kontrola T-Bag

[T-Bag]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tibor at 2015-09-15 09:56:15
Microsoft Windows 10 Pro
System drive C: has 295 GB (68%) free of 434 GB
Total RAM: 3959 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:56:42, on 15.9.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
C:\Users\Tibor\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Tibor\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Tibor\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Tibor\AppData\Local\MEGAsync\MEGAsync.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Opera beta\32.0.1948.19\opera.exe
C:\Program Files (x86)\Opera beta\32.0.1948.19\opera_crashreporter.exe
C:\Program Files (x86)\Opera beta\32.0.1948.19\opera.exe
C:\Program Files (x86)\Opera beta\32.0.1948.19\opera.exe
C:\Program Files (x86)\Opera beta\32.0.1948.19\opera.exe
C:\Program Files (x86)\Opera beta\32.0.1948.19\opera.exe
C:\Program Files (x86)\Opera beta\32.0.1948.19\opera.exe
C:\Program Files (x86)\Opera beta\32.0.1948.19\opera.exe
C:\Program Files\trend micro\Tibor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13014
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Tibor\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Epson Stylus SX420W(Sieť)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE /FU "C:\Windows\TEMP\E_SB4B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Tibor\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Tibor\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Unified Remote V3] "C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Tibor\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Viber] "C:\Users\Tibor\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Tibor\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-21-1859978756-2034483630-3595472620-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [uTorrent] "C:\Users\Tibor\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED (User '?')
O4 - HKUS\S-1-5-21-1859978756-2034483630-3595472620-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Spotify Web Helper] "C:\Users\Tibor\AppData\Roaming\Spotify\SpotifyWebHelper.exe" (User '?')
O4 - HKUS\S-1-5-21-1859978756-2034483630-3595472620-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User '?')
O4 - HKUS\S-1-5-21-1859978756-2034483630-3595472620-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Viber] "C:\Users\Tibor\AppData\Local\Viber\Viber.exe" StartMinimized (User '?')
O4 - HKUS\S-1-5-21-1859978756-2034483630-3595472620-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (User '?')
O4 - HKUS\S-1-5-21-1859978756-2034483630-3595472620-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [OneDrive] "C:\Users\Tibor\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (User '?')
O4 - S-1-5-21-1859978756-2034483630-3595472620-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: MEGAsync.lnk = C:\Users\Tibor\AppData\Local\MEGAsync\MEGAsync.exe (User '?')
O4 - Startup: MEGAsync.lnk = C:\Users\Tibor\AppData\Local\MEGAsync\MEGAsync.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Chrome Remote Desktop Service (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14693 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\WINDOWS\system32\nvvsvc.exe"
dashost.exe {a5144558-d254-4526-958d615b72a0504c}
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
"C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe"
"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe" --type=host --daemon-pipe=592
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 8b163b96-812b-4539-b5d4-5598a5ea9640 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-bd46-5f153db97e73 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
C:\WINDOWS\System32\msdtc.exe
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{48DA6741-1BF0-4A44-8325-293086C79077}

C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\system32\svchost.exe -k appmodel

"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\System32\svchost.exe -k AppReadiness
C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe"
"C:\Users\Tibor\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
szndesktop.exe default start
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Tibor\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\Tibor\AppData\Local\MEGAsync\MEGAsync.exe"
"C:\Users\Tibor\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"fontdrvhost.exe"
ctfmon.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe"
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -PID:"9308" -RunMxAddonsMgr -UserName:"tiborbartos49@gmail.com" -AppDataPath:"C:\Users\Tibor\AppData\Roaming\Maxthon3\" -ProductType:"intl" -LangIni:"C:\Program Files (x86)\Maxthon\Language\sk-sk.ini" /prefetch:87E4E14A
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -RunResMgr -MainFrmIpc:"IPC_M_R_0000245C" -UsersFolder:"C:\Users\Tibor\AppData\Roaming\Maxthon3\Users\" -UserName:"tiborbartos49@gmail.com" -AppDataPath:"C:\Users\Tibor\AppData\Roaming\Maxthon3\" -ProductType:"intl" -LangIni:"C:\Program Files (x86)\Maxthon\Language\sk-sk.ini" /prefetch:A9C14CE7
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -RunCore -CoreType:"webkit-normal-0-sp-0000245C-1" -MainFrmIpc:"IPC_M_C_0000245C" -ResMgrIpc:"IPC_R_C_0000245C" -UserName:"tiborbartos49@gmail.com" -CustomCacheFolder:"%TEMP%\Maxthon3Cache\Temp\Webkit\Cache" -SyEvent:"mxevent_IPC_R_C_0000245C" -AppDataPath:"C:\Users\Tibor\AppData\Roaming\Maxthon3\" -ProductType:"intl" -LangIni:"C:\Program Files (x86)\Maxthon\Language\sk-sk.ini" /prefetch:6DC8A9CE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\CompatTelRunner.exe CI4Zhx88LkKhl5ta.1
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -RunCore -CoreType:"webkit-normal-0-sp-0000245C-0" -MainFrmIpc:"IPC_M_C_0000245C_0001" -ResMgrIpc:"IPC_R_C_0000245C_0001" -UserName:"tiborbartos49@gmail.com" -CustomCacheFolder:"%TEMP%\Maxthon3Cache\Temp\Webkit\Cache" -SyEvent:"mxevent_IPC_R_C_0000245C_0001" -AppDataPath:"C:\Users\Tibor\AppData\Roaming\Maxthon3\" -ProductType:"intl" -LangIni:"C:\Program Files (x86)\Maxthon\Language\sk-sk.ini" /prefetch:6DC8A9CE
taskhostw.exe
C:\WINDOWS\TEMP\47129D35-786F-43AD-BD63-F8105F7B0E93\dismhost.exe {2739708B-273B-4CAD-8FF5-0B083C5E7EC6}
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -RunMxDl -IPC_M_D_NAME:"IPC_M_D_0000245C" -IPC_C_D_NAME:"IPC_C_D_000020C4" -IPC_R_D_NAME:"IPC_R_D_0000245C" -UpConf:"2" -UpTypes:"WyJibXAiLCAianBlZyIsICJqcGciLCAiZ2lmIiwgInBuZyIsICJ3YXYiLCAicm1hIiwgIm1pZGkiLCAibXAzIiwgIndtYSIsICJhYWMiLCAibXBhIiwgImRvYyIsICJkb2N4IiwgInhscyIsICJ4bHN4IiwgInBwdCIsICJwcHR4IiwgInBwcyIsICJwcHN4IiwgInR4dCIsICJwZGYiLCAid3BzIiwgImVwdWIiLCAib2RmIiwgImFwayJd" -SyEvent:"mxevent_IPC_R_D_0000245C" -MxdlConfigFolder:"C:\Users\Tibor\AppData\Roaming\Maxthon3\Public\Downloader\" -AppDataPath:"C:\Users\Tibor\AppData\Roaming\Maxthon3\" -ProductType:"intl" -LangIni:"C:\Program Files (x86)\Maxthon\Language\sk-sk.ini" /prefetch:27C674F9
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Opera beta\32.0.1948.19\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera beta\32.0.1948.19\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=8140
"C:\Program Files (x86)\Opera beta\32.0.1948.19\opera.exe" --type=gpu-process --channel="8140.0.511838033\448974883" --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4620 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,26,51,61 --gpu-vendor-id=0x10de --gpu-device-id=0x0df1 --gpu-driver-vendor=NVIDIA --gpu-driver-version=10.18.13.5354 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4620 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera beta\32.0.1948.19\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=en-US --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4620 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="8140.2.316042038\1758565829" /prefetch:673131151
"C:\Program Files (x86)\Opera beta\32.0.1948.19\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=en-US --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4620 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="8140.3.282371074\1334159801" /prefetch:673131151
"C:\Program Files (x86)\Opera beta\32.0.1948.19\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=en-US --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4620 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="8140.4.601495169\1925578902" /prefetch:673131151
"C:\Program Files (x86)\Opera beta\32.0.1948.19\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=en-US --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4620 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="8140.6.1619574398\1578134374" /prefetch:673131151
C:\WINDOWS\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:1
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\msiexec.exe /V
"C:\Program Files (x86)\Opera beta\32.0.1948.19\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=en-US --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4620 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="8140.13.1113878538\1266243313" /prefetch:673131151
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
"C:\WINDOWS\system32\wuauclt.exe" /RunHandlerComServer
wmiadap.exe /R /T
C:\WINDOWS\system32\wbem\wmiprvse.exe

