update.vbe se snaží připojit na internet - Prosím o pomoc!

[Mine.]

A ještě mám otázku. Jak je možné, že se ten update snažil připojit na internet, když neběžel v procesech? Nebo já jsem alespoň jen tak zběžně v tom prvním logu nic neviděl.

[altrok]

Pouzijte oficialni AVG Remover - http://download.avg.com/filedir/util/su ... 5_5501.exe

PC jiz brzy docistime - je to na dobre ceste.

A ještě mám otázku. Jak je možné, že se ten update snažil připojit na internet, když neběžel v procesech? Nebo já jsem alespoň jen tak zběžně v tom prvním logu nic neviděl.

Protoze ma nastaveno, aby se snazil pripojit k internetu, ale antivir mu v tom blokuje. Proto nebezi ani zadny proces.

[Mine.]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
Ran by Admin (administrator) on ZALMANR1 (30-09-2015 14:50:18)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin & Baruška & MSSQL$ADK)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\obksvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe
(Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(AMD) C:\Windows\System32\atieclxx.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.13251.0_x64__8wekyb3d8bbwe\Video.UI.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8483032 2015-05-28] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-05] (COMODO)
HKLM\...\Run: [obkagent] => C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe [1234816 2014-11-11] (Bitdefender)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-09-27] (Malwarebytes Corporation)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [300152 2015-09-29] (QIHU 360 SOFTWARE CO. LIMITED)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-26] (Piriform Ltd)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [BingSvc] => C:\Users\Admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\MountPoints2: {4d8048c2-e02f-11e4-be8b-f07959613533} - "E:\LG_PC_Programs.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{93cd84c0-9c28-42cf-8441-bbe6616bf76d}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2560372422-2021965399-549226919-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2015-09-21] (Qihu 360 Software Co., Ltd.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Bitdefender Safepay™ for Internet Explorer 64-bit -> {ED858D4C-395F-4623-987B-B420994790C9} -> C:\Program Files\Bitdefender\Bitdefender Safepay\x64\spbxie64.dll [2014-11-11] (Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-07] (Oracle Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2015-09-21] (Qihu 360 Software Co., Ltd.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-07] (Oracle Corporation)
BHO-x32: Bitdefender Safepay™ for Internet Explorer -> {ED858D4C-395F-4623-987B-B420994790C9} -> C:\Program Files\Bitdefender\Bitdefender Safepay\spbxie.dll [2014-11-11] (Bitdefender)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: about:home
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-05-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-05-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\peklada-google.xml [2015-09-09]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml [2015-05-29]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\wikiskripta-cs.xml [2015-05-07]
FF Extension: Avira Browser Safety - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\abs@avira.com [2015-09-20]
FF Extension: Bing Search - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\bingsearch.full@microsoft.com [2015-09-09]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\iobitascsurfingprotection@iobit.com [2015-09-19]
FF Extension: Avira SafeSearch Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\safesearchplus@avira.com [2015-09-20]
FF Extension: WOT - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-10]
FF Extension: MEGA - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\firefox@mega.co.nz.xpi [2015-04-30]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-30]
FF Extension: Disable Anti-Adblock - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi [2015-04-30]
FF HKLM-x32\...\Firefox\Extensions: [{a171a864-424e-4d77-be5a-1ee220deccd3}] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff
FF Extension: Bitdefender Safepay - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff [2015-09-27]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360 Internet Protection - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2015-09-29]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-22]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-22]
CHR Extension: (Bing) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2015-09-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-22]
CHR Extension: (360 Internet Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2015-09-29]
CHR Extension: (Avira SafeSearch) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2015-09-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-22]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2015-09-27]
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2560372422-2021965399-549226919-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2015-09-27]
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 appdrvrem01; C:\WINDOWS\System32\appdrvrem01.exe [551896 2015-04-11] (Protection Technology)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-03] (COMODO)
S4 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-05] (COMODO)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-25] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-09-27] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 MSSQL$ADK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\sqlservr.exe [163008 2015-07-16] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 OBKSvc; C:\Program Files\Bitdefender\Bitdefender Safepay\OBKSvc.exe [1242568 2014-11-11] (Bitdefender)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [858744 2015-09-29] (QIHU 360 SOFTWARE CO. LIMITED)
S4 SQLAgent$ADK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\SQLAGENT.EXE [448704 2015-07-16] (Microsoft Corporation)
R2 UPDATESRV_SAFEPAY; C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe [66784 2014-10-28] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137296 2015-09-21] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2015-09-21] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2015-09-21] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-09-21] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [363088 2015-09-21] (360.cn)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-04-20] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-04-20] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-04-20] (LG Electronics Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [2715824 2015-04-12] (Protection Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2015-07-27] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
S3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [178768 2015-09-21] (360.cn)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21720 2015-08-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [827632 2015-08-05] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-08-05] (COMODO)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-04-02] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-04-02] (Windows (R) Win 7 DDK provider)
R1 epp64; C:\EEK\bin\epp64.sys [138504 2015-09-29] (Emsisoft GmbH)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-09-27] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [146720 2012-09-05] (BitDefender LLC)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-23] (REALiX(tm))
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127232 2015-08-05] (COMODO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2015-06-13] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2015-06-13] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 MFE_RR; \??\C:\Users\Admin\AppData\Local\Temp\mfe_rr.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-30 14:50 - 2015-09-30 14:51 - 00022497 _____ C:\Users\Admin\Desktop\FRST.txt
2015-09-30 14:09 - 2015-09-30 14:09 - 00016148 _____ C:\WINDOWS\system32\ZALMANR1_Admin_HistoryPrediction.bin
2015-09-29 23:39 - 2015-09-29 23:39 - 00611910 _____ C:\ProgramData\SMRResults501.dat
2015-09-29 23:03 - 2015-09-29 23:44 - 00485563 _____ C:\Users\Admin\Downloads\avgremover.log
2015-09-29 23:03 - 2015-09-29 23:03 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Admin\Downloads\avg_remover_stf_x64_2015_5501.exe
2015-09-29 20:48 - 2015-09-29 20:49 - 37788792 _____ C:\Users\Admin\Downloads\360TS_Setup.exe
2015-09-29 20:38 - 2015-09-29 23:25 - 00000000 __SHD C:\$360Section
2015-09-29 20:27 - 2015-09-29 20:54 - 00000000 ____D C:\Users\Admin\Desktop\Scan
2015-09-29 20:19 - 2015-09-29 20:19 - 00000000 ____D C:\Users\Admin\AppData\Roaming\360safe
2015-09-29 20:15 - 2015-09-29 20:15 - 00000000 _____ C:\ProgramData\rebootpending.txt
2015-09-29 20:14 - 2015-09-29 20:19 - 00000000 ____D C:\ProgramData\360TotalSecurity
2015-09-29 20:14 - 2015-09-29 20:14 - 00001222 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2015-09-29 20:14 - 2015-09-29 20:14 - 00000000 _RSHD C:\360SANDBOX
2015-09-29 20:14 - 2015-09-29 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-09-29 20:14 - 2015-09-29 20:14 - 00000000 ____D C:\ProgramData\360safe
2015-09-29 20:14 - 2015-09-21 07:29 - 00363088 _____ (360.cn) C:\WINDOWS\system32\Drivers\360fsflt.sys
2015-09-29 20:14 - 2015-09-21 07:29 - 00319568 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2015-09-29 20:14 - 2015-09-21 07:29 - 00178768 _____ (360.cn) C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
2015-09-29 20:14 - 2015-09-21 07:29 - 00137296 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
