update.vbe se snaží připojit na internet - Prosím o pomoc!

[Mine.]

Ahoj, z ničeho nic se mi začal soubor update.vbe připojovat na internet (Comodo hlásí, že se snaží), v procesech se objevil ® Windows Based Script Host, nevím, co je a kde se vzal (update.vbe), je ve složce C:\Users\Admin\AppData\Roaming\Origin, scan: https://www.virustotal.com/cs/file/357c ... 443380501/ log přiložím později.

[Mine.]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
Ran by Admin (administrator) on ZALMANR1 (27-09-2015 21:08:10)
Running from C:\Users\Admin\Downloads
Loaded Profiles: Admin (Available Profiles: Admin & Baruška & MSSQL$ADK)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\obksvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8483032 2015-05-28] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-05] (COMODO)
HKLM\...\Run: [obkagent] => C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe [1234816 2014-11-11] (Bitdefender)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-09-27] (Malwarebytes Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-26] (Piriform Ltd)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [BingSvc] => C:\Users\Admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\MountPoints2: {4d8048c2-e02f-11e4-be8b-f07959613533} - "E:\LG_PC_Programs.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{93cd84c0-9c28-42cf-8441-bbe6616bf76d}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2560372422-2021965399-549226919-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-08-25] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Bitdefender Safepay™ for Internet Explorer 64-bit -> {ED858D4C-395F-4623-987B-B420994790C9} -> C:\Program Files\Bitdefender\Bitdefender Safepay\x64\spbxie64.dll [2014-11-11] (Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-07] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-07] (Oracle Corporation)
BHO-x32: Bitdefender Safepay™ for Internet Explorer -> {ED858D4C-395F-4623-987B-B420994790C9} -> C:\Program Files\Bitdefender\Bitdefender Safepay\spbxie.dll [2014-11-11] (Bitdefender)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: about:home
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-05-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-05-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\avira-safesearch.xml [2015-09-21]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\peklada-google.xml [2015-09-09]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml [2015-05-29]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\wikiskripta-cs.xml [2015-05-07]
FF Extension: Avira Browser Safety - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\abs@avira.com [2015-09-20]
FF Extension: Bing Search - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\bingsearch.full@microsoft.com [2015-09-09]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\iobitascsurfingprotection@iobit.com [2015-09-19]
FF Extension: Avira SafeSearch Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\safesearchplus@avira.com [2015-09-20]
FF Extension: WOT - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-10]
FF Extension: MEGA - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\firefox@mega.co.nz.xpi [2015-04-30]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-30]
FF Extension: Disable Anti-Adblock - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi [2015-04-30]
FF HKLM-x32\...\Firefox\Extensions: [{a171a864-424e-4d77-be5a-1ee220deccd3}] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff
FF Extension: Bitdefender Safepay - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff [2015-09-27]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-22]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-22]
CHR Extension: (Avira SafeSearch) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2015-09-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-22]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2015-09-27]
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2560372422-2021965399-549226919-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2015-09-27]
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-09-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-09-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-09-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148688 2015-09-23] (Avira Operations GmbH & Co. KG)
S4 appdrvrem01; C:\WINDOWS\System32\appdrvrem01.exe [551896 2015-04-11] (Protection Technology)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-03] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-05] (COMODO)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-25] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-09-27] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 MSSQL$ADK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\sqlservr.exe [163008 2015-07-16] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 OBKSvc; C:\Program Files\Bitdefender\Bitdefender Safepay\OBKSvc.exe [1242568 2014-11-11] (Bitdefender)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 SQLAgent$ADK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\SQLAGENT.EXE [448704 2015-07-16] (Microsoft Corporation)
R2 UPDATESRV_SAFEPAY; C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe [66784 2014-10-28] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-04-20] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-04-20] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-04-20] (LG Electronics Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [2715824 2015-04-12] (Protection Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2015-07-27] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
S3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [77760 2015-07-09] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313264 2015-08-19] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-23] (Avira Operations GmbH & Co. KG)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [304560 2015-08-04] (AVG Technologies CZ, s.r.o.)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-08-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-08-06] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-23] (Avira Operations GmbH & Co. KG)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21720 2015-08-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [827632 2015-08-05] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-08-05] (COMODO)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-04-02] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-04-02] (Windows (R) Win 7 DDK provider)
R1 epp64; C:\Windows\System32\DRIVERS\epp64.sys [135800 2015-06-18] (Emsisoft GmbH)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-09-27] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [146720 2012-09-05] (BitDefender LLC)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-23] (REALiX(tm))
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127232 2015-08-05] (COMODO)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2015-06-13] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2015-06-13] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 MFE_RR; \??\C:\Users\Admin\AppData\Local\Temp\mfe_rr.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-27 21:08 - 2015-09-27 21:09 - 00025389 _____ C:\Users\Admin\Downloads\FRST.txt
2015-09-27 21:07 - 2015-09-27 21:08 - 00000000 ____D C:\FRST
2015-09-27 21:07 - 2015-09-27 21:07 - 02192384 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2015-09-27 20:58 - 2015-09-27 20:58 - 00016148 _____ C:\WINDOWS\system32\ZALMANR1_Admin_HistoryPrediction.bin
2015-09-27 20:52 - 2015-09-27 20:53 - 00000000 ____D C:\Users\Admin\Desktop\Nová složka
2015-09-27 20:22 - 2015-09-27 20:22 - 00201499 _____ C:\ProgramData\1443378030.bdinstall.bin
2015-09-27 20:21 - 2015-09-27 20:21 - 00002180 _____ C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2015-09-27 20:21 - 2015-09-27 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Safepay
2015-09-27 20:21 - 2015-09-27 20:21 - 00000000 ____D C:\ProgramData\Bitdefender
2015-09-27 20:21 - 2012-09-05 16:30 - 00146720 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2015-09-27 20:20 - 2015-09-27 20:21 - 00000000 ____D C:\ProgramData\Bitdefender Safepay
2015-09-27 20:20 - 2015-09-27 20:20 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Bitdefender Safepay
2015-09-27 20:19 - 2015-09-27 20:19 - 01941256 _____ C:\Users\Admin\Downloads\bitdefender_safepay.exe
2015-09-27 17:31 - 2015-09-27 18:01 - 00000000 ____D C:\Users\Admin\Desktop\Fotky (prodej)
2015-09-27 15:25 - 2015-09-27 15:27 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-09-27 15:25 - 2015-09-27 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-09-27 15:25 - 2015-09-27 15:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-09-27 15:21 - 2015-09-27 15:21 - 06130064 _____ (WiseCleaner.com ) C:\Users\Admin\Downloads\WiseCare365.exe
2015-09-27 14:48 - 2015-09-27 20:57 - 00001856 _____ C:\WINDOWS\PFRO.log
2015-09-27 14:16 - 2015-09-27 14:43 - 00000000 ____D C:\Program Files (x86)\Vuze
2015-09-27 14:16 - 2015-09-27 14:40 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Azureus
2015-09-27 14:16 - 2015-09-27 14:16 - 00000000 ____D C:\Users\Admin\.swt
2015-09-27 13:40 - 2015-09-27 13:42 - 130426640 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\msert.exe
2015-09-27 13:37 - 2015-09-27 13:37 - 00931338 _____ C:\Users\Admin\Downloads\Vuze.Plus.5.1.0.0.keygen.by.FFF.exe.zip
2015-09-27 13:30 - 2015-09-27 13:30 - 00072016 _____ (Azureus Software, Inc.) C:\Users\Admin\Downloads\Vuze_Installer.exe
2015-09-27 13:29 - 2015-09-27 13:29 - 00072496 _____ (Azureus Software, Inc.) C:\Users\Admin\Downloads\VuzeBittorrentClientInstaller.exe
2015-09-27 12:52 - 2015-09-27 12:52 - 00000000 ____D C:\Users\Admin\Downloads\Vuze 5.6.0.0
2015-09-27 02:40 - 2015-09-27 02:44 - 73990610 _____ C:\Users\Admin\Downloads\Vuze-4.9.0.0---BitTorrent-Client.zip
2015-09-27 02:39 - 2015-09-27 02:39 - 00378747 _____ C:\Users\Admin\Downloads\Vuze-2015.rar
2015-09-27 02:06 - 2015-09-27 02:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Crystal Security
2015-09-27 02:01 - 2015-09-27 02:01 - 00513906 _____ C:\Users\Admin\Downloads\crystal_security_3.5.0.143.zip
2015-09-27 01:51 - 2015-09-27 20:57 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-27 01:51 - 2015-09-27 17:34 - 00001070 _____ C:\WINDOWS\setupact.log
2015-09-27 01:51 - 2015-09-27 01:51 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-27 01:45 - 2015-09-27 16:48 - 00000000 ____D C:\Users\Admin\AppData\Local\NPE
2015-09-27 01:45 - 2015-09-27 01:45 - 00000000 ____D C:\ProgramData\Norton
2015-09-27 01:12 - 2015-09-27 01:12 - 02865192 _____ (Malwarebytes ) C:\Users\Admin\Downloads\mbae-setup-1.07.1.1015.exe
2015-09-27 01:12 - 2015-09-27 01:12 - 00204496 _____ (Malwarebytes) C:\Users\Admin\Downloads\startuplite-setup-1.07.exe
2015-09-27 01:12 - 2015-09-27 01:12 - 00065232 _____ (Malwarebytes) C:\Users\Admin\Downloads\regassassin-setup-1.03.exe
2015-09-27 01:09 - 2015-09-27 01:09 - 00950649 _____ (DriverIdentifier ) C:\Users\Admin\Downloads\driveridentifier_setup.exe
2015-09-27 01:07 - 2015-09-27 01:08 - 10107368 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NPE.exe
2015-09-27 01:02 - 2015-09-27 01:02 - 00202611 _____ C:\Users\Admin\Downloads\CCEnhancer-4.3.2-multilingual.zip
2015-09-26 22:36 - 2015-09-26 22:36 - 06582016 _____ (COMODO) C:\Users\Admin\Downloads\APTAT.exe
2015-09-26 21:53 - 2015-09-26 21:53 - 00676349 _____ (PortableAppZ.blogspot.com) C:\Users\Admin\Downloads\CCleaner_Portable_MultiVersion_32-64-bit_Multilingual_Online.exe
2015-09-26 14:19 - 2015-09-26 14:19 - 06677440 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup510.exe
2015-09-26 01:52 - 2015-09-27 14:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-26 01:05 - 2015-09-26 01:05 - 03076418 _____ C:\Users\Admin\Downloads\AutoHotkey112206_Install.exe
2015-09-25 23:35 - 2015-09-25 23:35 - 00000000 ____D C:\Users\Admin\Downloads\Malwarebytes Anti-Exploit Premium 1.07.1.1010 Final
2015-09-25 23:33 - 2015-09-26 23:51 - 00000000 ____D C:\Users\Admin\Downloads\Microsoft Office 2016 16.0.4266.1003
2015-09-25 14:12 - 2015-09-25 14:12 - 03462676 _____ C:\Users\Admin\Downloads\50516700(1).rar
2015-09-25 14:11 - 2015-09-25 14:11 - 03462676 _____ C:\Users\Admin\Downloads\50516700.rar
2015-09-25 12:39 - 2015-09-25 12:40 - 186267648 _____ C:\Users\Admin\Downloads\012.Teorie.velkeho.tresku.S01E12.Jeruzalemska.dualita.WEBrip.CZ.avi
2015-09-25 12:38 - 2015-09-25 12:42 - 186615808 _____ C:\Users\Admin\Downloads\Teorie velkeho tresku s01e11 Livancova anomalie.avi
2015-09-24 16:34 - 2015-09-24 16:36 - 186284032 _____ C:\Users\Admin\Downloads\Teorie velkeho tresku s01e10 Loobenfelduv rozpad.avi.part
2015-09-23 22:48 - 2015-09-23 22:48 - 00001886 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk
2015-09-23 22:48 - 2015-09-23 22:48 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2015-09-23 22:48 - 2015-09-23 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2015-09-23 22:32 - 2015-09-23 22:32 - 05075834 _____ C:\Users\Admin\Downloads\Setup.zip
2015-09-23 22:28 - 2015-09-23 22:32 - 225688096 _____ (COMODO) C:\Users\Admin\Downloads\cispremium_installer(1).exe
2015-09-23 22:25 - 2015-09-23 22:48 - 00000000 ____D C:\ProgramData\Comodo
2015-09-23 22:19 - 2015-09-23 22:23 - 225688096 _____ (COMODO) C:\Users\Admin\Downloads\cispremium_installer.exe
2015-09-23 21:04 - 2015-09-23 21:18 - 00000000 ____D C:\Users\Admin\Documents\Fax
2015-09-23 21:02 - 2015-09-23 21:02 - 00003584 _____ C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-20 19:43 - 2015-09-20 19:43 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Avira
2015-09-20 19:35 - 2015-09-23 13:48 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-09-20 19:35 - 2015-09-23 13:48 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-09-20 19:35 - 2015-08-06 20:58 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-09-20 19:35 - 2015-08-06 20:58 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-09-20 19:31 - 2015-09-20 19:35 - 00000000 ____D C:\ProgramData\Avira
2015-09-20 19:31 - 2015-09-20 19:31 - 00001279 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-09-20 19:17 - 2015-09-20 19:17 - 04772888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Admin\Downloads\avira_en_av_55feea09a52db__ws.exe
2015-09-20 16:06 - 2015-09-20 16:06 - 00003186 _____ C:\WINDOWS\System32\Tasks\Origin
2015-09-20 16:06 - 2015-09-20 16:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Origin
2015-09-20 15:46 - 2015-09-20 15:46 - 00000000 ____D C:\Program Files (x86)\Mad Max
2015-09-20 12:34 - 2015-09-20 12:38 - 429256938 _____ C:\Users\Admin\Downloads\001.bmp
2015-09-20 00:20 - 2015-09-20 00:30 - 1460520960 ____R C:\Users\Admin\Downloads\Insidious 3 Počátek.avi
2015-09-19 23:50 - 2015-09-20 00:02 - 1319640782 _____ C:\Users\Admin\Downloads\SINISTER-2-2015-Horor-by-Becker.avi
2015-09-19 23:21 - 2015-09-19 23:21 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-09-19 10:56 - 2015-09-19 10:56 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-19 10:54 - 2015-09-19 10:54 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-09-19 10:54 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\SysWOW64\IObitSmartDefragExtension.dll20150919154659.dll
2015-09-19 10:47 - 2015-09-20 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-09-19 10:47 - 2015-09-20 14:29 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-09-19 10:47 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-09-18 23:43 - 2015-09-18 23:44 - 01506832 _____ (Skype Technologies S.A.) C:\Users\Admin\Downloads\SkypeSetup(2).exe
2015-09-18 23:43 - 2015-09-18 23:44 - 01506832 _____ (Skype Technologies S.A.) C:\Users\Admin\Downloads\SkypeSetup(1).exe
2015-09-18 23:21 - 2015-09-19 16:10 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-09-18 23:21 - 2015-09-18 23:21 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Lavasoft
2015-09-18 22:55 - 2015-09-18 22:56 - 29619504 _____ (IObit ) C:\Users\Admin\Downloads\IObit-Malware-Fighter-Setup.exe
2015-09-18 22:53 - 2015-09-18 22:54 - 23442496 _____ (SUPERAntiSpyware) C:\Users\Admin\Downloads\SUPERAntiSpyware.exe
2015-09-18 22:52 - 2015-09-18 22:52 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Admin\Downloads\spybot-2.4.exe
2015-09-18 22:51 - 2015-09-18 22:51 - 02726024 _____ (Lavasoft Limited ) C:\Users\Admin\Downloads\driver_updater.exe
2015-09-09 23:44 - 2015-09-09 23:44 - 03058696 _____ (Dominik Reichl ) C:\Users\Admin\Downloads\KeePass-2.30-Setup.exe
2015-09-09 23:21 - 2015-09-10 15:00 - 00002087 _____ C:\Users\Admin\Desktop\FileHippo App Manager.lnk
2015-09-09 23:21 - 2015-09-09 23:21 - 00002117 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2015-09-09 23:21 - 2015-09-09 23:21 - 00000000 ____D C:\Program Files (x86)\FileHippo.com
2015-09-09 23:19 - 2015-09-09 23:19 - 02190552 _____ C:\Users\Admin\Downloads\appmanagersetup_2.0_b4_292.exe
2015-09-09 23:18 - 2015-09-09 23:20 - 39399424 _____ C:\Users\Admin\Downloads\SkypeSetup.msi
2015-09-09 23:13 - 2015-09-09 23:13 - 00021712 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2015-09-09 23:13 - 2015-09-09 23:13 - 00000000 ____D C:\Users\Admin\AppData\Local\eSupport.com
2015-09-09 23:01 - 2015-09-09 23:01 - 04195288 _____ C:\Users\Admin\Downloads\majorgeeks_software_updates_and_news_setup.exe
2015-09-09 22:52 - 2015-09-27 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-09 22:32 - 2015-09-09 22:32 - 05490752 _____ (Secunia) C:\Users\Admin\Downloads\PSISetup.exe
2015-09-09 22:30 - 2015-09-09 22:31 - 01384064 _____ (Skype Technologies S.A.) C:\Users\Admin\Downloads\SkypeSetup.exe