"C:\Users\Tibor\Downloads\RSITx64.exe"
"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.1
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 592 596 604 8192 600

======Scheduled tasks folder======

C:\WINDOWS\tasks\0415avtUpdateInfo.job - C:\ProgramData\Avg_Update_0415avt\0415avt_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0415avt /INFORETRY=3
C:\WINDOWS\tasks\0615avtUpdateInfo.job - C:\ProgramData\Avg_Update_0615avt\0615avt_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0615avt /INFORETRY=3
C:\WINDOWS\tasks\0715avtUpdateInfo.job - C:\ProgramData\Avg_Update_0715avt\0715avt_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0715avt /INFORETRY=3
C:\WINDOWS\tasks\0915avtUpdateInfo.job - C:\ProgramData\Avg_Update_0915avt\0915avt_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0915avt /INFORETRY=3 /RUNBY=AV
C:\WINDOWS\tasks\1014avUpdateInfo.job - C:\ProgramData\Avg_Update_1014av\1014av_AVG-Secure-Search-Update.exe /SETINFO /CMPID=1014av /INFORETRY=3
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\FormatFixer.job - c:\programdata\{7508c2b2-e7dd-3cad-7508-8c2b2e7d0acb}\9737.exe --startup=1 --single
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\06mfpdce.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL


C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\06mfpdce.default\extensions\
i@VuW8FwSeAG.org
kyi_dmcwblvh@wb_tcxzxinaei_hsfet.com
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-08-14 13675736]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-17 2461504]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-09-17 2799784]
"PLFSetL"=C:\Windows\PLFSetL.exe []
"SNUVCDSM"=C:\Windows\snuvcdsm.exe []
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-09-15 3935912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"InstallSmbDrv"=C:\Program Files\Synaptics\SynTP\dpinst.exe [2015-09-15 1048232]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Tibor\AppData\Roaming\uTorrent\uTorrent.exe [2015-05-31 1694560]
"Epson Stylus SX420W(Sieť)"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE [2009-09-14 224768]
"cz.seznam.software.autoupdate"=C:\Users\Tibor\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Tibor\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Unified Remote V3"=C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [2015-05-13 4278992]
"Spotify Web Helper"=C:\Users\Tibor\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-05-31 2021944]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-09-04 55357464]
"Viber"=C:\Users\Tibor\AppData\Local\Viber\Viber.exe [2015-06-10 80035536]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]
"OneDrive"=C:\Users\Tibor\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-09-15 405584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2014-10-08 408888]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2009-12-03 976320]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-08-24 3775912]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