2015-09-29 20:14 - 2015-09-21 07:29 - 00040520 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Camera64.sys
2015-09-29 20:13 - 2015-09-21 07:29 - 00077904 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AvFlt.sys
2015-09-29 20:12 - 2015-09-29 20:12 - 29489272 _____ C:\Users\Admin\Downloads\360TSE_Setup_7.2.0.1021.exe
2015-09-29 19:45 - 2015-09-29 19:45 - 00000000 ____D C:\Program Files\Reason
2015-09-29 18:09 - 2015-09-29 18:09 - 00849656 _____ (O&O Software GmbH) C:\Users\Admin\Desktop\OOSU10.exe
2015-09-29 16:58 - 2015-09-29 17:53 - 00000000 ____D C:\EEK
2015-09-29 16:18 - 2015-09-29 16:18 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2015-09-29 16:17 - 2015-09-29 16:17 - 02508432 _____ (Sysinternals - www.sysinternals.com) C:\Users\Admin\Desktop\procexp.exe
2015-09-28 22:15 - 2015-09-29 19:11 - 00000000 ____D C:\ProgramData\ProductData
2015-09-28 22:15 - 2015-09-28 22:15 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ProductData
2015-09-28 21:59 - 2015-09-28 22:09 - 00000000 ____D C:\AdwCleaner
2015-09-28 16:18 - 2015-09-28 16:18 - 00001155 _____ C:\Users\Public\Desktop\Prime Benchmark.lnk
2015-09-28 16:18 - 2015-09-28 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prime Benchmark
2015-09-28 16:18 - 2015-09-28 16:18 - 00000000 ____D C:\Program Files (x86)\Prime Benchmark
2015-09-27 21:07 - 2015-09-30 14:50 - 00000000 ____D C:\FRST
2015-09-27 21:07 - 2015-09-27 21:07 - 02192384 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2015-09-27 20:22 - 2015-09-27 20:22 - 00201499 _____ C:\ProgramData\1443378030.bdinstall.bin
2015-09-27 20:21 - 2015-09-27 20:21 - 00002180 _____ C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2015-09-27 20:21 - 2015-09-27 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Safepay
2015-09-27 20:21 - 2015-09-27 20:21 - 00000000 ____D C:\ProgramData\Bitdefender
2015-09-27 20:21 - 2012-09-05 16:30 - 00146720 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2015-09-27 20:20 - 2015-09-27 20:21 - 00000000 ____D C:\ProgramData\Bitdefender Safepay
2015-09-27 20:20 - 2015-09-27 20:20 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Bitdefender Safepay
2015-09-27 17:31 - 2015-09-27 18:01 - 00000000 ____D C:\Users\Admin\Desktop\Fotky (prodej)
2015-09-27 15:25 - 2015-09-29 20:14 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-09-27 15:25 - 2015-09-27 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-09-27 15:25 - 2015-09-27 15:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-09-27 14:48 - 2015-09-29 23:39 - 00013490 _____ C:\WINDOWS\PFRO.log
2015-09-27 14:16 - 2015-09-27 14:43 - 00000000 ____D C:\Program Files (x86)\Vuze
2015-09-27 14:16 - 2015-09-27 14:40 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Azureus
2015-09-27 14:16 - 2015-09-27 14:16 - 00000000 ____D C:\Users\Admin\.swt
2015-09-27 02:06 - 2015-09-27 02:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Crystal Security
2015-09-27 01:51 - 2015-09-30 14:45 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-27 01:51 - 2015-09-28 18:46 - 00002159 _____ C:\WINDOWS\setupact.log
2015-09-27 01:51 - 2015-09-27 01:51 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-27 01:45 - 2015-09-29 20:10 - 00000000 ____D C:\Users\Admin\AppData\Local\NPE
2015-09-27 01:45 - 2015-09-27 01:45 - 00000000 ____D C:\ProgramData\Norton
2015-09-26 01:52 - 2015-09-27 14:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-23 22:48 - 2015-09-23 22:48 - 00001886 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk
2015-09-23 22:48 - 2015-09-23 22:48 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2015-09-23 22:48 - 2015-09-23 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2015-09-23 22:25 - 2015-09-23 22:48 - 00000000 ____D C:\ProgramData\Comodo
2015-09-23 21:04 - 2015-09-23 21:18 - 00000000 ____D C:\Users\Admin\Documents\Fax
2015-09-23 21:02 - 2015-09-23 21:02 - 00003584 _____ C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-20 19:35 - 2015-08-06 20:58 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-09-20 19:31 - 2015-09-29 20:16 - 00000000 ____D C:\ProgramData\Avira
2015-09-20 16:06 - 2015-09-20 16:06 - 00003186 _____ C:\WINDOWS\System32\Tasks\Origin
2015-09-20 15:46 - 2015-09-20 15:46 - 00000000 ____D C:\Program Files (x86)\Mad Max
2015-09-20 12:34 - 2015-09-20 12:38 - 429256938 _____ C:\Users\Admin\Downloads\001.bmp
2015-09-19 23:21 - 2015-09-19 23:21 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-09-19 10:56 - 2015-09-19 10:56 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-19 10:54 - 2015-09-19 10:54 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-09-19 10:54 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\SysWOW64\IObitSmartDefragExtension.dll20150919154659.dll
2015-09-19 10:47 - 2015-09-20 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-09-19 10:47 - 2015-09-20 14:29 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-09-19 10:47 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-09-18 23:21 - 2015-09-19 16:10 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-09-18 23:21 - 2015-09-18 23:21 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Lavasoft
2015-09-16 16:00 - 2015-09-16 16:00 - 00000000 ____D C:\Users\Admin\Documents\Zvukové záznamy
2015-09-12 23:10 - 2015-09-26 21:36 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-10 21:31 - 2015-09-10 21:31 - 00000000 ____D C:\Users\Admin\AppData\Roaming\dvdcss
2015-09-09 23:48 - 2015-09-09 23:48 - 00001174 _____ C:\Users\Admin\Desktop\KeePass 2.lnk
2015-09-09 23:21 - 2015-09-10 15:00 - 00002087 _____ C:\Users\Admin\Desktop\FileHippo App Manager.lnk
2015-09-09 23:21 - 2015-09-09 23:21 - 00002117 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2015-09-09 23:21 - 2015-09-09 23:21 - 00000000 ____D C:\Program Files (x86)\FileHippo.com
2015-09-09 23:13 - 2015-09-09 23:13 - 00021712 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2015-09-09 22:52 - 2015-09-27 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-09 20:44 - 2015-09-09 20:44 - 00000080 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk
2015-09-08 22:28 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-08 22:28 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-08 22:28 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-08 22:28 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 22:28 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-08 22:28 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-08 22:28 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 22:27 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-08 22:27 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-08 22:27 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 22:27 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-08 22:27 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 22:27 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-08 22:27 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 22:27 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 22:27 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 22:27 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 22:27 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 22:27 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 22:27 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 22:27 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-08 22:27 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-08 22:27 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 22:27 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 22:27 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 22:27 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 22:27 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:27 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 22:27 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 22:27 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 22:27 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 22:27 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-07 21:45 - 2015-09-07 21:45 - 00000000 _____ C:\WINDOWS\system32\REN586E.tmp
2015-09-07 21:44 - 2015-09-07 21:44 - 00243595 _____ C:\ProgramData\1441654844.bdinstall.bin
2015-09-07 19:05 - 2015-09-07 19:04 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-07 18:35 - 2015-09-09 20:44 - 00001802 _____ C:\Users\Admin\Desktop\Word 2013.lnk
2015-09-07 17:48 - 2015-09-28 23:07 - 00000000 ____D C:\Users\Admin\Desktop\Čtenářský deník
2015-09-07 17:28 - 2015-04-29 17:18 - 00000000 ____D C:\Users\Admin\Desktop\GTA V - Exclusive content DLC Unlocker
2015-09-05 20:15 - 2015-09-05 20:15 - 00000220 _____ C:\Users\Admin\Desktop\Garry's Mod.url
2015-09-05 18:19 - 2015-09-30 14:30 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-05 18:19 - 2015-09-30 13:34 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-05 18:19 - 2015-09-15 17:25 - 00004036 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-05 18:19 - 2015-09-15 17:25 - 00003804 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-05 14:11 - 2015-09-05 14:11 - 00000000 ____D C:\Users\Admin\AppData\Temp
2015-09-05 02:16 - 2015-09-05 02:16 - 00000385 _____ C:\Users\Admin\AppData\Roaminguser_gensett.xml
2015-09-05 02:15 - 2015-09-05 02:15 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2015-09-05 02:13 - 2015-09-20 14:33 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-05 01:46 - 2015-09-05 01:46 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-09-05 01:46 - 2015-05-29 09:50 - 01730304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2015-09-05 01:46 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2015-09-03 20:42 - 2015-09-27 22:01 - 00000000 ____D C:\Users\Admin\Desktop\Tor Browser