2015-09-08 22:28 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-08 22:28 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-08 22:28 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-08 22:28 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 22:28 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-08 22:28 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-08 22:28 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 22:27 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-08 22:27 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-08 22:27 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 22:27 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-08 22:27 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 22:27 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-08 22:27 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 22:27 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 22:27 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 22:27 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 22:27 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 22:27 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 22:27 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 22:27 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-08 22:27 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-08 22:27 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 22:27 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 22:27 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 22:27 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 22:27 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:27 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 22:27 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 22:27 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 22:27 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 22:27 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-07 21:53 - 2015-09-07 21:53 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AVG2015
2015-09-07 21:52 - 2015-09-20 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-09-07 21:51 - 2015-09-21 16:12 - 00000000 ____D C:\Program Files (x86)\AVG
2015-09-07 21:51 - 2015-09-19 23:10 - 00000000 ___HD C:\$AVG
2015-09-07 21:45 - 2015-09-07 21:45 - 00000000 _____ C:\WINDOWS\system32\REN586E.tmp
2015-09-07 21:44 - 2015-09-07 21:44 - 00243595 _____ C:\ProgramData\1441654844.bdinstall.bin
2015-09-07 19:05 - 2015-09-07 19:04 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-07 18:35 - 2015-09-09 20:44 - 00001802 _____ C:\Users\Admin\Desktop\Word 2013.lnk
2015-09-07 17:48 - 2015-09-25 13:55 - 00000000 ____D C:\Users\Admin\Desktop\Čtenářský deník
2015-09-07 17:45 - 2015-09-19 23:12 - 00000000 ____D C:\Users\Admin\AppData\Local\Avg2015
2015-09-07 17:28 - 2015-04-29 17:18 - 00000000 ____D C:\Users\Admin\Desktop\GTA V - Exclusive content DLC Unlocker
2015-09-05 20:15 - 2015-09-05 20:15 - 00000220 _____ C:\Users\Admin\Desktop\Garry's Mod.url
2015-09-05 18:19 - 2015-09-27 20:58 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-05 18:19 - 2015-09-27 20:30 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-05 18:19 - 2015-09-15 17:25 - 00004036 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-05 18:19 - 2015-09-15 17:25 - 00003804 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-05 14:11 - 2015-09-05 14:11 - 00000000 ____D C:\Users\Admin\AppData\Temp
2015-09-05 02:16 - 2015-09-05 02:16 - 00000385 _____ C:\Users\Admin\AppData\Roaminguser_gensett.xml
2015-09-05 02:15 - 2015-09-05 02:15 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2015-09-05 02:13 - 2015-09-20 14:33 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-05 01:46 - 2015-09-05 01:46 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-09-05 01:46 - 2015-05-29 09:50 - 01730304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2015-09-05 01:46 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2015-09-03 23:47 - 2015-09-03 23:47 - 00162816 _____ C:\Users\Admin\Downloads\pecivo-Kaufland-slozeni.xls
2015-09-03 20:42 - 2015-09-03 20:42 - 00000000 ____D C:\Users\Admin\Desktop\Tor Browser
2015-09-03 18:29 - 2015-09-03 18:29 - 00065736 _____ (Prevx) C:\WINDOWS\system32\Drivers\pxrts.sys
2015-09-03 18:29 - 2015-09-03 18:29 - 00036384 _____ (Prevx) C:\WINDOWS\system32\Drivers\pxscan.sys
2015-09-03 18:29 - 2015-09-03 18:29 - 00024024 _____ (Prevx) C:\WINDOWS\system32\Drivers\pxkbf.sys
2015-09-03 18:23 - 2015-09-04 21:32 - 00000000 ____D C:\Program Files (x86)\NoVirusThanks
2015-09-03 18:18 - 2015-09-27 20:56 - 00000296 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Admin.job
2015-09-03 18:18 - 2015-09-27 20:54 - 00002482 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Admin
2015-09-03 18:03 - 2015-09-03 18:04 - 00000000 _____ C:\Users\Admin\Downloads\DWS.log
2015-09-03 17:20 - 2015-09-03 17:20 - 00945272 _____ (Prevx) C:\Users\Admin\Downloads\prevxcsifree.exe
2015-09-03 12:52 - 2015-09-03 12:52 - 00579408 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2015-09-03 12:52 - 2015-09-03 12:52 - 00445472 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2015-09-02 23:43 - 2015-09-02 23:43 - 00174592 _____ (WZT) C:\Users\Admin\Downloads\DWS_Lite.exe
2015-09-02 23:14 - 2015-06-23 04:37 - 00091272 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-09-02 22:54 - 2015-09-02 22:54 - 00000000 ____D C:\Program Files\Realtek
2015-09-02 22:53 - 2015-06-02 12:48 - 04477656 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-09-02 22:53 - 2015-06-02 12:15 - 02088737 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-09-02 22:53 - 2015-06-02 11:15 - 01747160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-09-02 22:53 - 2015-06-02 08:57 - 02847960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-09-02 22:53 - 2015-06-02 08:57 - 02531544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2015-09-02 22:53 - 2015-05-27 12:51 - 02461016 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2015-09-02 22:53 - 2015-05-27 12:51 - 00944984 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2015-09-02 22:53 - 2015-05-26 05:59 - 00166616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-09-02 22:53 - 2015-05-25 09:18 - 03195416 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-09-02 22:53 - 2015-05-20 10:14 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-09-02 22:53 - 2015-05-18 08:47 - 02702040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-09-02 22:53 - 2015-05-15 13:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-09-02 22:53 - 2015-05-15 10:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-09-02 22:53 - 2015-04-28 04:52 - 05706688 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2015-09-02 22:53 - 2015-04-27 10:09 - 00328816 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2015-09-02 22:53 - 2015-04-23 23:42 - 00858256 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2015-09-02 22:53 - 2015-04-23 23:42 - 00684176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2015-09-02 22:53 - 2015-04-23 23:42 - 00435856 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2015-09-02 22:53 - 2015-04-23 23:41 - 00555664 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2015-09-02 22:53 - 2015-04-13 10:25 - 03262184 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2015-09-02 22:53 - 2015-04-09 09:23 - 01559744 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2015-09-02 22:53 - 2015-04-03 07:24 - 01365768 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2015-09-02 22:53 - 2015-02-05 11:48 - 12834736 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2015-09-02 22:53 - 2015-02-05 11:48 - 02789808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2015-09-02 22:53 - 2015-01-23 12:16 - 00213432 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2015-09-02 22:53 - 2015-01-19 12:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-09-02 22:53 - 2015-01-19 03:08 - 12975360 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2015-09-02 22:53 - 2014-12-11 02:10 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2015-09-02 22:53 - 2014-12-11 02:10 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2015-09-02 22:53 - 2014-12-11 02:10 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2015-09-02 22:53 - 2014-12-11 02:10 - 00250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2015-09-02 22:53 - 2014-11-11 07:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-09-02 22:53 - 2014-11-04 07:42 - 06242576 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2015-09-02 22:53 - 2014-11-04 07:42 - 01933584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2015-09-02 22:53 - 2014-11-04 07:42 - 00336144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2015-09-02 22:53 - 2014-11-04 07:42 - 00284944 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2015-09-02 22:53 - 2014-10-24 04:12 - 05234952 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2015-09-02 22:53 - 2014-10-24 04:12 - 00995120 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2015-09-02 22:53 - 2014-09-24 05:31 - 07087448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-09-02 22:53 - 2014-09-24 05:31 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-09-02 22:53 - 2014-09-24 05:31 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-09-02 22:53 - 2014-09-24 05:31 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-09-02 22:53 - 2014-08-14 13:16 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2015-09-02 22:53 - 2014-07-03 08:44 - 01499984 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2015-09-02 22:53 - 2014-07-03 08:44 - 00979280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2015-09-02 22:53 - 2014-06-17 13:17 - 00856992 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2015-09-02 22:53 - 2014-06-09 04:59 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-09-02 22:53 - 2014-05-22 10:24 - 00096568 _____ C:\WINDOWS\system32\audioLibVc.dll
2015-09-02 22:53 - 2014-04-17 11:42 - 01136728 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2015-09-02 22:53 - 2014-04-14 11:52 - 00003008 _____ C:\WINDOWS\system32\Drivers\DTSU2P.DAT
2015-09-02 22:53 - 2014-04-10 06:19 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-09-02 22:53 - 2014-04-10 06:19 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-09-02 22:53 - 2014-02-27 14:02 - 02162992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2015-09-02 22:53 - 2014-01-31 11:27 - 01313904 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2015-09-02 22:53 - 2013-10-11 06:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-09-02 22:53 - 2013-10-11 05:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-09-02 22:53 - 2013-10-06 18:26 - 00501184 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2015-09-02 22:53 - 2013-10-06 18:26 - 00487360 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2015-09-02 22:53 - 2013-10-06 18:26 - 00415680 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2015-09-02 22:53 - 2013-08-14 09:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-09-02 22:53 - 2013-08-14 09:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-09-02 22:53 - 2013-07-23 09:39 - 14048512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-09-02 22:53 - 2013-07-23 09:39 - 00922880 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-09-02 22:53 - 2013-06-25 06:47 - 00871856 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2015-09-02 22:53 - 2013-06-25 06:47 - 00162224 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2015-09-02 22:53 - 2013-06-25 06:46 - 00582056 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2015-09-02 22:53 - 2013-06-21 05:01 - 00109848 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2015-09-02 22:53 - 2013-04-03 08:13 - 00906800 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2015-09-02 22:53 - 2012-08-31 13:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-09-02 22:53 - 2012-08-31 13:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-09-02 22:53 - 2012-08-31 13:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-09-02 22:53 - 2012-08-31 13:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-09-02 22:53 - 2012-08-31 13:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-09-02 22:53 - 2012-03-08 05:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-09-02 22:53 - 2012-01-10 04:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2015-09-02 22:53 - 2011-12-20 09:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-09-02 22:53 - 2011-11-22 10:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-09-02 22:53 - 2011-09-02 08:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2015-09-02 22:53 - 2011-09-02 08:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2015-09-02 22:53 - 2011-09-02 08:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2015-09-02 22:53 - 2011-08-23 11:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-09-02 22:53 - 2011-03-17 06:17 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2015-09-02 22:53 - 2011-03-07 11:11 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-09-02 22:53 - 2010-09-27 03:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-09-02 22:53 - 2010-07-22 10:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2015-09-02 22:53 - 2009-11-24 03:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-09-02 22:53 - 2009-11-24 03:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-09-02 22:53 - 2009-11-24 03:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-09-02 22:53 - 2009-11-24 03:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-09-02 22:10 - 2015-09-02 22:10 - 00638836 _____ C:\Users\Admin\Downloads\ePSXe190.zip
2015-09-02 16:19 - 2015-09-02 16:19 - 00060821 _____ C:\WINDOWS\SysWOW64\CCCInstall_201509021619462401.log
2015-09-02 15:04 - 2015-09-19 10:38 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Apple Computer
2015-09-02 15:04 - 2015-09-02 15:04 - 00000000 ____D C:\Users\Admin\AppData\Local\Apple Computer
2015-09-01 19:37 - 2015-09-01 19:37 - 00000222 _____ C:\Users\Admin\Desktop\Terraria.url
2015-09-01 16:00 - 2015-09-01 16:01 - 00000000 ____D C:\Users\Admin\Desktop\Fotky (dovolená)
2015-08-31 14:13 - 2015-09-01 20:28 - 00000000 ____D C:\ftb
2015-08-31 14:06 - 2015-09-01 20:50 - 00000000 ____D C:\Users\Admin\AppData\Local\ftblauncher
2015-08-31 14:06 - 2015-08-31 14:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ftblauncher
2015-08-30 18:55 - 2015-08-30 18:55 - 00000000 ___RD C:\Sandbox
2015-08-30 14:23 - 2015-09-09 20:44 - 00002144 _____ C:\Users\Admin\Desktop\VirusTotal Uploader 2.2.lnk
2015-08-30 14:23 - 2015-08-30 14:23 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.2
2015-08-30 14:23 - 2015-08-30 14:23 - 00000000 ____D C:\Program Files (x86)\VirusTotalUploader2
2015-08-30 14:02 - 2015-08-30 14:02 - 00000000 ____D C:\Users\Admin\AppData\Roaming\CCleaner
2015-08-29 21:55 - 2015-08-29 21:55 - 00000000 ____D C:\Users\Admin\AppData\Local\O&O
2015-08-29 21:54 - 2015-08-30 01:50 - 00000000 ____D C:\WINDOWS\system32\oodag
2015-08-29 21:51 - 2015-08-29 21:51 - 00000000 ____D C:\ProgramData\OO Software
2015-08-29 20:17 - 2015-09-09 20:44 - 00001665 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2015-08-29 20:17 - 2015-08-29 20:17 - 00000000 ____D C:\ProgramData\Socialclub
2015-08-29 11:27 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 11:27 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-29 11:27 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-29 11:27 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 11:27 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 11:27 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-29 11:27 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-29 11:27 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 11:27 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-29 11:27 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 11:27 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-29 11:27 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-29 11:27 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 11:27 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 11:27 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 11:27 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-29 11:27 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-29 11:27 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 11:27 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 11:27 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-29 11:27 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 11:27 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-29 11:27 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-29 11:27 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 11:27 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-29 11:27 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 11:27 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 11:27 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 11:27 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-29 11:27 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-29 11:27 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 11:27 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-29 11:27 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-29 11:27 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-29 11:27 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-29 11:27 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-29 11:27 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-29 11:27 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-29 11:27 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-29 11:27 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-29 11:27 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-29 00:20 - 2015-09-09 20:45 - 00001439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2015-08-29 00:20 - 2015-09-09 20:44 - 00001427 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-08-28 13:52 - 2015-09-26 21:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-28 13:50 - 2015-08-28 13:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Sun
2015-08-28 13:50 - 2015-08-28 13:50 - 00000000 ____D C:\Users\Admin\.oracle_jre_usage