C:\Users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MEGAsync.lnk - C:\Users\Tibor\AppData\Local\MEGAsync\MEGAsync.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-15 09:56:18 ----D---- C:\Program Files\trend micro
2015-09-15 09:56:15 ----D---- C:\rsit
2015-09-15 09:50:11 ----SHD---- C:\Config.Msi
2015-09-15 09:49:55 ----DC---- C:\WINDOWS\Panther
2015-09-15 09:48:57 ----SHD---- C:\Recovery
2015-09-15 09:47:21 ----D---- C:\WINDOWS\LastGood
2015-09-15 09:45:01 ----D---- C:\Windows.old
2015-09-15 09:44:20 ----A---- C:\WINDOWS\system32\SynTPCo31.dll
2015-09-15 09:44:14 ----A---- C:\WINDOWS\SYSWOW64\SynCom.dll
2015-09-15 09:44:12 ----A---- C:\WINDOWS\system32\drivers\Smb_driver_Intel_Aux.sys
2015-09-15 09:44:12 ----A---- C:\WINDOWS\system32\drivers\Smb_driver_AMDASF_Aux.sys
2015-09-15 09:43:43 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2015-09-15 09:43:43 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2015-09-15 09:43:43 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2015-09-15 09:43:43 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2015-09-15 09:43:43 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2015-09-15 09:43:43 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2015-09-15 09:43:43 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2015-09-15 09:43:43 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2015-09-15 09:43:43 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2015-09-15 09:43:43 ----A---- C:\WINDOWS\system32\winmde.dll
2015-09-15 09:43:43 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\wpncore.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\wpnapps.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\wpccpl.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\wmpmde.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\SettingSync.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\mfsvr.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\mfps.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\mfplat.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\mfcore.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\drivers\wpcfltr.sys
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\AudioSes.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\AudioEng.dll
2015-09-15 09:43:42 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\SYSWOW64\MFPlay.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\SYSWOW64\bcd.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\wmp.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\MFPlay.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\LocationPermissions.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\LocationGeofences.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\jscript.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\ieproxy.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\Chakra.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-09-15 09:43:41 ----A---- C:\WINDOWS\system32\bcd.dll
2015-09-15 09:43:40 ----A---- C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-09-15 09:43:40 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-09-15 09:43:40 ----A---- C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-09-15 09:43:35 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2015-09-15 09:43:35 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-09-15 09:43:35 ----A---- C:\WINDOWS\SYSWOW64\sendmail.dll
2015-09-15 09:43:35 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2015-09-15 09:43:35 ----A---- C:\WINDOWS\SYSWOW64\ActionCenter.dll
2015-09-15 09:43:35 ----A---- C:\WINDOWS\system32\ConhostV2.dll
2015-09-15 09:43:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2015-09-15 09:43:34 ----A---- C:\WINDOWS\SYSWOW64\systemcpl.dll
2015-09-15 09:43:34 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2015-09-15 09:43:34 ----A---- C:\WINDOWS\SYSWOW64\calc.exe
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\wcnwiz.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\WcnApi.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\uxtheme.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\srumsvc.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\spbcd.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\ReInfo.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\fdWCN.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\efscore.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\systemcpl.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\stobject.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\shell32.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\SensorDataService.exe
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\sendmail.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\ntshrui.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\msctfuimanager.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\d3d9.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\calc.exe
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-09-15 09:43:33 ----A---- C:\WINDOWS\explorer.exe
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\wwansvc.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\wuuhext.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\wlansvc.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\winresume.exe
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\winload.exe
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\wininet.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\wfdprov.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\wcnwiz.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\WcnNetsh.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\WcnApi.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\VPNv2CSP.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\uxtheme.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\usocore.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\twinui.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\TabSvc.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\syncutil.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\sppcomapi.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\spbcd.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\shutdownux.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\shacct.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\setbcdlocale.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\reseteng.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\ReInfo.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\ReAgent.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\RDXService.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\rdbui.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\notepad.exe
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\NetworkStatus.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\ncsi.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\MbaeParserTask.exe
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\LogonController.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\hal.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\GamePanel.exe
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\fdWCN.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\efscore.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\drivers\tunnel.sys
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\drivers\rdyboost.sys
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\dosvc.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\diagtrack_win.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\dafWCN.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\comdlg32.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\ClipUp.exe
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\bcdedit.exe
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\bcdboot.exe
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\authui.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\aitstatic.exe
2015-09-15 09:43:32 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-09-15 09:43:32 ----A---- C:\WINDOWS\notepad.exe