2015-09-03 18:29 - 2015-09-03 18:29 - 00065736 _____ (Prevx) C:\WINDOWS\system32\Drivers\pxrts.sys
2015-09-03 18:29 - 2015-09-03 18:29 - 00036384 _____ (Prevx) C:\WINDOWS\system32\Drivers\pxscan.sys
2015-09-03 18:29 - 2015-09-03 18:29 - 00024024 _____ (Prevx) C:\WINDOWS\system32\Drivers\pxkbf.sys
2015-09-03 18:23 - 2015-09-04 21:32 - 00000000 ____D C:\Program Files (x86)\NoVirusThanks
2015-09-03 18:18 - 2015-09-29 20:40 - 00000296 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Admin.job
2015-09-03 18:18 - 2015-09-29 19:11 - 00002482 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Admin
2015-09-03 12:52 - 2015-09-03 12:52 - 00579408 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2015-09-03 12:52 - 2015-09-03 12:52 - 00445472 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2015-09-02 23:14 - 2015-06-23 04:37 - 00091272 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-09-02 22:54 - 2015-09-02 22:54 - 00000000 ____D C:\Program Files\Realtek
2015-09-02 22:53 - 2015-06-02 12:48 - 04477656 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-09-02 22:53 - 2015-06-02 12:15 - 02088737 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-09-02 22:53 - 2015-06-02 11:15 - 01747160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-09-02 22:53 - 2015-06-02 08:57 - 02847960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-09-02 22:53 - 2015-06-02 08:57 - 02531544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2015-09-02 22:53 - 2015-05-27 12:51 - 02461016 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2015-09-02 22:53 - 2015-05-27 12:51 - 00944984 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2015-09-02 22:53 - 2015-05-26 05:59 - 00166616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-09-02 22:53 - 2015-05-25 09:18 - 03195416 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-09-02 22:53 - 2015-05-20 10:14 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-09-02 22:53 - 2015-05-18 08:47 - 02702040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-09-02 22:53 - 2015-05-15 13:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-09-02 22:53 - 2015-05-15 10:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-09-02 22:53 - 2015-04-28 04:52 - 05706688 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2015-09-02 22:53 - 2015-04-27 10:09 - 00328816 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2015-09-02 22:53 - 2015-04-23 23:42 - 00858256 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2015-09-02 22:53 - 2015-04-23 23:42 - 00684176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2015-09-02 22:53 - 2015-04-23 23:42 - 00435856 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2015-09-02 22:53 - 2015-04-23 23:41 - 00555664 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2015-09-02 22:53 - 2015-04-13 10:25 - 03262184 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2015-09-02 22:53 - 2015-04-09 09:23 - 01559744 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2015-09-02 22:53 - 2015-04-03 07:24 - 01365768 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2015-09-02 22:53 - 2015-02-05 11:48 - 12834736 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2015-09-02 22:53 - 2015-02-05 11:48 - 02789808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2015-09-02 22:53 - 2015-01-23 12:16 - 00213432 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2015-09-02 22:53 - 2015-01-19 12:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-09-02 22:53 - 2015-01-19 03:08 - 12975360 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2015-09-02 22:53 - 2014-12-11 02:10 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2015-09-02 22:53 - 2014-12-11 02:10 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2015-09-02 22:53 - 2014-12-11 02:10 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2015-09-02 22:53 - 2014-12-11 02:10 - 00250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2015-09-02 22:53 - 2014-11-11 07:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-09-02 22:53 - 2014-11-04 07:42 - 06242576 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2015-09-02 22:53 - 2014-11-04 07:42 - 01933584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2015-09-02 22:53 - 2014-11-04 07:42 - 00336144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2015-09-02 22:53 - 2014-11-04 07:42 - 00284944 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2015-09-02 22:53 - 2014-10-24 04:12 - 05234952 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2015-09-02 22:53 - 2014-10-24 04:12 - 00995120 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2015-09-02 22:53 - 2014-09-24 05:31 - 07087448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-09-02 22:53 - 2014-09-24 05:31 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-09-02 22:53 - 2014-09-24 05:31 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-09-02 22:53 - 2014-09-24 05:31 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-09-02 22:53 - 2014-08-14 13:16 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2015-09-02 22:53 - 2014-07-03 08:44 - 01499984 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2015-09-02 22:53 - 2014-07-03 08:44 - 00979280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2015-09-02 22:53 - 2014-06-17 13:17 - 00856992 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2015-09-02 22:53 - 2014-06-09 04:59 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-09-02 22:53 - 2014-05-22 10:24 - 00096568 _____ C:\WINDOWS\system32\audioLibVc.dll
2015-09-02 22:53 - 2014-04-17 11:42 - 01136728 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2015-09-02 22:53 - 2014-04-14 11:52 - 00003008 _____ C:\WINDOWS\system32\Drivers\DTSU2P.DAT
2015-09-02 22:53 - 2014-04-10 06:19 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-09-02 22:53 - 2014-04-10 06:19 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-09-02 22:53 - 2014-02-27 14:02 - 02162992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2015-09-02 22:53 - 2014-01-31 11:27 - 01313904 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2015-09-02 22:53 - 2013-10-11 06:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-09-02 22:53 - 2013-10-11 05:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-09-02 22:53 - 2013-10-06 18:26 - 00501184 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2015-09-02 22:53 - 2013-10-06 18:26 - 00487360 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2015-09-02 22:53 - 2013-10-06 18:26 - 00415680 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2015-09-02 22:53 - 2013-08-14 09:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-09-02 22:53 - 2013-08-14 09:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-09-02 22:53 - 2013-07-23 09:39 - 14048512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-09-02 22:53 - 2013-07-23 09:39 - 00922880 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-09-02 22:53 - 2013-06-25 06:47 - 00871856 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2015-09-02 22:53 - 2013-06-25 06:47 - 00162224 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2015-09-02 22:53 - 2013-06-25 06:46 - 00582056 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2015-09-02 22:53 - 2013-06-21 05:01 - 00109848 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2015-09-02 22:53 - 2013-04-03 08:13 - 00906800 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2015-09-02 22:53 - 2012-08-31 13:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-09-02 22:53 - 2012-08-31 13:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-09-02 22:53 - 2012-08-31 13:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-09-02 22:53 - 2012-08-31 13:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-09-02 22:53 - 2012-08-31 13:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-09-02 22:53 - 2012-03-08 05:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-09-02 22:53 - 2012-01-10 04:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2015-09-02 22:53 - 2011-12-20 09:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-09-02 22:53 - 2011-11-22 10:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-09-02 22:53 - 2011-09-02 08:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2015-09-02 22:53 - 2011-09-02 08:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2015-09-02 22:53 - 2011-09-02 08:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2015-09-02 22:53 - 2011-08-23 11:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-09-02 22:53 - 2011-03-17 06:17 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2015-09-02 22:53 - 2011-03-07 11:11 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-09-02 22:53 - 2010-09-27 03:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-09-02 22:53 - 2010-07-22 10:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2015-09-02 22:53 - 2009-11-24 03:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-09-02 22:53 - 2009-11-24 03:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-09-02 22:53 - 2009-11-24 03:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-09-02 22:53 - 2009-11-24 03:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-09-02 16:19 - 2015-09-02 16:19 - 00060821 _____ C:\WINDOWS\SysWOW64\CCCInstall_201509021619462401.log
2015-09-02 15:04 - 2015-09-19 10:38 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Apple Computer
2015-09-02 15:04 - 2015-09-02 15:04 - 00000000 ____D C:\Users\Admin\AppData\Local\Apple Computer
2015-09-01 19:37 - 2015-09-01 19:37 - 00000222 _____ C:\Users\Admin\Desktop\Terraria.url
2015-08-31 14:06 - 2015-09-01 20:50 - 00000000 ____D C:\Users\Admin\AppData\Local\ftblauncher
2015-08-31 14:06 - 2015-08-31 14:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ftblauncher