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-27 21:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-27 20:57 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-27 20:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-27 20:57 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-27 20:57 - 2015-03-23 20:12 - 00000000 ____D C:\Hry
2015-09-27 20:54 - 2015-03-25 17:21 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2015-09-27 20:21 - 2015-06-15 02:00 - 00000000 ____D C:\Program Files\Bitdefender
2015-09-27 20:15 - 2015-05-18 21:06 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-27 17:38 - 2015-04-03 20:23 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2015-09-27 15:40 - 2015-07-15 00:01 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-27 14:56 - 2015-07-31 16:49 - 02342644 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-27 14:56 - 2015-07-10 18:02 - 01072426 _____ C:\WINDOWS\system32\perfh005.dat
2015-09-27 14:56 - 2015-07-10 18:02 - 00270474 _____ C:\WINDOWS\system32\perfc005.dat
2015-09-27 14:51 - 2015-04-21 22:08 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2015-09-27 14:48 - 2015-05-22 01:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-27 14:48 - 2015-03-30 21:14 - 00230416 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2015-09-27 14:47 - 2015-03-23 20:01 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-27 14:16 - 2015-07-31 16:33 - 00000000 ____D C:\Users\Admin
2015-09-27 01:50 - 2015-03-21 21:10 - 00007602 _____ C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2015-09-26 21:52 - 2015-04-02 01:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2015-09-26 21:36 - 2015-04-02 01:41 - 00000000 ____D C:\ProgramData\Skype
2015-09-26 14:22 - 2015-04-01 23:27 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-26 14:22 - 2015-03-23 23:15 - 00000000 ____D C:\Program Files\CCleaner
2015-09-26 12:37 - 2015-03-23 20:13 - 00000000 ____D C:\ProgramData\ProductData
2015-09-25 17:33 - 2015-08-02 18:52 - 00000693 _____ C:\Users\Admin\Desktop\Touhou.lnk
2015-09-23 22:48 - 2015-07-15 02:53 - 00000000 ____D C:\Program Files\COMODO
2015-09-23 21:50 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-23 21:17 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-09-23 14:15 - 2015-03-23 21:37 - 00003900 _____ C:\WINDOWS\System32\Tasks\adobe flash player updater
2015-09-23 13:49 - 2015-07-16 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-22 11:37 - 2015-03-21 09:51 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2015-09-21 22:33 - 2015-08-02 02:45 - 11790493 _____ C:\Users\Admin\Desktop\Nový textový dokument.txt
2015-09-20 19:35 - 2015-07-16 01:22 - 00000000 ____D C:\Program Files (x86)\Avira
2015-09-20 19:31 - 2015-07-31 16:29 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-20 17:12 - 2015-06-14 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kholat
2015-09-20 17:12 - 2015-06-09 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repacky od tomi2k9
2015-09-20 16:39 - 2015-03-21 20:58 - 00000000 ____D C:\ProgramData\MFAData
2015-09-20 14:34 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Defender
2015-09-20 14:33 - 2015-07-31 19:33 - 00000000 ____D C:\Users\Baruška
2015-09-20 14:33 - 2015-07-31 16:44 - 00000000 ____D C:\Users\MSSQL$ADK
2015-09-20 14:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2015-09-20 14:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2015-09-20 14:33 - 2015-05-22 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-20 14:33 - 2015-03-23 23:35 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ProductData
2015-09-20 14:29 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\registration
2015-09-20 14:28 - 2015-05-22 17:40 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-19 23:21 - 2015-07-10 11:05 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-19 23:21 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated
2015-09-19 16:08 - 2015-03-23 20:13 - 00000000 ____D C:\Users\Admin\AppData\Roaming\IObit
2015-09-19 16:08 - 2015-03-23 20:13 - 00000000 ____D C:\ProgramData\IObit
2015-09-19 16:08 - 2015-03-23 20:13 - 00000000 ____D C:\Program Files (x86)\IObit
2015-09-15 21:16 - 2015-03-24 22:05 - 00001128 _____ C:\Users\Admin\Desktop\League of Legends.lnk
2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-13 00:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\System
2015-09-12 23:40 - 2015-08-05 05:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-09-12 23:40 - 2015-08-05 05:27 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-09-12 23:40 - 2015-04-21 22:07 - 00000842 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-09-12 11:28 - 2015-05-22 17:40 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2015-09-11 08:18 - 2015-07-10 14:20 - 00350584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-11 08:16 - 2015-07-10 18:05 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-11 08:16 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-11 08:14 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-09-11 08:14 - 2015-03-21 21:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-11 08:14 - 2015-03-21 21:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-10 17:01 - 2015-03-23 23:37 - 00000000 ____D C:\Program Files (x86)\Secunia
2015-09-09 23:48 - 2015-04-01 23:32 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2015-09-09 23:48 - 2015-04-01 23:32 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2015-09-09 23:48 - 2015-04-01 23:23 - 00000000 ____D C:\Users\Admin\AppData\Roaming\KeePass
2015-09-09 20:45 - 2015-07-31 16:40 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-09 20:45 - 2015-06-29 19:00 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-09-09 20:45 - 2015-05-22 01:43 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-09 20:44 - 2015-08-22 19:52 - 00000727 _____ C:\Users\Admin\Desktop\ZOMBI.lnk
2015-09-09 20:44 - 2015-07-31 18:20 - 00002358 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-09 20:44 - 2015-07-15 00:01 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-09 20:44 - 2015-05-26 22:20 - 00000755 _____ C:\Users\Admin\Desktop\Start Tor Browser.lnk
2015-09-09 20:44 - 2015-05-22 01:43 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-09 20:44 - 2015-04-22 22:01 - 00001714 _____ C:\Users\Public\Desktop\Recuva.lnk
2015-09-09 20:44 - 2015-04-19 00:25 - 00001377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Centrum řešení HP.lnk
2015-09-09 20:44 - 2015-04-02 21:00 - 00002046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 17.lnk
2015-09-09 20:44 - 2015-03-25 23:52 - 00000990 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2015-09-09 20:44 - 2015-03-25 17:21 - 00001082 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-09-09 20:44 - 2015-03-24 00:50 - 00001032 _____ C:\Users\Public\Desktop\PWGen.lnk
2015-09-09 20:44 - 2015-03-24 00:26 - 00000931 _____ C:\Users\Admin\Desktop\TrueCrypt.lnk
2015-09-09 20:44 - 2015-03-23 23:59 - 00001190 _____ C:\Users\Admin\Desktop\Telegram.lnk
2015-09-09 20:44 - 2015-03-23 20:45 - 00001656 _____ C:\Users\Public\Desktop\Far Cry 4.lnk
2015-09-09 20:44 - 2015-03-23 20:01 - 00000975 _____ C:\Users\Public\Desktop\Steam.lnk
2015-09-09 20:43 - 2015-08-23 17:53 - 00001125 _____ C:\Users\Admin\Desktop\MEGAsync.lnk
2015-09-09 20:43 - 2015-06-23 18:28 - 00000833 _____ C:\Users\Admin\Desktop\Serious Sam 2.lnk
2015-09-09 20:43 - 2015-04-30 01:36 - 00001113 _____ C:\Users\Admin\Desktop\Fallout 3.lnk
2015-09-09 20:43 - 2015-04-05 01:24 - 00000679 _____ C:\Users\Admin\Desktop\Movies.lnk
2015-09-09 20:43 - 2015-04-04 23:58 - 00002206 _____ C:\Users\Admin\Desktop\GTA IV.lnk
2015-09-09 20:43 - 2015-03-26 10:20 - 00001603 _____ C:\Users\Admin\Desktop\Dying Light.lnk
2015-09-09 16:05 - 2015-03-26 00:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-09 16:05 - 2015-03-26 00:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 16:04 - 2013-08-22 15:25 - 00000202 _____ C:\WINDOWS\win.ini
2015-09-09 15:46 - 2015-03-21 10:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-07 21:44 - 2015-06-15 01:55 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-09-07 19:07 - 2015-03-29 17:42 - 00000000 ____D C:\ProgramData\Oracle
2015-09-07 19:06 - 2015-04-02 01:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-07 19:04 - 2015-04-02 01:21 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-07 17:54 - 2015-03-21 21:03 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2015-09-07 17:52 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-09-06 23:31 - 2015-03-23 20:00 - 00000000 ____D C:\Program Files\WinRAR
2015-09-06 12:25 - 2015-03-24 00:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\PWGen
2015-09-05 20:04 - 2015-03-21 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-05 18:58 - 2015-03-24 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PWGen
2015-09-05 18:58 - 2015-03-24 00:50 - 00000000 ____D C:\Program Files (x86)\PWGen
2015-09-05 14:16 - 2015-06-15 02:00 - 00000000 ____D C:\ProgramData\BDLogging
2015-09-05 01:23 - 2015-08-05 14:17 - 00000000 ____D C:\avast! sandbox
2015-09-05 01:23 - 2015-03-23 19:38 - 00000000 ____D C:\ProgramData\AVAST Software
2015-09-03 19:44 - 2015-03-28 00:49 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-03 18:54 - 2015-07-15 00:01 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-03 00:29 - 2015-07-27 21:19 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-09-02 23:22 - 2015-07-31 16:29 - 00000000 ____D C:\Program Files\AMD
2015-09-02 23:14 - 2015-05-18 21:53 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-09-02 23:14 - 2015-03-30 20:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-02 23:01 - 2015-05-18 21:52 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-09-02 22:54 - 2015-07-31 16:28 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-09-02 22:33 - 2015-08-22 20:18 - 00000000 ____D C:\AMD
2015-09-02 17:10 - 2015-07-31 16:28 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-09-02 16:57 - 2015-04-01 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-02 16:20 - 2015-07-31 16:30 - 00000000 ____D C:\ProgramData\AMD
2015-09-02 16:15 - 2015-03-30 22:21 - 00000000 ____D C:\Users\Admin\AppData\Local\Rockstar Games
2015-09-02 15:31 - 2015-03-21 10:00 - 00002878 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2560372422-2021965399-549226919-1001
2015-09-01 15:55 - 2015-04-01 23:51 - 00209518 _____ C:\Users\Admin\Desktop\DTBS.kdbx
2015-08-31 11:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-30 03:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-30 01:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-29 20:20 - 2015-04-15 12:41 - 00000000 ____D C:\Program Files\Rockstar Games
2015-08-29 20:20 - 2015-04-15 12:41 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-08-29 20:17 - 2015-07-31 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2015-08-29 01:35 - 2015-04-04 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games