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\tetheringclient.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.V2.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\NotificationObjFactory.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\hmkd.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\WWAHost.exe
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\WinBioDataModel.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\wimserv.exe
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\wimgapi.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\wer.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\VoiceActivationManager.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\UserDataService.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\Unistore.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\unenrollhook.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\tquery.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\storewuauth.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\srumsvc.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\schedsvc.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\SensorService.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\psmsrv.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\provhandlers.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\provengine.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\omadmprc.exe
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\omadmclient.exe
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\OmaDmAgent.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\MusNotification.exe
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\mssrch.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\mssprxy.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\msiexec.exe
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\msi.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\mos.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\mf.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\MapsStore.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\LicenseManagerApi.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\InputService.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\hmkd.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\gdi32.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\dxgi.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\coredpus.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\ContactApis.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\configmanager2.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\BingMaps.dll
2015-09-15 09:43:24 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Import.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\VoiceActivationManager.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\PackageStateRoaming.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\msctfuimanager.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\wintrust.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\wininit.exe
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\winhttp.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\windows.storage.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\Windows.Media.Import.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\SharedStartModelShim.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\PackageStateRoaming.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\NotificationController.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\dwmapi.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\drivers\UcmUcsi.sys
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\drivers\msgpiowin32.sys
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\cloudAP.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\ci.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\BthRadioMedia.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\AppContracts.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-09-15 09:38:24 ----A---- C:\WINDOWS\SYSWOW64\NlsLexicons001b.dll
2015-09-15 09:38:24 ----A---- C:\WINDOWS\SYSWOW64\NlsData001b.dll
2015-09-15 09:38:24 ----A---- C:\WINDOWS\SYSWOW64\MLS2.dll
2015-09-15 09:38:24 ----A---- C:\WINDOWS\system32\NlsLexicons001b.dll
2015-09-15 09:38:24 ----A---- C:\WINDOWS\system32\NlsData001b.dll
2015-09-15 09:38:24 ----A---- C:\WINDOWS\system32\MLS2.dll
2015-09-15 09:36:11 ----A---- C:\WINDOWS\system32\drivers\i8042HDR.sys
2015-09-15 09:35:36 ----D---- C:\Program Files\Reference Assemblies
2015-09-15 09:35:36 ----D---- C:\Program Files\MSBuild
2015-09-15 09:35:36 ----D---- C:\Program Files (x86)\Reference Assemblies
2015-09-15 09:35:36 ----D---- C:\Program Files (x86)\MSBuild
2015-09-15 09:34:56 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2015-09-15 09:34:56 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2015-09-15 09:34:56 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-15 09:34:53 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2015-09-15 09:34:53 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-09-15 09:34:53 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-15 09:34:29 ----HD---- C:\OneDriveTemp
2015-09-15 01:35:10 ----D---- C:\ProgramData\Microsoft OneDrive
2015-09-15 00:25:38 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2015-09-15 00:20:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-15 00:13:33 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2015-09-14 23:59:03 ----SD---- C:\Users\Tibor\AppData\Roaming\Microsoft
2015-09-14 23:55:49 ----D---- C:\Program Files\Common Files\Atheros
2015-09-14 23:55:44 ----D---- C:\ProgramData\NVIDIA
2015-09-14 23:55:35 ----A---- C:\WINDOWS\system32\nvvsvc.exe
2015-09-14 23:55:35 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2015-09-14 23:55:35 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2015-09-14 23:55:35 ----A---- C:\WINDOWS\system32\nvshext.dll
2015-09-14 23:55:35 ----A---- C:\WINDOWS\system32\nvmctray.dll
2015-09-14 23:55:35 ----A---- C:\WINDOWS\system32\nvcpl.dll
2015-09-14 23:55:15 ----D---- C:\ProgramData\NVIDIA Corporation
2015-09-14 23:55:00 ----D---- C:\Program Files\NVIDIA Corporation
2015-09-14 23:54:12 ----D---- C:\Program Files\Realtek
2015-09-14 23:54:11 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2015-09-14 23:54:04 ----D---- C:\Program Files\Synaptics
2015-09-14 23:53:00 ----D---- C:\WINDOWS\Prefetch
2015-09-14 22:30:58 ----HD---- C:\$Windows.~BT
2015-09-14 22:24:24 ----D---- C:\ESD
2015-09-14 20:33:51 ----HD---- C:\$Windows.~WS
2015-09-14 18:19:05 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-09-14 16:16:38 ----D---- C:\Program Files\CCleaner
2015-09-14 14:40:45 ----D---- C:\Program Files (x86)\ESET
2015-09-14 14:15:05 ----A---- C:\WINDOWS\system32\DfpCommon.dll
2015-09-14 14:12:54 ----A---- C:\WINDOWS\system32\WSDScDrv.dll
2015-09-14 14:12:24 ----A---- C:\WINDOWS\system32\KeyboardFilterSvc.dll
2015-09-14 14:11:28 ----A---- C:\WINDOWS\SYSWOW64\KeyboardFilterCore.dll
2015-09-14 14:11:27 ----A---- C:\WINDOWS\system32\KeyboardFilterCore.dll
2015-09-14 14:11:13 ----A---- C:\WINDOWS\system32\dfp.exe
2015-09-14 13:48:38 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-09-14 08:52:10 ----A---- C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-09-14 07:03:33 ----D---- C:\Program Files\Microsoft Silverlight
2015-09-14 07:03:33 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-09-13 22:33:50 ----A---- C:\WINDOWS\system32\dfpinc.dat
2015-09-13 19:02:36 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2015-09-13 19:02:22 ----D---- C:\ProgramData\Malwarebytes
2015-09-13 19:02:22 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-13 19:02:22 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2015-09-13 19:02:22 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-09-13 19:02:22 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-09-13 18:34:07 ----A---- C:\autoexec.bat
2015-09-09 22:15:32 ----D---- C:\ProgramData\Avg_Update_0915avt
2015-08-19 11:53:56 ----A---- C:\WINDOWS\system32\drivers\avgidsha.sys
2015-08-19 11:52:30 ----A---- C:\WINDOWS\system32\drivers\avgidsdrivera.sys