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-30 14:47 - 2015-03-23 20:01 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-30 14:35 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-30 14:31 - 2015-04-21 22:08 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2015-09-30 13:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-29 23:39 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-29 23:39 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-09-29 23:39 - 2015-03-24 16:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent
2015-09-29 23:38 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2015-09-29 23:38 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-29 23:26 - 2015-04-03 20:23 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2015-09-29 23:25 - 2015-03-24 00:36 - 00000000 ____D C:\ProgramData\360Quarant
2015-09-29 23:01 - 2015-07-31 18:29 - 00000452 __RSH C:\ProgramData\ntuser.pol
2015-09-29 21:57 - 2015-03-25 17:21 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2015-09-29 20:16 - 2015-07-31 16:29 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-29 20:16 - 2015-07-16 01:22 - 00000000 ____D C:\Program Files (x86)\Avira
2015-09-29 20:13 - 2015-03-23 23:57 - 00000000 ____D C:\Program Files (x86)\360
2015-09-29 16:58 - 2015-07-15 00:01 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-28 16:12 - 2015-04-01 23:23 - 00000000 ____D C:\Users\Admin\AppData\Roaming\KeePass
2015-09-27 23:57 - 2015-03-23 23:15 - 00000000 ____D C:\Program Files\CCleaner
2015-09-27 20:57 - 2015-03-23 20:12 - 00000000 ____D C:\Hry
2015-09-27 20:21 - 2015-06-15 02:00 - 00000000 ____D C:\Program Files\Bitdefender
2015-09-27 14:56 - 2015-07-31 16:49 - 02342644 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-27 14:56 - 2015-07-10 18:02 - 01072426 _____ C:\WINDOWS\system32\perfh005.dat
2015-09-27 14:56 - 2015-07-10 18:02 - 00270474 _____ C:\WINDOWS\system32\perfc005.dat
2015-09-27 14:48 - 2015-05-22 01:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-27 14:48 - 2015-03-30 21:14 - 00230416 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2015-09-27 14:16 - 2015-07-31 16:33 - 00000000 ____D C:\Users\Admin
2015-09-27 01:50 - 2015-03-21 21:10 - 00007602 _____ C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2015-09-26 21:52 - 2015-04-02 01:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2015-09-26 21:36 - 2015-08-28 13:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-26 21:36 - 2015-04-02 01:41 - 00000000 ____D C:\ProgramData\Skype
2015-09-26 14:22 - 2015-04-01 23:27 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-25 17:33 - 2015-08-02 18:52 - 00000693 _____ C:\Users\Admin\Desktop\Touhou.lnk
2015-09-23 22:48 - 2015-07-15 02:53 - 00000000 ____D C:\Program Files\COMODO
2015-09-23 21:50 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-23 21:17 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-09-22 11:37 - 2015-03-21 09:51 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2015-09-21 22:33 - 2015-08-02 02:45 - 11790493 _____ C:\Users\Admin\Desktop\Nový textový dokument.txt
2015-09-20 17:12 - 2015-06-14 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kholat
2015-09-20 17:12 - 2015-06-09 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repacky od tomi2k9
2015-09-20 14:34 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Defender
2015-09-20 14:33 - 2015-07-31 19:33 - 00000000 ____D C:\Users\Baruška
2015-09-20 14:33 - 2015-07-31 16:44 - 00000000 ____D C:\Users\MSSQL$ADK
2015-09-20 14:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2015-09-20 14:33 - 2015-05-22 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-20 14:29 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\registration
2015-09-20 14:28 - 2015-05-22 17:40 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-19 23:21 - 2015-07-10 11:05 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-19 23:21 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated
2015-09-19 16:08 - 2015-03-23 20:13 - 00000000 ____D C:\Users\Admin\AppData\Roaming\IObit
2015-09-19 16:08 - 2015-03-23 20:13 - 00000000 ____D C:\ProgramData\IObit
2015-09-19 16:08 - 2015-03-23 20:13 - 00000000 ____D C:\Program Files (x86)\IObit
2015-09-15 21:16 - 2015-03-24 22:05 - 00001128 _____ C:\Users\Admin\Desktop\League of Legends.lnk
2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-13 00:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\System
2015-09-12 23:40 - 2015-08-05 05:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-09-12 23:40 - 2015-08-05 05:27 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-09-12 23:40 - 2015-04-21 22:07 - 00000842 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-09-12 11:28 - 2015-05-22 17:40 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2015-09-11 08:18 - 2015-07-10 14:20 - 00350584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-11 08:16 - 2015-07-10 18:05 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-11 08:16 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-11 08:14 - 2015-03-21 21:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-11 08:14 - 2015-03-21 21:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-10 17:01 - 2015-03-23 23:37 - 00000000 ____D C:\Program Files (x86)\Secunia
2015-09-09 23:48 - 2015-04-01 23:32 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2015-09-09 23:48 - 2015-04-01 23:32 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2015-09-09 20:45 - 2015-08-29 00:20 - 00001439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2015-09-09 20:45 - 2015-07-31 16:40 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-09 20:45 - 2015-06-29 19:00 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-09-09 20:45 - 2015-05-22 01:43 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-09 20:44 - 2015-08-29 20:17 - 00001665 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2015-09-09 20:44 - 2015-08-29 00:20 - 00001427 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-09-09 20:44 - 2015-08-22 19:52 - 00000727 _____ C:\Users\Admin\Desktop\ZOMBI.lnk
2015-09-09 20:44 - 2015-07-31 18:20 - 00002358 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-09 20:44 - 2015-05-26 22:20 - 00000755 _____ C:\Users\Admin\Desktop\Start Tor Browser.lnk
2015-09-09 20:44 - 2015-05-22 01:43 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-09 20:44 - 2015-04-22 22:01 - 00001714 _____ C:\Users\Public\Desktop\Recuva.lnk
2015-09-09 20:44 - 2015-04-19 00:25 - 00001377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Centrum řešení HP.lnk
2015-09-09 20:44 - 2015-04-02 21:00 - 00002046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 17.lnk
2015-09-09 20:44 - 2015-03-25 23:52 - 00000990 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2015-09-09 20:44 - 2015-03-25 17:21 - 00001082 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-09-09 20:44 - 2015-03-24 00:50 - 00001032 _____ C:\Users\Public\Desktop\PWGen.lnk
2015-09-09 20:44 - 2015-03-24 00:26 - 00000931 _____ C:\Users\Admin\Desktop\TrueCrypt.lnk
2015-09-09 20:44 - 2015-03-23 23:59 - 00001190 _____ C:\Users\Admin\Desktop\Telegram.lnk
2015-09-09 20:44 - 2015-03-23 20:45 - 00001656 _____ C:\Users\Public\Desktop\Far Cry 4.lnk
2015-09-09 20:44 - 2015-03-23 20:01 - 00000975 _____ C:\Users\Public\Desktop\Steam.lnk
2015-09-09 20:43 - 2015-08-23 17:53 - 00001125 _____ C:\Users\Admin\Desktop\MEGAsync.lnk
2015-09-09 20:43 - 2015-06-23 18:28 - 00000833 _____ C:\Users\Admin\Desktop\Serious Sam 2.lnk
2015-09-09 20:43 - 2015-04-30 01:36 - 00001113 _____ C:\Users\Admin\Desktop\Fallout 3.lnk
2015-09-09 20:43 - 2015-04-05 01:24 - 00000679 _____ C:\Users\Admin\Desktop\Movies.lnk
2015-09-09 20:43 - 2015-04-04 23:58 - 00002206 _____ C:\Users\Admin\Desktop\GTA IV.lnk
2015-09-09 20:43 - 2015-03-26 10:20 - 00001603 _____ C:\Users\Admin\Desktop\Dying Light.lnk
2015-09-09 16:05 - 2015-03-26 00:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-09 16:05 - 2015-03-26 00:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 16:04 - 2013-08-22 15:25 - 00000202 _____ C:\WINDOWS\win.ini
2015-09-09 15:46 - 2015-03-21 10:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-07 21:44 - 2015-06-15 01:55 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-09-07 19:07 - 2015-03-29 17:42 - 00000000 ____D C:\ProgramData\Oracle
2015-09-07 19:06 - 2015-04-02 01:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-07 19:04 - 2015-04-02 01:21 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-07 17:54 - 2015-03-21 21:03 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2015-09-07 17:52 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-09-06 23:31 - 2015-03-23 20:00 - 00000000 ____D C:\Program Files\WinRAR
2015-09-06 12:25 - 2015-03-24 00:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\PWGen
2015-09-05 20:04 - 2015-03-21 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-05 18:58 - 2015-03-24 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PWGen
2015-09-05 18:58 - 2015-03-24 00:50 - 00000000 ____D C:\Program Files (x86)\PWGen
2015-09-05 14:16 - 2015-06-15 02:00 - 00000000 ____D C:\ProgramData\BDLogging
2015-09-05 01:23 - 2015-08-05 14:17 - 00000000 ____D C:\avast! sandbox
2015-09-05 01:23 - 2015-03-23 19:38 - 00000000 ____D C:\ProgramData\AVAST Software
2015-09-03 19:44 - 2015-03-28 00:49 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-03 18:54 - 2015-07-15 00:01 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-03 00:29 - 2015-07-27 21:19 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-09-02 23:22 - 2015-07-31 16:29 - 00000000 ____D C:\Program Files\AMD
2015-09-02 23:14 - 2015-05-18 21:53 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-09-02 23:14 - 2015-03-30 20:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-02 23:01 - 2015-05-18 21:52 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-09-02 22:54 - 2015-07-31 16:28 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-09-02 22:33 - 2015-08-22 20:18 - 00000000 ____D C:\AMD
2015-09-02 17:10 - 2015-07-31 16:28 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-09-02 16:57 - 2015-04-01 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-02 16:20 - 2015-07-31 16:30 - 00000000 ____D C:\ProgramData\AMD
2015-09-02 16:15 - 2015-03-30 22:21 - 00000000 ____D C:\Users\Admin\AppData\Local\Rockstar Games
2015-09-02 15:31 - 2015-03-21 10:00 - 00002878 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2560372422-2021965399-549226919-1001
2015-09-01 15:55 - 2015-04-01 23:51 - 00209518 _____ C:\Users\Admin\Desktop\DTBS.kdbx
2015-08-31 11:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache

