2015-10-30 09:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-07-23 21:14 - 2015-10-30 09:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-07-23 21:14 - 2015-10-30 09:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-07-23 21:14 - 2015-10-30 09:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-07-23 21:14 - 2015-10-30 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-07-23 21:14 - 2015-10-30 09:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-07-23 21:14 - 2015-10-30 09:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-07-23 21:14 - 2015-10-30 09:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-07-23 21:14 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-07-23 21:14 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-07-23 21:14 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-07-23 21:14 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-07-23 21:14 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-07-23 21:14 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-07-23 21:14 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-07-23 21:14 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-07-23 18:02 - 2016-02-24 00:37 - 04926576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-23 13:44 - 2014-10-18 17:02 - 00000000 ____D C:\Users\Medcin\AppData\Roaming\TeamViewer
2016-07-18 23:15 - 2016-03-14 01:46 - 00000000 ____D C:\Users\Public\Documents\PFPX Data
2016-07-17 20:40 - 2016-03-13 23:43 - 00000740 _____ C:\Users\Medcin\Desktop\TOPCAT - Take-Off and Landing Performance Calculation Tool.lnk
2016-07-17 20:40 - 2016-03-13 23:43 - 00000000 ____D C:\Users\Medcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TOPCAT

==================== Files in the root of some directories =======

2015-03-22 18:53 - 2015-03-22 19:02 - 0003225 _____ () C:\Users\Medcin\AppData\Roaming\GrandOrgueConfig
2015-11-17 22:17 - 2015-11-17 22:17 - 0003584 _____ () C:\Users\Medcin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-31 16:39 - 2016-02-27 16:09 - 0007637 _____ () C:\Users\Medcin\AppData\Local\Resmon.ResmonCfg
2014-10-05 18:08 - 2009-11-17 15:54 - 0002844 _____ () C:\ProgramData\CfSB1240.ini
2014-10-05 18:08 - 2013-03-26 12:54 - 0002844 _____ () C:\ProgramData\CfSB1240A.ini

Some files in TEMP:
====================
C:\Users\Medcin\AppData\Local\Temp\EsgInstallerResumeAction_1f7c3496d57205882af57e4000770add.exe
C:\Users\Medcin\AppData\Local\Temp\libeay32.dll
C:\Users\Medcin\AppData\Local\Temp\msvcr120.dll
C:\Users\Medcin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-14 09:46

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:111.13 GB) (Free:33.77 GB) NTFS
Drive d: (Support) (Fixed) (Total:698.63 GB) (Free:138.36 GB) NTFS
Drive e: () (Fixed) (Total:698.63 GB) (Free:137.58 GB) NTFS
Drive g: (Seagate Expansion Drive) (Fixed) (Total:1863.01 GB) (Free:155.37 GB) NTFS
Drive h: (Data) (Fixed) (Total:1397.26 GB) (Free:302.82 GB) NTFS
Drive w: (Video) (Fixed) (Total:1953.12 GB) (Free:292.77 GB) NTFS

Available physical RAM: 5709.73 MB
Total physical RAM: 8090.99 MB
Percentage of memory in use: 29%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 111.8 GB) (Disk ID: D080CC36)
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 1397.3 GB) (Disk ID: D7321004)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 2328.8 GB) (Disk ID: 50115010)
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: A9D63527)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: FAE12D4F)
Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS)
Disk: 5 (Size: 1863 GB) (Disk ID: C8E370D9)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [922]

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Medcin\Desktop" je 263 MB.
 
 
***** Startup Programs *****
 
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingSvc
C:\Users\Medcin\AppData\Local\Microsoft\BingSvc\BingSvc.exe  

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageBrowser EX Agent.lnk
C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Medcin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EOS Utility.lnk
C:\PROGRA~2\Canon\EOSUTI~1\EOSUTI~1.EXE /AutoStartUp [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Medcin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odeslat do OneNote.lnk
D:\PROGRA~1\MICROS~1\Office15\ONENOTEM.EXE /tsr [x]

 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    DisableNotifications    REG_DWORD    0x0
    EnableFirewall    REG_DWORD    0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="D:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"D:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="D:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"D:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="D:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"D:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="D:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

 
==================== End Of Log ==============================