======List of files/folders modified in the last 1 month======

2015-09-15 09:56:18 ----RD---- C:\Program Files
2015-09-15 09:56:12 ----SHD---- C:\WINDOWS\Installer
2015-09-15 09:54:18 ----D---- C:\WINDOWS\Temp
2015-09-15 09:54:17 ----D---- C:\ProgramData\Microsoft Help
2015-09-15 09:54:14 ----A---- C:\WINDOWS\win.ini
2015-09-15 09:53:49 ----D---- C:\WINDOWS\System32
2015-09-15 09:52:52 ----D---- C:\WINDOWS\system32\config
2015-09-15 09:48:20 ----D---- C:\WINDOWS\SysWOW64
2015-09-15 09:47:55 ----D---- C:\ProgramData\MFAData
2015-09-15 09:47:22 ----D---- C:\WINDOWS\system32\drivers
2015-09-15 09:47:21 ----D---- C:\Windows
2015-09-15 09:46:58 ----D---- C:\WINDOWS\INF
2015-09-15 09:46:47 ----D---- C:\WINDOWS\system32\DriverStore
2015-09-15 09:45:16 ----SHD---- C:\System Volume Information
2015-09-15 09:44:44 ----D---- C:\WINDOWS\SYSWOW64\oobe
2015-09-15 09:44:44 ----D---- C:\WINDOWS\SYSWOW64\Dism
2015-09-15 09:44:44 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2015-09-15 09:44:44 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2015-09-15 09:44:44 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-09-15 09:44:44 ----D---- C:\WINDOWS\system32\drivers\en-US
2015-09-15 09:44:44 ----D---- C:\WINDOWS\system32\Dism
2015-09-15 09:44:44 ----D---- C:\WINDOWS\system32\Boot
2015-09-15 09:44:44 ----D---- C:\WINDOWS\system32\appraiser
2015-09-15 09:44:43 ----D---- C:\WINDOWS\Provisioning
2015-09-15 09:44:43 ----D---- C:\WINDOWS\AppPatch
2015-09-15 09:44:43 ----D---- C:\Program Files\Windows Journal
2015-09-15 09:44:43 ----D---- C:\Program Files\Internet Explorer
2015-09-15 09:44:43 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-15 09:44:20 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2015-09-15 09:44:14 ----A---- C:\WINDOWS\system32\SynCOM.dll
2015-09-15 09:43:23 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-09-15 09:43:05 ----D---- C:\WINDOWS\system32\restore
2015-09-15 09:40:00 ----D---- C:\WINDOWS\AppReadiness
2015-09-15 09:33:09 ----D---- C:\WINDOWS\WinSxS
2015-09-15 09:33:08 ----D---- C:\WINDOWS\CbsTemp
2015-09-15 09:28:55 ----D---- C:\WINDOWS\Logs
2015-09-15 09:27:58 ----D---- C:\Users\Tibor\AppData\Roaming\Seznam.cz
2015-09-15 09:25:52 ----D---- C:\WINDOWS\appcompat
2015-09-15 09:24:41 ----HD---- C:\ProgramData\Common Files
2015-09-15 09:23:29 ----D---- C:\WINDOWS\system32\sru
2015-09-15 09:23:27 ----D---- C:\WINDOWS\system32\WDI
2015-09-15 09:23:18 ----RD---- C:\WINDOWS\DevicesFlow
2015-09-15 01:35:41 ----D---- C:\Users\Tibor\AppData\Roaming\Skype
2015-09-15 01:35:10 ----HD---- C:\ProgramData
2015-09-15 01:33:40 ----HD---- C:\Program Files\WindowsApps
2015-09-15 01:31:40 ----RD---- C:\WINDOWS\PurchaseDialog
2015-09-15 01:31:40 ----RD---- C:\WINDOWS\PrintDialog
2015-09-15 01:31:38 ----RD---- C:\WINDOWS\MiracastView
2015-09-15 01:31:13 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-09-15 00:32:33 ----D---- C:\WINDOWS\rescache
2015-09-15 00:30:26 ----D---- C:\WINDOWS\debug
2015-09-15 00:30:22 ----D---- C:\WINDOWS\SoftwareDistribution
2015-09-15 00:26:40 ----D---- C:\WINDOWS\Registration
2015-09-15 00:26:31 ----D---- C:\WINDOWS\system32\Tasks
2015-09-15 00:22:21 ----D---- C:\WINDOWS\system32\LogFiles
2015-09-15 00:22:18 ----D---- C:\WINDOWS\system32\drivers\etc
2015-09-15 00:21:47 ----D---- C:\Program Files\Common Files\AV
2015-09-15 00:19:53 ----D---- C:\WINDOWS\system32\catroot2
2015-09-15 00:17:06 ----D---- C:\WINDOWS\system32\wbem
2015-09-15 00:16:53 ----HD---- C:\WINDOWS\ELAMBKUP
2015-09-15 00:15:01 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-09-15 00:09:49 ----D---- C:\WINDOWS\ShellNew
2015-09-15 00:09:47 ----RSD---- C:\WINDOWS\Fonts
2015-09-15 00:09:47 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2015-09-15 00:09:46 ----D---- C:\WINDOWS\Tasks
2015-09-15 00:07:27 ----D---- C:\WINDOWS\Microsoft.NET
2015-09-15 00:04:13 ----D---- C:\WINDOWS\twain_32
2015-09-15 00:04:11 ----D---- C:\WINDOWS\SYSWOW64\en-US
2015-09-15 00:04:06 ----D---- C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-09-15 00:04:06 ----D---- C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-09-15 00:04:05 ----D---- C:\WINDOWS\system32\spool
2015-09-15 00:04:04 ----D---- C:\WINDOWS\system32\oobe
2015-09-15 00:04:04 ----D---- C:\WINDOWS\system32\migration
2015-09-15 00:04:03 ----D---- C:\WINDOWS\system32\InputMethod
2015-09-15 00:04:02 ----D---- C:\WINDOWS\system32\en-US
2015-09-15 00:02:11 ----D---- C:\WINDOWS\system32\appmgmt
2015-09-15 00:02:04 ----D---- C:\WINDOWS\MediaViewer
2015-09-15 00:02:04 ----D---- C:\WINDOWS\LiveKernelReports
2015-09-15 00:02:00 ----D---- C:\WINDOWS\InputMethod
2015-09-15 00:01:57 ----RD---- C:\WINDOWS\assembly
2015-09-15 00:01:57 ----RD---- C:\Users
2015-09-15 00:01:57 ----D---- C:\WINDOWS\ADFS
2015-09-15 00:01:54 ----SD---- C:\ProgramData\Microsoft
2015-09-15 00:01:43 ----RD---- C:\Program Files (x86)
2015-09-15 00:01:41 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-09-15 00:01:40 ----D---- C:\Program Files (x86)\Common Files
2015-09-15 00:01:35 ----D---- C:\Program Files\Common Files\microsoft shared