==================== Files in the root of some directories =======

2015-09-23 21:02 - 2015-09-23 21:02 - 0003584 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-24 00:36 - 2015-03-24 00:36 - 0000218 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-03-21 21:10 - 2015-09-27 01:50 - 0007602 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2015-09-07 21:44 - 2015-09-07 21:44 - 0243595 _____ () C:\ProgramData\1441654844.bdinstall.bin
2015-09-27 20:22 - 2015-09-27 20:22 - 0201499 _____ () C:\ProgramData\1443378030.bdinstall.bin
2015-07-15 22:06 - 2015-07-15 22:06 - 0000000 _____ () C:\ProgramData\cis20E3.exe
2015-05-15 00:13 - 2015-05-15 00:13 - 0000000 _____ () C:\ProgramData\cis2AD1.exe
2015-05-15 18:59 - 2015-05-15 18:59 - 0000000 _____ () C:\ProgramData\cisE1C7.exe
2015-05-15 00:21 - 2015-05-15 00:21 - 0000000 _____ () C:\ProgramData\cisE73A.exe
2015-05-15 00:11 - 2015-05-15 00:11 - 0000000 _____ () C:\ProgramData\cisF5EB.exe
2015-05-15 00:43 - 2015-05-15 00:43 - 0000000 _____ () C:\ProgramData\cisFFC2.exe
2015-07-31 16:29 - 2015-07-31 16:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-19 00:23 - 2015-07-14 02:23 - 0009270 _____ () C:\ProgramData\hpzinstall.log
2015-09-29 20:15 - 2015-09-29 20:15 - 0000000 _____ () C:\ProgramData\rebootpending.txt
2015-09-29 23:39 - 2015-09-29 23:39 - 0611910 _____ () C:\ProgramData\SMRResults501.dat

Files to move or delete:
====================
C:\ProgramData\cis20E3.exe
C:\ProgramData\cis2AD1.exe
C:\ProgramData\cisE1C7.exe
C:\ProgramData\cisE73A.exe
C:\ProgramData\cisF5EB.exe
C:\ProgramData\cisFFC2.exe
C:\ProgramData\SMRResults501.dat


Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\i4jdel0.exe
C:\Users\Admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-24 15:15

==================== End of FRST.txt ============================

[altrok]

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CreateRestorePoint:
  CloseProcesses:
  File: C:\Users\Admin\AppData\Roaming\Origin\update.vbe
  File: C:\ProgramData\cis20E3.exe
  File: C:\ProgramData\cis2AD1.exe
  File: C:\ProgramData\cisE1C7.exe
  File: C:\ProgramData\cisE73A.exe
  File: C:\ProgramData\cisF5EB.exe
  File: C:\ProgramData\cisFFC2.exe
  File: C:\ProgramData\SMRResults501.dat
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
  Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
  HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-26] (Piriform Ltd)
  HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\MountPoints2: {4d8048c2-e02f-11e4-be8b-f07959613533} - "E:\LG_PC_Programs.exe" 
  ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
  SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-21-2560372422-2021965399-549226919-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\iobitascsurfingprotection@iobit.com [2015-09-19]
  CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
  S3 MFE_RR; \??\C:\Users\Admin\AppData\Local\Temp\mfe_rr.sys [X]
  2015-09-30 14:50 - 2015-09-30 14:51 - 00022497 _____ C:\Users\Admin\Desktop\FRST.txt
  2015-09-29 23:03 - 2015-09-29 23:44 - 00485563 _____ C:\Users\Admin\Downloads\avgremover.log
  2015-09-29 23:03 - 2015-09-29 23:03 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Admin\Downloads\avg_remover_stf_x64_2015_5501.exe
  2015-09-07 21:45 - 2015-09-07 21:45 - 00000000 _____ C:\WINDOWS\system32\REN586E.tmp
  Task: {197672C3-83F4-4049-AA75-10265FD3C505} - System32\Tasks\Origin => C:\Users\Admin\AppData\Roaming\Origin\update.vbe <==== ATTENTION
  Task: {D17D32D2-A1C4-47FA-A6C9-81B180940FE0} - \SUPERAntiSpyware Scheduled Task 3b90a921-5c2b-4ab7-a04c-b5decce19235 -> No File <==== ATTENTION
  Task: {D3379111-B17E-4352-B770-B2393F4A5CA8} - \SUPERAntiSpyware Scheduled Task caf13e53-23a1-4b42-8250-06f1326c8fdb -> No File <==== ATTENTION
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Admin.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
  Hosts:
  EmptyTemp:
  End

[Mine.]

Quihoo 360 zabíral moc RAM, tak jsem ho vyměnil za Kaspersky, ten daný soubor vbs odstranil. Tak ať se nedivíte

Fix result of Farbar Recovery Scan Tool (x64) Version:27-09-2015 01
Ran by Admin (2015-10-01 16:05:50) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin & Baruška & MSSQL$ADK (Available Profiles: Admin & Baruška & MSSQL$ADK)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\Users\Admin\AppData\Roaming\Origin\update.vbe
File: C:\ProgramData\cis20E3.exe
File: C:\ProgramData\cis2AD1.exe
File: C:\ProgramData\cisE1C7.exe
File: C:\ProgramData\cisE73A.exe
File: C:\ProgramData\cisF5EB.exe
File: C:\ProgramData\cisFFC2.exe
File: C:\ProgramData\SMRResults501.dat
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-26] (Piriform Ltd)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\MountPoints2: {4d8048c2-e02f-11e4-be8b-f07959613533} - "E:\LG_PC_Programs.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2560372422-2021965399-549226919-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\iobitascsurfingprotection@iobit.com [2015-09-19]
CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
S3 MFE_RR; \??\C:\Users\Admin\AppData\Local\Temp\mfe_rr.sys [X]
2015-09-30 14:50 - 2015-09-30 14:51 - 00022497 _____ C:\Users\Admin\Desktop\FRST.txt
2015-09-29 23:03 - 2015-09-29 23:44 - 00485563 _____ C:\Users\Admin\Downloads\avgremover.log
2015-09-29 23:03 - 2015-09-29 23:03 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Admin\Downloads\avg_remover_stf_x64_2015_5501.exe
2015-09-07 21:45 - 2015-09-07 21:45 - 00000000 _____ C:\WINDOWS\system32\REN586E.tmp
Task: {197672C3-83F4-4049-AA75-10265FD3C505} - System32\Tasks\Origin => C:\Users\Admin\AppData\Roaming\Origin\update.vbe <==== ATTENTION
Task: {D17D32D2-A1C4-47FA-A6C9-81B180940FE0} - \SUPERAntiSpyware Scheduled Task 3b90a921-5c2b-4ab7-a04c-b5decce19235 -> No File <==== ATTENTION
Task: {D3379111-B17E-4352-B770-B2393F4A5CA8} - \SUPERAntiSpyware Scheduled Task caf13e53-23a1-4b42-8250-06f1326c8fdb -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Admin.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.