==================== Files in the root of some directories =======

2015-09-23 21:02 - 2015-09-23 21:02 - 0003584 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-24 00:36 - 2015-03-24 00:36 - 0000218 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-03-21 21:10 - 2015-09-27 01:50 - 0007602 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2015-09-07 21:44 - 2015-09-07 21:44 - 0243595 _____ () C:\ProgramData\1441654844.bdinstall.bin
2015-09-27 20:22 - 2015-09-27 20:22 - 0201499 _____ () C:\ProgramData\1443378030.bdinstall.bin
2015-07-15 22:06 - 2015-07-15 22:06 - 0000000 _____ () C:\ProgramData\cis20E3.exe
2015-05-15 00:13 - 2015-05-15 00:13 - 0000000 _____ () C:\ProgramData\cis2AD1.exe
2015-05-15 18:59 - 2015-05-15 18:59 - 0000000 _____ () C:\ProgramData\cisE1C7.exe
2015-05-15 00:21 - 2015-05-15 00:21 - 0000000 _____ () C:\ProgramData\cisE73A.exe
2015-05-15 00:11 - 2015-05-15 00:11 - 0000000 _____ () C:\ProgramData\cisF5EB.exe
2015-05-15 00:43 - 2015-05-15 00:43 - 0000000 _____ () C:\ProgramData\cisFFC2.exe
2015-07-31 16:29 - 2015-07-31 16:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-19 00:23 - 2015-07-14 02:23 - 0009270 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Users\Admin\AppData\Roaming\Origin\update.vbe
C:\ProgramData\cis20E3.exe
C:\ProgramData\cis2AD1.exe
C:\ProgramData\cisE1C7.exe
C:\ProgramData\cisE73A.exe
C:\ProgramData\cisF5EB.exe
C:\ProgramData\cisFFC2.exe


Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\i4jdel0.exe
C:\Users\Admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Admin\AppData\Local\Temp\unins000.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-24 15:15

==================== End of FRST.txt ============================

[Mine.]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-09-2015 01
Ran by Admin (2015-09-27 21:09:49)
Running from C:\Users\Admin\Downloads
Windows 10 Pro (X64) (2015-07-31 16:16:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2560372422-2021965399-549226919-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2560372422-2021965399-549226919-500 - Administrator - Disabled)
Baruška (S-1-5-21-2560372422-2021965399-549226919-1007 - Limited - Enabled) => C:\Users\Baruška
DefaultAccount (S-1-5-21-2560372422-2021965399-549226919-503 - Limited - Disabled)
Guest (S-1-5-21-2560372422-2021965399-549226919-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVG 2015 (Version: 15.0.4419 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.6140 - AVG Technologies CZ, s.r.o.) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.202 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
Bitdefender Safepay™ (HKLM\...\Bitdefender Safepay) (Version: 2.0.0.744 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
COMODO Firewall (HKLM\...\{38F898C8-272F-455F-9BD6-71FEBA3E4AF5}) (Version: 8.2.0.4703 - COMODO Security Solutions Inc.)
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Crysis 3 v1.0.0.1 (HKLM-x32\...\Crysis 3_is1) (Version: - )
Dying Light ver. 1.4.0.0 (HKLM-x32\...\{90098008-07WS-70NM-44T5-66JH8S9876UY}_is1) (Version: 1.4.0.0 - Warner Bros. Interactive Entertainment)
Fallout 3 (HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.7.0.3 - Bethesda Softworks)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.4.0 - Ubisoft)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GDR 5343 for SQL Server 2012 (KB3045321) (HKLM-x32\...\KB3045321) (Version: 11.2.5343.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: 1.0.350.1 - Rockstar)
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.0.3.171 - IObit)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
KeePass Password Safe 2.30 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.30 - Dominik Reichl)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version: - Tripwire Interactive)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.385 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.385 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (HKLM-x32\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 41.0 (x86 cs)) (Version: 41.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.0.5738 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PWGen 2.6.0 (HKLM-x32\...\{8A5E6B59-2804-4677-8A5F-DEBC218CE4E0}_is1) (Version: - Christian Thöing)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
Serious Sam 2 (HKLM-x32\...\SeriousSam2) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Service Pack 2 for SQL Server 2012 (KB2958429) (HKLM-x32\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Telegram Desktop version 0.9.2 (HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.2 - Telegram Messenger LLP)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{2B44F588-2B80-4DD3-B577-B10B3C6865EA}) (Version: - Microsoft)
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
ZOMBI v.версия 1.0 (HKLM-x32\...\ZOMBI_is1) (Version: - )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.9 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