2015-09-15 00:01:34 ----D---- C:\Program Files\Common Files
2015-09-15 00:01:28 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-09-15 00:00:48 ----D---- C:\WINDOWS\system32\Recovery
2015-09-14 23:57:32 ----D---- C:\WINDOWS\system32\Sysprep
2015-09-14 23:55:34 ----D---- C:\WINDOWS\Help
2015-09-14 23:55:19 ----D---- C:\temp
2015-09-14 19:47:09 ----RD---- C:\WINDOWS\ToastData
2015-09-14 16:33:47 ----D---- C:\Users\Tibor\AppData\Roaming\uTorrent
2015-09-14 15:06:01 ----D---- C:\Users\Tibor\AppData\Roaming\vlc
2015-09-14 12:53:56 ----D---- C:\ProgramData\Unified Remote
2015-09-13 22:44:47 ----D---- C:\Program Files (x86)\Petty Mode
2015-09-13 22:30:54 ----D---- C:\WINDOWS\system32\MRT
2015-09-13 21:11:21 ----D---- C:\Program Files (x86)\Screencastify Screen Video Recorder
2015-09-13 21:11:15 ----D---- C:\ProgramData\{7508c2b2-e7dd-3cad-7508-8c2b2e7d0acb}
2015-09-13 19:16:11 ----D---- C:\Users\Tibor\AppData\Roaming\ViberPC
2015-09-13 11:42:38 ----D---- C:\ProgramData\Skype
2015-09-13 11:42:16 ----RD---- C:\Program Files (x86)\Skype
2015-09-09 22:16:15 ----D---- C:\Program Files (x86)\Opera beta
2015-08-26 18:37:02 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2015-08-19 297904]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2015-05-07 378336]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2015-08-04 250800]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2015-03-20 40928]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2015-03-11 162784]
R1 Avgfwfd;@oem8.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [2015-07-09 77760]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2015-08-19 313264]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2015-06-16 259040]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2015-08-04 304560]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2014-10-08 127760]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwnx.sys [2015-07-10 4207104]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-03-09 599240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2015-07-10 105984]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 HECIx64;@oem4.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-02-19 57848]
R3 i8042HDR;@oem38.inf,%i8042HDR.SvcDesc%;Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [2009-08-15 15920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-09-02 4264536]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\System32\drivers\k57nd60a.sys [2015-07-10 425984]
R3 MarvinBus;@oem32.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-09-15 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 64216]
R3 NVHDA;@oem35.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2015-04-16 195912]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-07-13 11139216]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-17 20288]
R3 nvvad_WaveExtensible;@oem9.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-09-04 38048]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 167936]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-10-09 31472]
R3 SynTP;@oem41.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-09-15 606376]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2015-03-27 21152]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 AthDfu;@oem11.inf,%AthDfu.SvcDesc%;Atheros Valkyrie USB BootROM; C:\WINDOWS\System32\Drivers\AthDfu.sys [2012-08-22 55336]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-15 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-07-10 32256]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-09-15 934752]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\System32\drivers\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-09-15 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2015-08-24 1560592]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-08-24 3637160]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-08-24 335656]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-07-16 244392]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-09-17 1149760]
R2 chromoting;Chrome Remote Desktop Service; C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [2015-03-08 56648]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-03 325432]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-17 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-17 19440960]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-13 937616]
R2 OneSyncSvc_Session2;Sync Host_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-09-13 411968]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-01-30 5429520]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 PimIndexMaintenanceSvc_Session2;Contact Data_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-12-11 1050904]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-09-15 237736]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-18 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-25 148080]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-09-15 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