========================= File: C:\Users\Admin\AppData\Roaming\Origin\update.vbe ========================

"C:\Users\Admin\AppData\Roaming\Origin\update.vbe" => not found.
====== End of File: ======


========================= File: C:\ProgramData\cis20E3.exe ========================

File not signed
MD5:
Creation and modification date: 2015-07-15 22:06 - 2015-07-15 22:06
Size: 0000000
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\ProgramData\cis2AD1.exe ========================

File not signed
MD5:
Creation and modification date: 2015-05-15 00:13 - 2015-05-15 00:13
Size: 0000000
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\ProgramData\cisE1C7.exe ========================

File not signed
MD5:
Creation and modification date: 2015-05-15 18:59 - 2015-05-15 18:59
Size: 0000000
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\ProgramData\cisE73A.exe ========================

File not signed
MD5:
Creation and modification date: 2015-05-15 00:21 - 2015-05-15 00:21
Size: 0000000
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\ProgramData\cisF5EB.exe ========================

File not signed
MD5:
Creation and modification date: 2015-05-15 00:11 - 2015-05-15 00:11
Size: 0000000
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\ProgramData\cisFFC2.exe ========================

File not signed
MD5:
Creation and modification date: 2015-05-15 00:43 - 2015-05-15 00:43
Size: 0000000
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\ProgramData\SMRResults501.dat ========================

File not signed
MD5: 4DFD6F6A17FC4D259C3DDFEE373F712D
Creation and modification date: 2015-09-29 23:39 - 2015-09-29 23:39
Size: 0611910
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => key removed successfully
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
"HKU\S-1-5-21-2560372422-2021965399-549226919-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d8048c2-e02f-11e4-be8b-f07959613533}" => key removed successfully
HKCR\CLSID\{4d8048c2-e02f-11e4-be8b-f07959613533} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\iobitascsurfingprotection@iobit.com => moved successfully
Chrome DefaultSuggestURL removed successfully
MFE_RR => service removed successfully
"C:\Users\Admin\Desktop\FRST.txt" => File/Folder not found.
C:\Users\Admin\Downloads\avgremover.log => moved successfully
C:\Users\Admin\Downloads\avg_remover_stf_x64_2015_5501.exe => moved successfully
C:\WINDOWS\system32\REN586E.tmp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{197672C3-83F4-4049-AA75-10265FD3C505}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{197672C3-83F4-4049-AA75-10265FD3C505}" => key removed successfully
C:\WINDOWS\System32\Tasks\Origin => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Origin" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D17D32D2-A1C4-47FA-A6C9-81B180940FE0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D17D32D2-A1C4-47FA-A6C9-81B180940FE0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task 3b90a921-5c2b-4ab7-a04c-b5decce19235" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3379111-B17E-4352-B770-B2393F4A5CA8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3379111-B17E-4352-B770-B2393F4A5CA8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPERAntiSpyware Scheduled Task caf13e53-23a1-4b42-8250-06f1326c8fdb" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\Uninstaller_SkipUac_Admin.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 36.8 GB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 16:08:23 ====

[altrok]

Takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

[Mine.]

Takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

Pokud by to nevadilo, poprosil bych Vás ještě o jednu kontrolu pro jistotu.
Scan Kaspersky nic nenašel, ale jistota je jistota - používám internetbanking.