19-09-2015 20:22:18 AVG 2015 restore point
19-09-2015 23:08:43 Removed AVG 2015
19-09-2015 23:10:59 Removed AVG 2015
20-09-2015 14:25:53 Operace obnovení
23-09-2015 21:49:30 Windows Update
23-09-2015 22:47:27 Installing COMODO Firewall
26-09-2015 01:31:15 µTorrent restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-06-18 21:45 - 2015-09-27 20:58 - 00000127 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {060020EF-B665-4795-9FF3-7115BCCA5BFA} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
Task: {1754DEE7-B15D-4684-BFE4-7EC7B2A8102E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {197672C3-83F4-4049-AA75-10265FD3C505} - System32\Tasks\Origin => C:\Users\Admin\AppData\Roaming\Origin\update.vbe [2015-09-20] () <==== ATTENTION
Task: {22904216-C1D0-45D0-881E-26E480E29E42} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
Task: {26EBDCD2-C7FA-4C1D-8DF3-27C98C16F469} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-17] (Adobe Systems Incorporated)
Task: {2A6E2398-E6A4-45FB-9827-8873B35EB423} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2015-03-28] (Microsoft Corporation)
Task: {40F1D8AC-7C74-419D-99A4-FDC8E34EEBD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {47BF8136-5BC1-499F-A958-FDD22F09D56D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {49369EB7-54ED-47FE-AF57-9A18B2744EC5} - System32\Tasks\adobe flash player updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-23] (Adobe Systems Incorporated)
Task: {4CC7DDEE-8F7E-456F-87AA-91B06C4069F5} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-05] (COMODO)
Task: {54C33C36-CEEE-449E-95E1-5A5B3A5D9B46} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-05-27] (Microsoft Corporation)
Task: {5B03405B-ADCD-48C6-8F69-E693E10A0D2F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5F3DDBD1-B785-47A5-B9BE-577CB73E3E59} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {650178BC-DBFD-4C8B-A89E-7481C097C057} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-05-27] (Microsoft Corporation)
Task: {81201EBC-86BC-4380-8B43-57155169B0C1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {89E8D41F-9A78-4F7D-9220-9D8609A151E0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {98BDA5CF-4F19-4E0A-9EAF-59F1136180AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2015-03-28] (Microsoft Corporation)
Task: {A79AFD1A-A733-4902-A5BC-A090B8FA8B45} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-05-27] (Microsoft Corporation)
Task: {B2261EC4-2B08-4F2F-A0B5-F238F58E6577} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-05-27] (Microsoft)
Task: {B71AAB24-5395-4C0B-9856-60518FD24143} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {B8767E18-18B2-4CE7-A598-113BD4675B85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2015-03-28] (Microsoft Corporation)
Task: {C15FD362-C855-4D7C-BB25-78B1C06D7EC2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-05-27] (Microsoft Corporation)
Task: {C681F58B-B5CE-4EAD-8AD5-09CD82DDD995} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {CBF8079A-012D-4D4B-A471-0CECF116DF43} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {D17D32D2-A1C4-47FA-A6C9-81B180940FE0} - \SUPERAntiSpyware Scheduled Task 3b90a921-5c2b-4ab7-a04c-b5decce19235 -> No File <==== ATTENTION
Task: {D3379111-B17E-4352-B770-B2393F4A5CA8} - \SUPERAntiSpyware Scheduled Task caf13e53-23a1-4b42-8250-06f1326c8fdb -> No File <==== ATTENTION
Task: {F1266AB4-BA42-4E81-A579-8A5AC42FCED4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-26] (Piriform Ltd)
Task: {F2ACBD4E-745C-4E73-A265-A6D7C9ACC448} - System32\Tasks\Uninstaller_SkipUac_Admin => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-08-25] (IObit)
Task: {FE997E90-DF24-4029-BC98-F09B7367650C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Admin.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-31 17:20 - 2015-07-31 17:20 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-02 22:33 - 2014-01-28 05:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-09-03 00:29 - 2014-04-24 08:29 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2015-08-21 01:38 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-29 11:27 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 11:27 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-01 16:13 - 2014-05-01 16:13 - 00470016 _____ () C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-21 01:39 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:05 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-21 01:38 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-21 01:38 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-04 21:33 - 2015-09-27 20:58 - 00033792 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-09-02 22:33 - 2014-01-28 05:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-03-23 23:35 - 2015-03-23 23:35 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-09-27 20:21 - 2014-09-03 10:46 - 00203768 _____ () C:\Program Files\Bitdefender\Bitdefender Safepay\txmlutil.dll
2015-09-27 20:21 - 2014-09-03 10:48 - 00033336 _____ () C:\Program Files\Bitdefender\Bitdefender Safepay\manupdchksch.dll
2015-08-29 00:20 - 2015-08-25 14:54 - 00348960 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-08-29 00:20 - 2015-08-25 14:54 - 00183584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-08-29 00:20 - 2015-08-25 14:54 - 00050976 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\appdrvrem01.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\coin95itp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpotscl1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpovst01.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpowiav1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hppldcoi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\HPZLLLHN.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\OpenAL32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PortChanger.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\pwdrvio.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\pwdspio.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\pwNative.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wrap_oal.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\AsIO.dll:$CmdZnID
AlternateDataStreams: C:\WINDOWS\SysWOW64\atl70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\atl71.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\comct232.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\comct332.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\comctl32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\comdlg32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\dblist32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mci32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70chs.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70cht.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70deu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70enu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70esp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70fra.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70ita.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70jpn.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70kor.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70u.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71chs.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71cht.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71deu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71enu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71esp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71fra.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71ita.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71jpn.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71kor.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71u.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscomct2.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscomctl.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscomctl32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscomm32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msdatgrd.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msdatlst.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msflxgrd.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshflxgd.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msinet.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msmask32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msstdfmt.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msstkprp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvbvm50.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvci70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcp70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcp71.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr71.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcrt10.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mswinsck.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenAL32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\picclp32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\richtx32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\sysinfo.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\tabctl32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\vb40032.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wrap_oal.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksl.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4Prt.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4usb.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetbus64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetdiag64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetmodem64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Rt630x64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudmdm.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbfilter.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\AsIO.sys:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Desktop\fashi-girl-style-sweater-image-684890-favim-btttkc4q.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Desktop\ProcessHacker.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Desktop\ProcessHacker.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Documents\BRenamerl.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Documents\BRenamerl.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Documents\M5A97R20.CAP:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Desktop\11951000_1124818207545513_2093467924_n - kopie.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: appdrvrem01 => 3
MSCONFIG\Services: cmdvirth => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: Secunia PSI Agent => 3
MSCONFIG\Services: Secunia Update Agent => 3
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "Classic Start Menu"
HKLM\...\StartupApproved\Run: => "InstallerLauncher"
HKLM\...\StartupApproved\Run: => "obkagent"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{7CCF0C25-11D5-4CA3-A17C-88176E07BBE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B1378552-86AD-4D8F-B766-399ED8AA1EB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{FEE81C9C-4983-4427-B73C-363C9F430C04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{884490E6-DD28-4AC2-BB92-D6814E7AAF6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D999DEBF-8316-4E97-B3C8-DBD9B76699E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A9DDC3BA-5DBC-4AB9-9AFF-03523FEFA388}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{E5CB4022-585F-49FF-BC6D-2B56665150C8}C:\hry\dying light\dyinglightgame.exe] => (Block) C:\hry\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{85B85D6A-EDF4-4F8E-B8AC-370FCAAD1A3A}C:\hry\dying light\dyinglightgame.exe] => (Block) C:\hry\dying light\dyinglightgame.exe
FirewallRules: [{FD3AD96C-7AC5-4063-B80A-5BC958873691}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4BB9D830-BF75-417D-8E4D-97944BE046E9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{EED7C8E4-F292-4717-B917-91AB8949B871}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1CA81E46-BC9B-4D0D-92C4-10B82904ABA9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2F336433-F382-4DA8-8E5B-04CEE10B9457}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{8AF5C2DB-6EDD-4A7F-B912-9E56A18FC4A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{922E858E-3D74-40CB-9857-33BBB806E4DC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{38A25821-D07E-4BD4-A502-1B8A8B10B1D9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{5BF19C77-14B2-4119-8872-B3B4AABAA3E6}] => (Allow) C:\Hry\GTA IV\EFLC\LaunchEFLC.exe
FirewallRules: [{A6B7FA28-228E-46E8-B661-B0336E691295}] => (Allow) C:\Hry\GTA IV\EFLC\LaunchEFLC.exe
FirewallRules: [{DD7A396A-15A3-49FC-AC08-C1D9AF864FF5}] => (Allow) C:\Hry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{0423F4D3-5D8A-49B9-8E9D-A6B365DD1B43}] => (Allow) C:\Hry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{F66DE5FC-611A-4871-B65E-EF076E6B0C4D}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{9B503DE9-D7F0-4919-AA89-88F80223A760}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{48ED71C4-ED31-4F13-BD28-B709E48CB09B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CDCC00E8-3D0A-4BF2-9A55-228509C2FA8F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C1B139F7-239A-43D0-8914-6143B878E618}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{C73CD06D-C9E4-4837-B4E3-39B4C97C570E}C:\hry\far cry 4\bin\farcry4.exe] => (Block) C:\hry\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{5539A1A8-2B60-4F32-A105-9A8B791DFF0F}C:\hry\far cry 4\bin\farcry4.exe] => (Block) C:\hry\far cry 4\bin\farcry4.exe
FirewallRules: [{2550B052-FD6D-4338-8847-CE1B8B70B389}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4B9F961C-C405-4E44-AEA1-DFD040588F34}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{72DF78AC-E0C4-4548-9B2C-C9A809B359A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5D09E645-414F-4AD5-85A2-6D8F0B5D5175}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9382ED3E-9F6A-4E9C-AE1E-A68515157CD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{E94DD0B9-4099-4496-877A-206EBF843DF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{98BFAA31-5FCB-466E-BB20-FD89F2BC54A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{C1E0919B-90C3-4FFA-80DA-D46CAC3768A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [TCP Query User{3DD7B35F-D681-401C-B612-23E64F12DF12}C:\hry\th145\th145.exe] => (Allow) C:\hry\th145\th145.exe
FirewallRules: [UDP Query User{EC15E5B0-364B-4C03-ADC0-503E983C8966}C:\hry\th145\th145.exe] => (Allow) C:\hry\th145\th145.exe
FirewallRules: [TCP Query User{48BD4D45-1698-4D90-97D3-56043EF72AA0}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{2668DAA6-946D-44E9-A88C-C7E2728E39FD}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{004203BE-33B1-41BA-ADD9-ADDBCBC546E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{9A26A461-049E-463B-ACA3-615B0A2C5A85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{C246FA8F-5E0C-4F18-8BB7-88B5BE9E9FE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{186F2F85-B3EA-4CE4-9310-D579078A47A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{DC0F2D4E-128E-48FD-9C71-EC4AB6A8A1BA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C8514DE6-43DB-4A4C-82E0-CFE438AD6CC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{0B2EB879-D9A5-4BA0-BC6B-C46BE1AEB374}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{097060B4-941C-47E4-B333-2B55B196E0E4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EA9F5DF4-2447-4743-A381-708F9E122097}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{42F84E01-200E-4BEB-A065-621A7D29B340}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/27/2015 08:58:16 PM) (Source: MSSQL$ADK) (EventID: 17207) (User: )
Description: FileMgr::StartLogFiles: Operating system error 2(Systém nemůže nalézt uvedený soubor.) occurred while creating or opening file 'e:\sql11_main_t.obj.x86release\sql\mkmastr\databases\objfre\i386\modellog.ldf'. Diagnose and correct the operating system error, and retry the operation.

Error: (09/27/2015 08:58:16 PM) (Source: MSSQL$ADK) (EventID: 17204) (User: )
Description: FCB::Open failed: Could not open file e:\sql11_main_t.obj.x86release\sql\mkmastr\databases\objfre\i386\model.mdf for file number 1. OS error: 3(Systém nemůže nalézt uvedenou cestu.).

Error: (09/27/2015 08:58:16 PM) (Source: MSSQL$ADK) (EventID: 17207) (User: )
Description: FileMgr::StartLogFiles: Operating system error 2(Systém nemůže nalézt uvedený soubor.) occurred while creating or opening file 'e:\sql11_main_t.obj.x86release\sql\mkmastr\databases\objfre\i386\MSDBLog.ldf'. Diagnose and correct the operating system error, and retry the operation.