[T-Bag]

info.txt logfile of random's system information tool 1.10 2015-09-15 09:56:59

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9AAC9EF77000000020210027FEFFFF000800000000A00180FEFFFF07FEFFFF0008A0010020030000FEFFFF07FEFFFF0028A30100A8EB3400FEFFFF0FFEFFFF00D08E360088A90355AA

======Uninstall list======

-->MsiExec /X{B455E95A-B804-439F-B533-336B1635AE97}
ABBYY FineReader 9.0 Sprint-->MsiExec.exe /I {F9000000-0018-0000-0000-074957833700}
ABBYY FineReader 9.0 Sprint-->MsiExec.exe /X{F9000000-0018-0000-0000-074957833700}
Adobe Digital Editions 4.0-->"C:\Program Files (x86)\Adobe\Adobe Digital Editions 4.0\uninstall.exe"
Adobe Flash Player 18 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_Plugin.exe -maintain plugin
Adobe Photoshop CS6-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}"
Android Notifier Desktop-->C:\Program Files (x86)\Android Notifier Desktop\uninstall.exe
AVG 2015-->"C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe" /AppMode=SETUP /Uninstall /UDS=1
AVG 2015-->MsiExec.exe /I{A7BD472C-814B-4BB8-915A-E0CB35F763FD}
AVG 2015-->MsiExec.exe /I{CEEAE734-B717-41D1-BF50-378EC081C6B1}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Definition Update for Microsoft Office 2010 (KB3085525) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{3E6026BD-B7B9-486E-BFBF-880733117391}" "1033" "0"
DS-Timer version 1.0.0.0-->"C:\Program Files (x86)\DS-Timer\unins000.exe"
Epson Easy Photo Print 2-->C:\Program Files (x86)\InstallShield Installation Information\{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}\SETUP.EXE -runfromtemp -l0x0009 UNINST -removeonly
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)-->C:\Program Files (x86)\InstallShield Installation Information\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}\setup.exe -runfromtemp -l0x0009 -removeonly
Epson Event Manager-->MsiExec.exe /X{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}
EPSON Scan-->C:\Program Files (x86)\epson\escndv\setup\setup.exe /r
EPSON SX420W Series Manuál-->"C:\Program Files (x86)\Epson\TpManual\EPSON SX420W Series\sk\Useg\DocUnins.exe"
EPSON SX420W Series Printer Uninstall-->C:\Windows\system32\spool\DRIVERS\x64\3\E_IINSGCE.EXE /R /APD /P:"EPSON SX420W Series"
EpsonNet Print-->C:\Program Files (x86)\InstallShield Installation Information\{3E31400D-274E-4647-916C-2CACC3741799}\ENPSETUP.exe -runfromtemp -l0x0009 -EPSON -removeonly
EpsonNet Setup 3.2-->"C:\Program Files (x86)\InstallShield Installation Information\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}\Setup.exe" -runfromtemp -l0x001b -removeonly
ESET Online Scanner v3-->C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
Eurobattle.net-->"C:\Program Files (x86)\Eurobattle.net\uninstaller.exe"
Foxit Cloud-->"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\unins000.exe"
Foxit PhantomPDF Standard-->MsiExec.exe /I{0A33872C-25C0-4E0A-80DB-53067BB717DD}
Foxit Reader-->"C:\Program Files (x86)\Foxit Software\Foxit Reader\unins000.exe"
Google Earth Pro-->MsiExec.exe /X{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}
Google Earth-->MsiExec.exe /I{817750FA-EC6A-485D-9901-0683AE6FFDF1}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Chrome Remote Desktop Host-->MsiExec.exe /I{A1A724F3-F1A6-479C-AE98-208946717E2B}
Incomedia WebSite X5 v10 - Evolution-->"C:\Program Files (x86)\WebSite X5 v10 - Evolution\unins000.exe"
Incomedia WebSite X5 v11 - Free-->"C:\Program Files (x86)\WebSite X5 v11 - Free\unins000.exe"
Incomedia WebSite X5 v11 - Professional-->"C:\Program Files (x86)\WebSite X5 v11 - Professional\unins000.exe"
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
KMSpico v9.1.3-->"C:\Program Files\KMSpico\unins000.exe"
Lazarus 1.4.0-->"C:\lazarus\unins000.exe"
Malwarebytes Anti-Malware verzia 2.1.8.1057-->"C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
Maxthon Cloud Browser-->C:\Program Files (x86)\Maxthon\Bin\Mx3Uninstall.exe
MEGAsync-->C:\Users\Tibor\AppData\Local\MEGAsync\uninst.exe
Mi Phone Manager-->C:\ProgramData\Caphyon\Advanced Installer\{0E54EB69-9613-4034-96C3-3FF674E3D609}\MiSetup Module.exe /x {0E54EB69-9613-4034-96C3-3FF674E3D609}
Mi Phone Manager-->MsiExec.exe /I{0E54EB69-9613-4034-96C3-3FF674E3D609}
Microsoft Office Access MUI (English) 2010-->MsiExec.exe /X{90140000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2010-->MsiExec.exe /X{90140000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2010-->MsiExec.exe /X{90140000-00BA-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2010-->MsiExec.exe /X{90140000-0044-0409-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2010-->MsiExec.exe /X{90140000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2010-->MsiExec.exe /X{90140000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2010-->MsiExec.exe /X{90140000-0018-0409-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2010-->MsiExec.exe /X{90140000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (English) 2010-->MsiExec.exe /X{90140000-002A-0409-1000-0000000FF1CE}
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0116-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-0000-0000000FF1CE}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{2C303EE0-A595-3543-A71A-931C7AC40EDE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->c:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)\install.exe
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->MsiExec.exe /X{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Mozilla Firefox 37.0.2 (x86 sk)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSVCRT Redists-->MsiExec.exe /I{3BFC9CAE-091D-11E4-886A-F04DA23A5C58}
NVIDIA 3D Vision Driver 344.11-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA GeForce Experience 2.1.2-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Graphics Driver 344.11-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX System Software 9.14.0702-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA PhysX-->MsiExec.exe /I{B455E95A-B804-439F-B533-336B1635AE97}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
OpenOffice 4.1.1-->MsiExec.exe /I{456408C1-3BDE-48CC-9A5A-79B1BB4C4787}
Opera beta 32.0.1948.19-->"C:\Program Files (x86)\Opera beta\Launcher.exe" /uninstall
Ovladače videa společnosti Pinnacle-->MsiExec.exe /X{6DE721A5-5E89-4D74-994C-652BB3C0672E}
PDF Settings CS6-->MsiExec.exe /I{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}
Pinnacle Studio 16 - Install Manager-->MsiExec.exe /X{F1886CD7-9F73-417A-92E9-7E0AB0F0E099}
Pinnacle Studio 16-->MsiExec.exe /I{284BFDBC-DAC6-43EC-85A8-E1CEC0D3A114}
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{A12F43A5-CF0B-44E3-942F-2441CD442F0D}" "1033" "0"
Security Update for Microsoft Office 2010 (KB3054965) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{3B3247BC-576A-4431-9587-A64D425DF005}" "1033" "0"
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{337A3FB9-281D-4EC8-9CC1-7F6DDAC2359F}" "1033" "0"
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{337A3FB9-281D-4EC8-9CC1-7F6DDAC2359F}" "1033" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-0000-0000000FF1CE}" "{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}" "1033" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}" "1033" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0115-0409-0000-0000000FF1CE}" "{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}" "1033" "0"
Sieťová príručka pre EPSON SX420W Series-->"C:\Program Files (x86)\Epson\TpManual\EPSON SX420W Series\sk\Netg\DocUnins.exe"
Skype Click to Call-->MsiExec.exe /X{6D1221A9-17BF-4EC0-81F2-27D30EC30701}
Skype™ 7.10-->MsiExec.exe /X{6A0549A9-1B96-498C-ACBC-3943001FEB19}
SSIII Solo Ultratus 1.2-->C:\Program Files (x86)\SSIII Solo Ultratus\uninst.exe
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TeamViewer 10-->C:\Program Files (x86)\TeamViewer\uninstall.exe
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
Unified Remote-->"C:\Program Files (x86)\Unified Remote 3\unins000.exe"
Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A8686D24-1E89-43A1-973E-05A258D2B3F8}" "1033" "0"
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{8BEEA2FC-D416-428A-B52A-A3ED45921151}" "1033" "0"
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{C8694FF0-8203-483B-A07A-2BC40433167D}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0409-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0409-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0409-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0409-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0409-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0409-1000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0409-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0409-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0409-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-0409-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0115-0409-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0116-0409-1000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0117-0409-0000-0000000FF1CE}" "{7CA28304-D86F-4ACA-97FA-D126E0D02416}" "1033" "0"
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{460FF681-BC66-4C38-99DF-7012E03F1EBA}" "1033" "0"
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{BA610006-2C39-4419-9834-CF61AB24810A}" "1033" "0"
Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-0000-0000000FF1CE}" "{A7AA9E77-A9F4-4596-8AFD-4910FF258C3D}" "1033" "0"
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{BEBC2484-290C-46AD-9834-6DAD1FA80273}" "1033" "0"
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{BEBC2484-290C-46AD-9834-6DAD1FA80273}" "1033" "0"
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0409-0000-0000000FF1CE}" "{9865DC3A-2898-48D9-B96A-46397571C934}" "1033" "0"
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{38990592-F6A1-4A26-96C7-0600E36AE794}" "1033" "0"
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{5EBDE1DE-3B28-4134-AB00-85CFF2B4F94D}" "1033" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}" "1033" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}" "1033" "0"
Vegas Pro 13.0 (64-bit)-->MsiExec.exe /X{3814DB30-091D-11E4-BDE0-F04DA23A5C58}
Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
VLC media player-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WinRAR 5.20 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
XviD MPEG-4 Video Codec rev.1.3.0-->"C:\Program Files (x86)\XviD MPEG-4 Video Codec\unins000.exe"
Zoner Callisto 5 FREE-->"C:\Program Files (x86)\Zoner\Callisto 5 FREE\unins000.exe"