[Mine.]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
Ran by Admin (administrator) on ZALMANR1 (01-10-2015 18:23:28)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin & Baruška & MSSQL$ADK)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\obksvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Telegram Messenger LLP) C:\Users\Admin\AppData\Roaming\Telegram Desktop\Telegram.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.13251.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8483032 2015-05-28] (Realtek Semiconductor)
HKLM\...\Run: [obkagent] => C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe [1234816 2014-11-11] (Bitdefender)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [BingSvc] => C:\Users\Admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{93cd84c0-9c28-42cf-8441-bbe6616bf76d}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO: Bitdefender Safepay™ for Internet Explorer 64-bit -> {ED858D4C-395F-4623-987B-B420994790C9} -> C:\Program Files\Bitdefender\Bitdefender Safepay\x64\spbxie64.dll [2014-11-11] (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-07] (Oracle Corporation)
BHO-x32: No Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> No File
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-07] (Oracle Corporation)
BHO-x32: Bitdefender Safepay™ for Internet Explorer -> {ED858D4C-395F-4623-987B-B420994790C9} -> C:\Program Files\Bitdefender\Bitdefender Safepay\spbxie.dll [2014-11-11] (Bitdefender)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: about:home
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\peklada-google.xml [2015-09-09]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml [2015-05-29]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\searchplugins\wikiskripta-cs.xml [2015-05-07]
FF Extension: Avira Browser Safety - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\abs@avira.com [2015-09-20]
FF Extension: Bing Search - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\bingsearch.full@microsoft.com [2015-09-09]
FF Extension: Avira SafeSearch Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\safesearchplus@avira.com [2015-09-20]
FF Extension: WOT - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-10]
FF Extension: MEGA - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\firefox@mega.co.nz.xpi [2015-04-30]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-30]
FF Extension: Disable Anti-Adblock - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cnxnxv4l.default\Extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi [2015-04-30]
FF HKLM-x32\...\Firefox\Extensions: [{a171a864-424e-4d77-be5a-1ee220deccd3}] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff
FF Extension: Bitdefender Safepay - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff [2015-09-27]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox [2015-09-30]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bing) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2015-10-01]
CHR Extension: (Ochrana Kaspersky) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-09-30]
CHR Extension: (Avira Browser Safety) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-01]
CHR Extension: (Bitdefender Safepay) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhgfkbnifcfibjflcgibdmabmcgmjdco [2015-10-01]
CHR Extension: (Avira SafeSearch) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2015-10-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-22]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/deta ... ihfajigkka
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2015-09-27]
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2560372422-2021965399-549226919-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/deta ... ihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2015-09-27]
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 appdrvrem01; C:\WINDOWS\System32\appdrvrem01.exe [551896 2015-04-11] (Protection Technology)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [194000 2015-08-21] (Kaspersky Lab ZAO)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-25] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 MSSQL$ADK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\sqlservr.exe [163008 2015-07-16] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 OBKSvc; C:\Program Files\Bitdefender\Bitdefender Safepay\OBKSvc.exe [1242568 2014-11-11] (Bitdefender)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 SQLAgent$ADK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\SQLAGENT.EXE [448704 2015-07-16] (Microsoft Corporation)
R2 UPDATESRV_SAFEPAY; C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe [66784 2014-10-28] (Bitdefender)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-04-20] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-04-20] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-04-20] (LG Electronics Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [2715824 2015-04-12] (Protection Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2015-07-27] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
S3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Windows (R) Win 7 DDK provider)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-04-02] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-04-02] (Windows (R) Win 7 DDK provider)
R1 epp64; C:\EEK\bin\epp64.sys [138504 2015-09-29] (Emsisoft GmbH)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [146720 2012-09-05] (BitDefender LLC)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-23] (REALiX(tm))
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [937656 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-30] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [78008 2015-06-26] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2015-06-13] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2015-06-13] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-01 18:23 - 2015-10-01 18:24 - 00019579 _____ C:\Users\Admin\Desktop\FRST.txt
2015-10-01 18:22 - 2015-10-01 18:22 - 11350472 _____ (SurfRight B.V.) C:\Users\Admin\Downloads\HitmanPro_x64(1).exe
2015-10-01 18:14 - 2015-10-01 18:15 - 00000296 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Admin.job
2015-10-01 18:13 - 2015-10-01 18:13 - 08883992 _____ (PortableApps.com) C:\Users\Admin\Downloads\ClamWinPortable_0.98.7_English.paf.exe