Error: (09/27/2015 08:58:16 PM) (Source: MSSQL$ADK) (EventID: 17204) (User: )
Description: FCB::Open failed: Could not open file e:\sql11_main_t.obj.x86release\sql\mkmastr\databases\objfre\i386\MSDBData.mdf for file number 1. OS error: 3(Systém nemůže nalézt uvedenou cestu.).

Error: (09/27/2015 08:56:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZalmanR1)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (09/27/2015 08:18:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZalmanR1)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (09/27/2015 08:18:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZalmanR1)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (09/27/2015 08:17:44 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: SQLAgent$ADK8

Error: (09/27/2015 08:17:44 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$ADK8

Error: (09/27/2015 05:38:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 41.0.0.5738, časové razítko: 0x55fb7072
Název chybujícího modulu: mozglue.dll, verze: 41.0.0.5738, časové razítko: 0x55fb5afb
Kód výjimky: 0x80000003
Posun chyby: 0x0000ec7e
ID chybujícího procesu: 0x18ac
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3
Úplný název chybujícího balíčku: plugin-container.exe4
ID aplikace související s chybujícím balíčkem: plugin-container.exe5


System errors:
=============
Error: (09/27/2015 08:58:16 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba SQL Server (ADK) skončila s následující chybou specifickou pro službu:
%%945

Error: (09/27/2015 08:56:54 PM) (Source: DCOM) (EventID: 10010) (User: ZalmanR1)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (09/27/2015 08:56:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/27/2015 08:19:30 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (09/27/2015 08:18:36 PM) (Source: DCOM) (EventID: 10010) (User: ZalmanR1)
Description: WindowsDefaultLockScreen

Error: (09/27/2015 08:18:36 PM) (Source: DCOM) (EventID: 10010) (User: ZalmanR1)
Description: WindowsDefaultLockScreen

Error: (09/27/2015 06:00:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (09/27/2015 06:00:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (09/27/2015 06:00:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (09/27/2015 06:00:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici


CodeIntegrity:
===================================
Date: 2015-09-27 20:59:23.969
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-27 20:36:06.685
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-27 20:20:03.606
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-27 20:12:27.683
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-27 17:24:26.054
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-27 17:14:14.316
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-27 16:57:37.599
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-27 16:39:29.573
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-27 15:09:20.313
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-27 15:01:06.081
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 26%
Total physical RAM: 8093.5 MB
Available physical RAM: 5913.43 MB
Total Virtual: 16285.5 MB
Available Virtual: 13632.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.73 GB) (Free:208.56 GB) NTFS
Drive d: (Untitled) (Fixed) (Total:931.51 GB) (Free:339.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E3B86E78)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B7F7BA07)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Mine.]

Neví někdo prosím ?

[Mine.]

Ještě připojuji, co mi hlásil firewall, je to nějak nebezpečné? Prosím odpovězte.

[altrok]

Krasny den Vam preju


Kdyz si do tematu 3x sam odpovite, vypada to, ze uz se Vam nekdo z radcu venuje a snadno Vase vlakno muze zapadnout.

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[Mine.]

Krasny den Vam preju


Kdyz si do tematu 3x sam odpovite, vypada to, ze uz se Vam nekdo z radcu venuje a snadno Vase vlakno muze zapadnout.

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Děkuji, jo, napadlo mě to pak

LOG:

# AdwCleaner v5.009 - Logfile created 28/09/2015 at 22:00:25
# Updated 27/09/2015 by Xplode
# Database : 2015-09-27.1 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : Admin - ZALMANR1
# Running from : C:\Users\Admin\Desktop\adwcleaner_5.009.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\ftb
Folder Found : C:\ProgramData\productdata
Folder Found : C:\Users\Admin\AppData\Local\eSupport.com
Folder Found : C:\Users\Admin\AppData\Roaming\productdata

***** [ Files ] *****

File Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\avira-safesearch.xml

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : adobe flash player updater

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing
Key Found : HKLM\SOFTWARE\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\eSupport.com
Key Found : HKLM\SOFTWARE\GeekBuddyRSP
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\eSupport.com
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found : HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxps://safesearch.avira.com/#web/result?source=art&q=

***** [ Web browsers ] *****

[C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\prefs.js] [Preference] Found : user_pref("avira.safe_search.installed", "[\"safesearchplus\"]");
[C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\prefs.js] [Preference] Found : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\prefs.js] [Preference] Found : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"5b4d7974a43fc287f9b0a18fa4bdfd4b9f1e15e9\"");
[C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\prefs.js] [Preference] Found : user_pref("extensions.safesearch.install", "1442844974671");
[C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : bmkckgpgekmanipelfidlhmkfcjicion

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [5586 bytes] ##########

[Mine.]

Omlouvám se, špatný log. Nový:

# AdwCleaner v5.009 - Logfile created 28/09/2015 at 22:09:37
# Updated 27/09/2015 by Xplode
# Database : 2015-09-27.1 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : Admin - ZALMANR1
# Running from : C:\Users\Admin\Desktop\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ftb
[-] Folder Deleted : C:\ProgramData\productdata
[-] Folder Deleted : C:\Users\Admin\AppData\Local\eSupport.com
[-] Folder Deleted : C:\Users\Admin\AppData\Roaming\productdata

***** [ Files ] *****

[-] File Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\avira-safesearch.xml

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : adobe flash player updater

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\eSupport.com
[-] Key Deleted : HKLM\SOFTWARE\GeekBuddyRSP
[!] Key Not Deleted : [x64] HKCU\Software\APN PIP
[!] Key Not Deleted : [x64] HKCU\Software\eSupport.com
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]

***** [ Web browsers ] *****

[-] [C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\prefs.js] [Preference] Deleted : user_pref("avira.safe_search.installed", "[\"safesearchplus\"]");
[-] [C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\prefs.js] [Preference] Deleted : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[-] [C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\prefs.js] [Preference] Deleted : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"5b4d7974a43fc287f9b0a18fa4bdfd4b9f1e15e9\"");
[-] [C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\prefs.js] [Preference] Deleted : user_pref("extensions.safesearch.install", "1442844974671");
[-] [C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : bmkckgpgekmanipelfidlhmkfcjicion

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [5026 bytes] ##########

[altrok]

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

[Mine.]

Dobře a ještě se zeptám - co znamená ten soubor a proč se připojuje na internet?

[altrok]

Vas PC muze byt napr. soucasti botnetu a soubor se snazi spojit s ridici jednotkou, ktera mu dava prikazy, muze shromazdovat data o Vasem PC a odesilat je na vychod, muze se jednat o downloader, ktery teprv veskerou havet do PC stahne... To Vam bez detailni analyzy s jistotou nikdo nerekne.

[Mine.]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
Ran by Admin (administrator) on ZALMANR1 (29-09-2015 20:56:54)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin & Baruška (Available Profiles: Admin & Baruška & MSSQL$ADK)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\obksvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\bdwtxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\x64\obkscanag64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.13251.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
() C:\Program Files (x86)\360\Total Security\QHSafeMain.exe
() C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8483032 2015-05-28] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-05] (COMODO)
HKLM\...\Run: [obkagent] => C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe [1234816 2014-11-11] (Bitdefender)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-09-27] (Malwarebytes Corporation)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [300152 2015-09-29] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-09-29] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-26] (Piriform Ltd)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [BingSvc] => C:\Users\Admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\RunOnce: [*NPE] => "" /POSTFIX
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\MountPoints2: {4d8048c2-e02f-11e4-be8b-f07959613533} - "E:\LG_PC_Programs.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{93cd84c0-9c28-42cf-8441-bbe6616bf76d}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2560372422-2021965399-549226919-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2015-09-21] (Qihu 360 Software Co., Ltd.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Bitdefender Safepay™ for Internet Explorer 64-bit -> {ED858D4C-395F-4623-987B-B420994790C9} -> C:\Program Files\Bitdefender\Bitdefender Safepay\x64\spbxie64.dll [2014-11-11] (Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-07] (Oracle Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2015-09-21] (Qihu 360 Software Co., Ltd.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-07] (Oracle Corporation)
BHO-x32: Bitdefender Safepay™ for Internet Explorer -> {ED858D4C-395F-4623-987B-B420994790C9} -> C:\Program Files\Bitdefender\Bitdefender Safepay\spbxie.dll [2014-11-11] (Bitdefender)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: about:home
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-05-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-05-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\peklada-google.xml [2015-09-09]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml [2015-05-29]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\wikiskripta-cs.xml [2015-05-07]
FF Extension: Avira Browser Safety - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\abs@avira.com [2015-09-20]
FF Extension: Bing Search - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\bingsearch.full@microsoft.com [2015-09-09]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\iobitascsurfingprotection@iobit.com [2015-09-19]
FF Extension: Avira SafeSearch Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\safesearchplus@avira.com [2015-09-20]
FF Extension: WOT - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-10]
FF Extension: MEGA - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\firefox@mega.co.nz.xpi [2015-04-30]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-30]
FF Extension: Disable Anti-Adblock - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi [2015-04-30]
FF HKLM-x32\...\Firefox\Extensions: [{a171a864-424e-4d77-be5a-1ee220deccd3}] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff
FF Extension: Bitdefender Safepay - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff [2015-09-27]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360 Internet Protection - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2015-09-29]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-22]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-22]
CHR Extension: (Bing) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2015-09-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-22]
CHR Extension: (Avira SafeSearch) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2015-09-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-22]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2015-09-27]
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2560372422-2021965399-549226919-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2015-09-27]
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 appdrvrem01; C:\WINDOWS\System32\appdrvrem01.exe [551896 2015-04-11] (Protection Technology)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-03] (COMODO)
S4 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-05] (COMODO)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-25] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-09-27] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 MSSQL$ADK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\sqlservr.exe [163008 2015-07-16] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 OBKSvc; C:\Program Files\Bitdefender\Bitdefender Safepay\OBKSvc.exe [1242568 2014-11-11] (Bitdefender)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [858744 2015-09-29] (QIHU 360 SOFTWARE CO. LIMITED)
S4 SQLAgent$ADK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\SQLAGENT.EXE [448704 2015-07-16] (Microsoft Corporation)
R2 UPDATESRV_SAFEPAY; C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe [66784 2014-10-28] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137296 2015-09-21] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2015-09-21] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2015-09-21] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-09-21] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [363088 2015-09-21] (360.cn)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-04-20] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-04-20] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-04-20] (LG Electronics Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [2715824 2015-04-12] (Protection Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2015-07-27] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
S3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [77760 2015-07-09] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313264 2015-08-19] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [304560 2015-08-04] (AVG Technologies CZ, s.r.o.)
R4 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-08-06] (Avira Operations GmbH & Co. KG)
U1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [178768 2015-09-21] (360.cn)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21720 2015-08-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [827632 2015-08-05] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-08-05] (COMODO)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-04-02] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-04-02] (Windows (R) Win 7 DDK provider)
R1 epp64; C:\EEK\bin\epp64.sys [138504 2015-09-29] (Emsisoft GmbH)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-09-27] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [146720 2012-09-05] (BitDefender LLC)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-23] (REALiX(tm))
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127232 2015-08-05] (COMODO)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2015-06-13] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2015-06-13] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek )
R1 SMR501; C:\Windows\System32\drivers\SMR501.SYS [111288 2015-09-29] (Symantec Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U0 xjprjt; C:\Windows\System32\drivers\ajbvo.sys [79064 2015-09-29] (Malwarebytes Corporation)
S3 MFE_RR; \??\C:\Users\Admin\AppData\Local\Temp\mfe_rr.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