======System event log======

Computer Name: Tibor
Event Code: 7023
Message: The IP Helper service terminated with the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Record Number: 45
Source Name: Service Control Manager
Time Written: 20150914215303.108874-000
Event Type: Error
User:

Computer Name: Tibor
Event Code: 7001
Message: The Windows Defender Network Inspection System Driver service depends on the Windows Defender Mini-Filter Driver service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Record Number: 43
Source Name: Service Control Manager
Time Written: 20150914215258.952465-000
Event Type: Error
User:

Computer Name: Tibor
Event Code: 7023
Message: The Network List Service service terminated with the following error:
The device is not ready.
Record Number: 42
Source Name: Service Control Manager
Time Written: 20150914215257.085662-000
Event Type: Error
User:

Computer Name: Tibor
Event Code: 7000
Message: The AVG network filter service service failed to start due to the following error:
The system cannot find the file specified.
Record Number: 34
Source Name: Service Control Manager
Time Written: 20150914215228.240815-000
Event Type: Error
User:

Computer Name: Tibor
Event Code: 7022
Message: The Network Setup Service service hung on starting.
Record Number: 31
Source Name: Service Control Manager
Time Written: 20150914215226.115734-000
Event Type: Error
User:

=====Application event log=====

Computer Name: Tibor
Event Code: 4879
Message: MSDTC encountered an error (HR=0x80000171) while attempting to establish a secure connection with system TIBOR.
Record Number: 44
Source Name: Microsoft-Windows-MSDTC Client 2
Time Written: 20150914222527.000000-000
Event Type: Warning
User:

Computer Name: Tibor
Event Code: 1
Message:
Record Number: 18
Source Name: NvStreamSvc
Time Written: 20150914221223.000000-000
Event Type: Error
User:

Computer Name: Tibor
Event Code: 1
Message:
Record Number: 17
Source Name: NvStreamSvc
Time Written: 20150914221223.000000-000
Event Type: Error
User:

Computer Name: Tibor
Event Code: 1
Message:
Record Number: 16
Source Name: NvStreamSvc
Time Written: 20150914221223.000000-000
Event Type: Error
User:

Computer Name: Tibor
Event Code: 1534
Message: Profile notification of event Create for component {D63AA156-D534-4BAC-9BF1-55359CF5EC30} failed, error code is The system cannot find the path specified.
.


Record Number: 7
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20150914215905.021314-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: Tibor
Event Code: 4688
Message: A new process has been created.

Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Process Information:
New Process ID: 0x194
New Process Name: C:\Windows\System32\smss.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x144
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:

Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.

Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.

Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.

Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150914215111.676792-000
Event Type: Audit Success
User:

Computer Name: Tibor
Event Code: 4688
Message: A new process has been created.

Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Process Information:
New Process ID: 0x188
New Process Name: C:\Windows\System32\setupcl.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x144
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:

Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.

Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.

Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.

Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150914215051.974515-000
Event Type: Audit Success
User:

Computer Name: Tibor
Event Code: 4688
Message: A new process has been created.

Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Process Information:
New Process ID: 0x150
New Process Name: C:\Windows\System32\autochk.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x144
Creator Process Name: C:\Windows\System32\smss.exe
Process Command Line:

Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.

Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.

Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.

Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150914215047.697237-000
Event Type: Audit Success
User:

Computer Name: Tibor
Event Code: 4688
Message: A new process has been created.

Creator Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

Target Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Process Information:
New Process ID: 0x144
New Process Name: C:\Windows\System32\smss.exe
Token Elevation Type: %%1936
Mandatory Label: S-1-16-16384
Creator Process ID: 0x4
Creator Process Name:
Process Command Line:

Token Elevation Type indicates the type of token that was assigned to the new process in accordance with User Account Control policy.

Type 1 is a full token with no privileges removed or groups disabled. A full token is only used if User Account Control is disabled or if the user is the built-in Administrator account or a service account.

Type 2 is an elevated token with no privileges removed or groups disabled. An elevated token is used when User Account Control is enabled and the user chooses to start the program using Run as administrator. An elevated token is also used when an application is configured to always require administrative privilege or to always require maximum privilege, and the user is a member of the Administrators group.

Type 3 is a limited token with administrative privileges removed and administrative groups disabled. The limited token is used when User Account Control is enabled, the application does not require administrative privilege, and the user does not choose to start the program using Run as administrator.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150914215047.588797-000
Event Type: Audit Success
User:

Computer Name: Tibor
Event Code: 4826
Message: Boot Configuration Data loaded.

Subject:
Security ID: S-1-5-18
Account Name: -
Account Domain: -
Logon ID: 0x3E7

General Settings:
Load Options: -
Advanced Options: No
Configuration Access Policy: Default
System Event Logging: No
Kernel Debugging: No
VSM Launch Type: Off

Signature Settings:
Test Signing: No
Flight Signing: No
Disable Integrity Checks: No

HyperVisor Settings:
HyperVisor Load Options: -
HyperVisor Launch Type: Off
HyperVisor Debugging: No
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150914215047.532655-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=2505
"FP_NO_HOST_CHECK"=NO
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\

-----------------EOF-----------------

[Roli]

Zdravím, copak uděláme s tím nelegálním produktem od Microsoftu ?