[Mine.]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-09-2015 01
Ran by Admin (2015-09-29 21:00:15)
Running from C:\Users\Admin\Desktop
Windows 10 Pro (X64) (2015-07-31 16:16:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2560372422-2021965399-549226919-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2560372422-2021965399-549226919-500 - Administrator - Disabled)
Baruška (S-1-5-21-2560372422-2021965399-549226919-1007 - Limited - Enabled) => C:\Users\Baruška
DefaultAccount (S-1-5-21-2560372422-2021965399-549226919-503 - Limited - Disabled)
Guest (S-1-5-21-2560372422-2021965399-549226919-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 7.2.0.1021 - 360 Security Center)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVG 2015 (Version: 15.0.4419 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.6140 - AVG Technologies CZ, s.r.o.) Hidden
Bitdefender Safepay™ (HKLM\...\Bitdefender Safepay) (Version: 2.0.0.744 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
COMODO Firewall (HKLM\...\{38F898C8-272F-455F-9BD6-71FEBA3E4AF5}) (Version: 8.2.0.4703 - COMODO Security Solutions Inc.)
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Crysis 3 v1.0.0.1 (HKLM-x32\...\Crysis 3_is1) (Version: - )
Dying Light ver. 1.4.0.0 (HKLM-x32\...\{90098008-07WS-70NM-44T5-66JH8S9876UY}_is1) (Version: 1.4.0.0 - Warner Bros. Interactive Entertainment)
Fallout 3 (HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.7.0.3 - Bethesda Softworks)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.4.0 - Ubisoft)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GDR 5343 for SQL Server 2012 (KB3045321) (HKLM-x32\...\KB3045321) (Version: 11.2.5343.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: 1.0.350.1 - Rockstar)
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.0.3.171 - IObit)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
KeePass Password Safe 2.30 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.30 - Dominik Reichl)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version: - Tripwire Interactive)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.385 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.385 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (HKLM-x32\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 41.0 (x86 cs)) (Version: 41.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.0.5738 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Prime Benchmark 3.1 (HKLM-x32\...\Prime Benchmark_is1) (Version: - Vlastimil Burian)
PWGen 2.6.0 (HKLM-x32\...\{8A5E6B59-2804-4677-8A5F-DEBC218CE4E0}_is1) (Version: - Christian Thöing)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
Serious Sam 2 (HKLM-x32\...\SeriousSam2) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Service Pack 2 for SQL Server 2012 (KB2958429) (HKLM-x32\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Telegram Desktop version 0.9.2 (HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.2 - Telegram Messenger LLP)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{2B44F588-2B80-4DD3-B577-B10B3C6865EA}) (Version: - Microsoft)
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
ZOMBI v.версия 1.0 (HKLM-x32\...\ZOMBI_is1) (Version: - )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.9 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

19-09-2015 20:22:18 AVG 2015 restore point
19-09-2015 23:08:43 Removed AVG 2015
19-09-2015 23:10:59 Removed AVG 2015
20-09-2015 14:25:53 Operace obnovení
23-09-2015 21:49:30 Windows Update
23-09-2015 22:47:27 Installing COMODO Firewall
26-09-2015 01:31:15 µTorrent restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-06-18 21:45 - 2015-09-29 12:36 - 00000133 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {060020EF-B665-4795-9FF3-7115BCCA5BFA} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
Task: {1754DEE7-B15D-4684-BFE4-7EC7B2A8102E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {197672C3-83F4-4049-AA75-10265FD3C505} - System32\Tasks\Origin => C:\Users\Admin\AppData\Roaming\Origin\update.vbe <==== ATTENTION
Task: {22904216-C1D0-45D0-881E-26E480E29E42} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
Task: {26EBDCD2-C7FA-4C1D-8DF3-27C98C16F469} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-17] (Adobe Systems Incorporated)
Task: {2A6E2398-E6A4-45FB-9827-8873B35EB423} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2015-03-28] (Microsoft Corporation)
Task: {321B4AB4-3A6C-4866-9DA0-773C7AFEB0B0} - System32\Tasks\Uninstaller_SkipUac_Admin => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-08-25] (IObit)
Task: {40F1D8AC-7C74-419D-99A4-FDC8E34EEBD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {47BF8136-5BC1-499F-A958-FDD22F09D56D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {4CC7DDEE-8F7E-456F-87AA-91B06C4069F5} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-05] (COMODO)
Task: {54C33C36-CEEE-449E-95E1-5A5B3A5D9B46} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-05-27] (Microsoft Corporation)
Task: {5B03405B-ADCD-48C6-8F69-E693E10A0D2F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5F3DDBD1-B785-47A5-B9BE-577CB73E3E59} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {650178BC-DBFD-4C8B-A89E-7481C097C057} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-05-27] (Microsoft Corporation)
Task: {89E8D41F-9A78-4F7D-9220-9D8609A151E0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {98BDA5CF-4F19-4E0A-9EAF-59F1136180AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2015-03-28] (Microsoft Corporation)
Task: {A79AFD1A-A733-4902-A5BC-A090B8FA8B45} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-05-27] (Microsoft Corporation)
Task: {B2261EC4-2B08-4F2F-A0B5-F238F58E6577} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-05-27] (Microsoft)
Task: {B71AAB24-5395-4C0B-9856-60518FD24143} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {B8767E18-18B2-4CE7-A598-113BD4675B85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2015-03-28] (Microsoft Corporation)
Task: {C15FD362-C855-4D7C-BB25-78B1C06D7EC2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-05-27] (Microsoft Corporation)
Task: {C681F58B-B5CE-4EAD-8AD5-09CD82DDD995} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C8CABD00-F31A-4B02-AB9B-298A07B71DD6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {CBF8079A-012D-4D4B-A471-0CECF116DF43} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {D17D32D2-A1C4-47FA-A6C9-81B180940FE0} - \SUPERAntiSpyware Scheduled Task 3b90a921-5c2b-4ab7-a04c-b5decce19235 -> No File <==== ATTENTION
Task: {D3379111-B17E-4352-B770-B2393F4A5CA8} - \SUPERAntiSpyware Scheduled Task caf13e53-23a1-4b42-8250-06f1326c8fdb -> No File <==== ATTENTION
Task: {F1266AB4-BA42-4E81-A579-8A5AC42FCED4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-26] (Piriform Ltd)
Task: {FE997E90-DF24-4029-BC98-F09B7367650C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Admin.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-31 17:20 - 2015-07-31 17:20 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-02 22:33 - 2014-01-28 05:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-08-21 01:38 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-09-03 00:29 - 2014-04-24 08:29 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2015-08-29 11:27 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 11:27 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-01 16:13 - 2014-05-01 16:13 - 00470016 _____ () C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll
2015-09-29 20:13 - 2015-09-21 07:29 - 00613968 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2015-08-21 01:39 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:05 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-21 01:38 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-21 01:38 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:05 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-21 01:38 - 2015-08-03 03:30 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-09-18 12:47 - 2015-09-18 12:47 - 03495936 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-09-29 20:13 - 2015-09-29 20:13 - 01032312 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
2015-09-29 20:13 - 2015-09-29 20:13 - 01597560 _____ () C:\Program Files (x86)\360\Total Security\QHSafeMain.exe
2015-09-29 20:13 - 2015-09-29 20:13 - 00610936 _____ () C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
2015-09-04 21:33 - 2015-09-29 12:36 - 00033792 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-09-02 22:33 - 2014-01-28 05:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-27 20:21 - 2014-09-03 10:46 - 00203768 _____ () C:\Program Files\Bitdefender\Bitdefender Safepay\txmlutil.dll
2015-09-27 20:21 - 2014-09-03 10:48 - 00033336 _____ () C:\Program Files\Bitdefender\Bitdefender Safepay\manupdchksch.dll
2015-09-29 20:13 - 2015-09-21 07:29 - 00087672 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2015-09-29 20:13 - 2015-09-21 07:29 - 00559224 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00143296 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 02631616 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00554944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00041920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00039872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2015-04-13 15:58 - 2015-04-13 15:58 - 00086464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2015-04-13 15:56 - 2015-04-13 15:56 - 00070675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 02158528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00114112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00245184 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00089536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00055744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00072128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00593344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00771520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00131520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00052672 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\librar_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00145856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 01566656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00332736 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2015-04-13 15:58 - 2015-04-13 15:58 - 01264064 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00069568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00242112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00048576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 12001728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00108992 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00096704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00091584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00032192 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libtta_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00046528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00084928 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libwav_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00034752 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00961472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsid_plugin.dll
2015-04-13 15:58 - 2015-04-13 15:58 - 00137152 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 01303488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00024000 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdiracsys_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00338368 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libogg_plugin.dll
2015-04-13 15:58 - 2015-04-13 15:58 - 00720832 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblive555_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00031680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00418240 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libgme_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00035264 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libimage_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libxa_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00029632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libpva_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libau_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00344512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00157632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00754624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00031680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00089024 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00032192 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00040384 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00078272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00044992 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00026048 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00035264 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00037312 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00025536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_hevc_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 13522368 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00261056 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00304576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 01291200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00052160 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00456128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00035776 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 01549248 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00356288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2015-04-13 16:00 - 2015-04-13 16:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00127936 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libhttp_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00140224 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00176576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00067520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 01504704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00029632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2015-04-13 15:59 - 2015-04-13 15:59 - 00034240 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\appdrvrem01.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\coin95itp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpotscl1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpovst01.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpowiav1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hppldcoi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\HPZLLLHN.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\OpenAL32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PortChanger.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\pwdrvio.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\pwdspio.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\pwNative.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wrap_oal.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\AsIO.dll:$CmdZnID
AlternateDataStreams: C:\WINDOWS\SysWOW64\atl70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\atl71.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\comct232.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\comct332.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\comctl32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\comdlg32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\dblist32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mci32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70chs.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70cht.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70deu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70enu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70esp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70fra.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70ita.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70jpn.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70kor.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70u.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71chs.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71cht.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71deu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71enu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71esp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71fra.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71ita.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71jpn.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71kor.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71u.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscomct2.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscomctl.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscomctl32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscomm32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msdatgrd.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msdatlst.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msflxgrd.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshflxgd.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msinet.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msmask32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msstdfmt.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msstkprp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvbvm50.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvci70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcp70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcp71.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr71.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcrt10.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mswinsck.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenAL32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\picclp32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\richtx32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\sysinfo.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\tabctl32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\vb40032.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wrap_oal.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksl.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4Prt.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4usb.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetbus64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetdiag64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetmodem64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Rt630x64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudmdm.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbfilter.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\AsIO.sys:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Desktop\1236267_561312527249977_783174237_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Desktop\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Desktop\OOSU10.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Desktop\OOSU10.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Desktop\procexp.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Desktop\procexp.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Documents\BRenamerl.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Documents\BRenamerl.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Documents\M5A97R20.CAP:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Desktop\11951000_1124818207545513_2093467924_n - kopie.jpg
HKU\S-1-5-21-2560372422-2021965399-549226919-1007\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: appdrvrem01 => 3
MSCONFIG\Services: cmdvirth => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: Secunia PSI Agent => 3
MSCONFIG\Services: Secunia Update Agent => 3
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "Classic Start Menu"
HKLM\...\StartupApproved\Run: => "InstallerLauncher"
HKLM\...\StartupApproved\Run: => "obkagent"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{7CCF0C25-11D5-4CA3-A17C-88176E07BBE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B1378552-86AD-4D8F-B766-399ED8AA1EB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{FEE81C9C-4983-4427-B73C-363C9F430C04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{884490E6-DD28-4AC2-BB92-D6814E7AAF6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D999DEBF-8316-4E97-B3C8-DBD9B76699E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A9DDC3BA-5DBC-4AB9-9AFF-03523FEFA388}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{E5CB4022-585F-49FF-BC6D-2B56665150C8}C:\hry\dying light\dyinglightgame.exe] => (Block) C:\hry\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{85B85D6A-EDF4-4F8E-B8AC-370FCAAD1A3A}C:\hry\dying light\dyinglightgame.exe] => (Block) C:\hry\dying light\dyinglightgame.exe
FirewallRules: [{FD3AD96C-7AC5-4063-B80A-5BC958873691}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4BB9D830-BF75-417D-8E4D-97944BE046E9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{EED7C8E4-F292-4717-B917-91AB8949B871}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1CA81E46-BC9B-4D0D-92C4-10B82904ABA9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2F336433-F382-4DA8-8E5B-04CEE10B9457}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{8AF5C2DB-6EDD-4A7F-B912-9E56A18FC4A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{922E858E-3D74-40CB-9857-33BBB806E4DC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{38A25821-D07E-4BD4-A502-1B8A8B10B1D9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{5BF19C77-14B2-4119-8872-B3B4AABAA3E6}] => (Allow) C:\Hry\GTA IV\EFLC\LaunchEFLC.exe
FirewallRules: [{A6B7FA28-228E-46E8-B661-B0336E691295}] => (Allow) C:\Hry\GTA IV\EFLC\LaunchEFLC.exe
FirewallRules: [{DD7A396A-15A3-49FC-AC08-C1D9AF864FF5}] => (Allow) C:\Hry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{0423F4D3-5D8A-49B9-8E9D-A6B365DD1B43}] => (Allow) C:\Hry\GTA IV\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{F66DE5FC-611A-4871-B65E-EF076E6B0C4D}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{9B503DE9-D7F0-4919-AA89-88F80223A760}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{48ED71C4-ED31-4F13-BD28-B709E48CB09B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CDCC00E8-3D0A-4BF2-9A55-228509C2FA8F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C1B139F7-239A-43D0-8914-6143B878E618}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{C73CD06D-C9E4-4837-B4E3-39B4C97C570E}C:\hry\far cry 4\bin\farcry4.exe] => (Block) C:\hry\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{5539A1A8-2B60-4F32-A105-9A8B791DFF0F}C:\hry\far cry 4\bin\farcry4.exe] => (Block) C:\hry\far cry 4\bin\farcry4.exe
FirewallRules: [{2550B052-FD6D-4338-8847-CE1B8B70B389}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4B9F961C-C405-4E44-AEA1-DFD040588F34}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{72DF78AC-E0C4-4548-9B2C-C9A809B359A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5D09E645-414F-4AD5-85A2-6D8F0B5D5175}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9382ED3E-9F6A-4E9C-AE1E-A68515157CD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{E94DD0B9-4099-4496-877A-206EBF843DF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{98BFAA31-5FCB-466E-BB20-FD89F2BC54A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{C1E0919B-90C3-4FFA-80DA-D46CAC3768A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [TCP Query User{3DD7B35F-D681-401C-B612-23E64F12DF12}C:\hry\th145\th145.exe] => (Allow) C:\hry\th145\th145.exe
FirewallRules: [UDP Query User{EC15E5B0-364B-4C03-ADC0-503E983C8966}C:\hry\th145\th145.exe] => (Allow) C:\hry\th145\th145.exe
FirewallRules: [TCP Query User{48BD4D45-1698-4D90-97D3-56043EF72AA0}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{2668DAA6-946D-44E9-A88C-C7E2728E39FD}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{004203BE-33B1-41BA-ADD9-ADDBCBC546E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{9A26A461-049E-463B-ACA3-615B0A2C5A85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{C246FA8F-5E0C-4F18-8BB7-88B5BE9E9FE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{186F2F85-B3EA-4CE4-9310-D579078A47A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{DC0F2D4E-128E-48FD-9C71-EC4AB6A8A1BA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C8514DE6-43DB-4A4C-82E0-CFE438AD6CC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{0B2EB879-D9A5-4BA0-BC6B-C46BE1AEB374}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{097060B4-941C-47E4-B333-2B55B196E0E4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EA9F5DF4-2447-4743-A381-708F9E122097}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{42F84E01-200E-4BEB-A065-621A7D29B340}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{E63E8168-7BD6-4B3B-9168-C32D915841FF}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC62FD7E-003C-48DB-9ED3-A1FF39F3090A}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FA4E6C0D-9271-449A-AD9C-F244B71CA698}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2ED50EBD-A3CE-42E1-9DCD-8F04400368B4}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{709CD8D8-8A76-4964-B1A4-523E34587734}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{94A12288-5011-4A51-8621-3CECC6CB9214}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3D6CAB14-AFB9-49C4-AD39-75668BC43BCD}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{6F3B6A26-123B-490E-B0D1-88578274F872}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{52348F2B-C1BA-4D00-9CA4-F30BE6F5DDBF}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{F04755D0-0E02-4425-9829-C744BDF76DD4}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/29/2015 08:01:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.ServiceHost.exe, verze: 1.1.45.11819, časové razítko: 0x55cc6ae4
Název chybujícího modulu: SystemUtilities.dll_unloaded, verze: 15.0.13.193, časové razítko: 0x55ddb37b
Kód výjimky: 0xc0000005
Posun chyby: 0x0002e0a0
ID chybujícího procesu: 0x7a0
Čas spuštění chybující aplikace: 0xAvira.ServiceHost.exe0
Cesta k chybující aplikaci: Avira.ServiceHost.exe1
Cesta k chybujícímu modulu: Avira.ServiceHost.exe2
ID zprávy: Avira.ServiceHost.exe3
Úplný název chybujícího balíčku: Avira.ServiceHost.exe4
ID aplikace související s chybujícím balíčkem: Avira.ServiceHost.exe5

Error: (09/29/2015 08:01:26 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Avira.ServiceHost.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
Zásobník:
na Avira.OE.AvConnector.Interface.IGeneralPlugin.GetSystrayStatus()
na Avira.OE.AvConnector.AvStatusReporter.GetStatus()
na Avira.OE.AvConnector.AvConnector.GetAvStatusData(Boolean)
na Avira.OE.AvConnector.AvConnector.RefreshDeviceState(Boolean)
na Avira.OE.AvConnector.AvConnector.RefreshDeviceState()
na Avira.OE.AvConnector.AvConnector.OnEventDatabaseFileChanged(System.Object, System.EventArgs)
na Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke(System.EventHandler, System.Object, System.EventArgs)
na Avira.OE.AvConnector.AvFileMonitor.FileWatcher_Changed(System.Object, System.IO.FileSystemEventArgs)
na System.IO.FileSystemWatcher.OnChanged(System.IO.FileSystemEventArgs)
na System.IO.FileSystemWatcher.NotifyFileSystemEventArgs(Int32, System.String)
na System.IO.FileSystemWatcher.CompletionStatusChanged(UInt32, UInt32, System.Threading.NativeOverlapped*)
na System.Threading._IOCompletionCallback.IOCompletionCallback_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (09/29/2015 06:34:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NetworkUXBroker.exe, verze: 10.0.10240.16384, časové razítko: 0x559f3aa6
Název chybujícího modulu: ntdll.dll, verze: 10.0.10240.16430, časové razítko: 0x55c59f92
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ea28c
ID chybujícího procesu: 0x1780
Čas spuštění chybující aplikace: 0xNetworkUXBroker.exe0
Cesta k chybující aplikaci: NetworkUXBroker.exe1
Cesta k chybujícímu modulu: NetworkUXBroker.exe2
ID zprávy: NetworkUXBroker.exe3
Úplný název chybujícího balíčku: NetworkUXBroker.exe4
ID aplikace související s chybujícím balíčkem: NetworkUXBroker.exe5

Error: (09/29/2015 06:26:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: jucheck.exe, verze: 2.8.60.27, časové razítko: 0x55c116b1
Název chybujícího modulu: jucheck.exe, verze: 2.8.60.27, časové razítko: 0x55c116b1
Kód výjimky: 0x40000015
Posun chyby: 0x00052d24
ID chybujícího procesu: 0x23fc
Čas spuštění chybující aplikace: 0xjucheck.exe0
Cesta k chybující aplikaci: jucheck.exe1
Cesta k chybujícímu modulu: jucheck.exe2
ID zprávy: jucheck.exe3
Úplný název chybujícího balíčku: jucheck.exe4
ID aplikace související s chybujícím balíčkem: jucheck.exe5

Error: (09/29/2015 04:34:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll8

Error: (09/29/2015 04:19:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: procexp64.exe, verze: 16.5.0.0, časové razítko: 0x55503597
Název chybujícího modulu: procexp64.exe, verze: 16.5.0.0, časové razítko: 0x55503597
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000a78ef
ID chybujícího procesu: 0x1374
Čas spuštění chybující aplikace: 0xprocexp64.exe0
Cesta k chybující aplikaci: procexp64.exe1
Cesta k chybujícímu modulu: procexp64.exe2
ID zprávy: procexp64.exe3
Úplný název chybujícího balíčku: procexp64.exe4
ID aplikace související s chybujícím balíčkem: procexp64.exe5

Error: (09/29/2015 12:36:29 PM) (Source: MSSQL$ADK) (EventID: 17207) (User: )
Description: FileMgr::StartLogFiles: Operating system error 2(Systém nemůže nalézt uvedený soubor.) occurred while creating or opening file 'e:\sql11_main_t.obj.x86release\sql\mkmastr\databases\objfre\i386\modellog.ldf'. Diagnose and correct the operating system error, and retry the operation.

Error: (09/29/2015 12:36:29 PM) (Source: MSSQL$ADK) (EventID: 17204) (User: )
Description: FCB::Open failed: Could not open file e:\sql11_main_t.obj.x86release\sql\mkmastr\databases\objfre\i386\model.mdf for file number 1. OS error: 3(Systém nemůže nalézt uvedenou cestu.).


System errors:
=============
Error: (09/29/2015 08:14:11 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Start s touto chybou:
%%5

Error: (09/29/2015 08:01:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Service Host byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/29/2015 08:01:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Defender neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (09/29/2015 08:01:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Windows Defender bylo dosaženo časového limitu (30000 ms).

Error: (09/29/2015 02:44:37 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (09/29/2015 02:34:46 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (09/29/2015 12:36:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Defender neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (09/29/2015 12:36:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Windows Defender bylo dosaženo časového limitu (30000 ms).

Error: (09/29/2015 12:36:29 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba SQL Server (ADK) skončila s následující chybou specifickou pro službu:
%%945

Error: (09/29/2015 12:35:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.


CodeIntegrity:
===================================
Date: 2015-09-29 20:47:47.229
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-29 20:03:07.556
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-09-29 18:49:20.559
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-29 18:43:32.490
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-29 18:26:03.593
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-29 17:10:46.146
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-29 14:54:13.875
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-29 14:35:41.474
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-29 14:16:52.693
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-29 13:46:57.980
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 50%
Total physical RAM: 8093.5 MB
Available physical RAM: 4011.01 MB
Total Virtual: 16285.5 MB
Available Virtual: 11153.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.73 GB) (Free:262.73 GB) NTFS
Drive d: (Untitled) (Fixed) (Total:931.51 GB) (Free:339.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E3B86E78)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B7F7BA07)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[altrok]

Mate moc antivirovych produktu (aviru jste ocividne odinstaloval):

• 360 Total Security
• AVG 2015

Jeden vyberte, druhy (nejlepe v nouzovem rezimu) odinstalujte. Z logu to vypada, ze jste se AVG snazil odinstalovat, ale jeste po nem zustalo hodne zbytku...

[Mine.]

Mate moc antivirovych produktu (aviru jste ocividne odinstaloval):

• 360 Total Security
• AVG 2015

Jeden vyberte, druhy (nejlepe v nouzovem rezimu) odinstalujte. Z logu to vypada, ze jste se AVG snazil odinstalovat, ale jeste po nem zustalo hodne zbytku...

Máte pravdu! 360 ponechávám, Aviru jsem vážně odinstaloval, ten AVG - nevíte o nějaké utilitě, která by je odstranila? Jinak, co PC?