2015-10-01 18:12 - 2015-10-01 18:12 - 02991832 _____ (ESET) C:\Users\Admin\Downloads\ERARemover_x64.exe
2015-10-01 18:12 - 2015-10-01 18:12 - 02314104 _____ C:\Users\Admin\Downloads\avira_pc_cleaner_de.exe
2015-10-01 17:57 - 2015-10-01 17:57 - 00016148 _____ C:\WINDOWS\system32\ZALMANR1_Admin_HistoryPrediction.bin
2015-10-01 16:12 - 2015-10-01 16:12 - 00004696 _____ C:\WINDOWS\PFRO.log
2015-10-01 16:06 - 2015-10-01 16:06 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-01 16:06 - 2015-10-01 16:06 - 00000000 _____ C:\WINDOWS\setupact.log
2015-10-01 15:11 - 2015-10-01 16:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-01 14:45 - 2015-10-01 18:13 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-01 14:45 - 2015-10-01 14:45 - 00000000 ____D C:\ProgramData\Shared Space
2015-09-30 23:25 - 2015-10-01 18:11 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-09-30 23:25 - 2015-09-30 23:25 - 00002182 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2015-09-30 23:25 - 2015-09-30 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2015-09-30 23:25 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2015-09-30 23:24 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2015-09-30 23:24 - 2015-06-30 01:05 - 00937656 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2015-09-30 23:24 - 2015-06-30 01:05 - 00171192 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2015-09-30 23:18 - 2015-09-30 23:18 - 00000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2015-09-30 23:09 - 2015-09-30 23:09 - 00177845 _____ C:\ProgramData\1443647147.bdinstall.bin
2015-09-30 22:50 - 2015-09-30 22:50 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-30 22:50 - 2015-09-30 22:50 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-30 22:50 - 2015-09-30 22:50 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-09-30 22:50 - 2015-09-30 22:50 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-30 22:50 - 2015-09-30 22:50 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-30 22:50 - 2015-09-30 22:50 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-30 22:50 - 2015-09-30 22:50 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-09-30 22:50 - 2015-09-30 22:50 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-30 22:50 - 2015-09-30 22:50 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-09-30 22:50 - 2015-09-30 22:50 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-30 22:50 - 2015-09-30 22:50 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-30 22:50 - 2015-09-30 22:50 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-09-30 22:50 - 2015-09-30 22:50 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-09-30 22:50 - 2015-09-30 22:50 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-09-30 22:50 - 2015-09-30 22:50 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-09-30 22:50 - 2015-09-30 22:50 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-09-30 22:50 - 2015-09-30 22:50 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-09-30 22:50 - 2015-09-30 22:50 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-09-30 22:50 - 2015-09-30 22:50 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-30 22:50 - 2015-09-30 22:50 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-09-30 22:50 - 2015-09-30 22:50 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-09-30 22:50 - 2015-09-30 22:50 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-09-30 22:50 - 2015-09-30 22:50 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-09-30 22:50 - 2015-09-30 22:50 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-09-30 21:50 - 2015-09-30 23:13 - 01917824 _____ (Kaspersky Lab) C:\Users\Admin\Downloads\kav16.0.0.614acs_8659.exe
2015-09-29 20:38 - 2015-09-30 17:29 - 00000000 __SHD C:\$360Section
2015-09-29 20:27 - 2015-09-29 20:54 - 00000000 ____D C:\Users\Admin\Desktop\Scan
2015-09-29 20:15 - 2015-09-29 20:15 - 00000000 _____ C:\ProgramData\rebootpending.txt
2015-09-29 20:12 - 2015-09-29 20:12 - 29489272 _____ C:\Users\Admin\Downloads\360TSE_Setup_7.2.0.1021.exe
2015-09-29 19:45 - 2015-09-29 19:45 - 00000000 ____D C:\Program Files\Reason
2015-09-29 19:14 - 2015-09-29 19:14 - 02827152 _____ (Reason Company Software Inc.) C:\Users\Admin\Downloads\herdProtectScan_Portable.exe
2015-09-29 18:09 - 2015-09-29 18:09 - 00849656 _____ (O&O Software GmbH) C:\Users\Admin\Desktop\OOSU10.exe
2015-09-29 17:59 - 2015-09-29 18:11 - 1423461838 _____ C:\Users\Admin\Downloads\hidd.avi
2015-09-29 17:52 - 2015-09-29 17:52 - 00130544 _____ C:\Users\Admin\Downloads\OOSU10.zip
2015-09-29 16:58 - 2015-09-29 17:53 - 00000000 ____D C:\EEK
2015-09-29 16:18 - 2015-09-30 22:21 - 00034328 _____ (Sysinternals - http://www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2015-09-29 16:17 - 2015-09-29 16:17 - 02508432 _____ (Sysinternals - http://www.sysinternals.com) C:\Users\Admin\Desktop\procexp.exe
2015-09-28 22:15 - 2015-09-29 19:11 - 00000000 ____D C:\ProgramData\ProductData
2015-09-28 22:15 - 2015-09-28 22:15 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ProductData
2015-09-28 21:59 - 2015-09-28 22:09 - 00000000 ____D C:\AdwCleaner
2015-09-28 16:18 - 2015-09-28 16:18 - 00001155 _____ C:\Users\Public\Desktop\Prime Benchmark.lnk
2015-09-28 16:18 - 2015-09-28 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prime Benchmark
2015-09-28 16:18 - 2015-09-28 16:18 - 00000000 ____D C:\Program Files (x86)\Prime Benchmark
2015-09-27 21:07 - 2015-10-01 18:23 - 00000000 ____D C:\FRST
2015-09-27 21:07 - 2015-09-27 21:07 - 02192384 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2015-09-27 20:22 - 2015-09-27 20:22 - 00201499 _____ C:\ProgramData\1443378030.bdinstall.bin
2015-09-27 20:21 - 2015-09-30 23:09 - 00002180 _____ C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2015-09-27 20:21 - 2015-09-27 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Safepay
2015-09-27 20:21 - 2015-09-27 20:21 - 00000000 ____D C:\ProgramData\Bitdefender
2015-09-27 20:21 - 2012-09-05 16:30 - 00146720 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2015-09-27 20:20 - 2015-09-27 20:21 - 00000000 ____D C:\ProgramData\Bitdefender Safepay
2015-09-27 20:20 - 2015-09-27 20:20 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Bitdefender Safepay
2015-09-27 17:31 - 2015-09-27 18:01 - 00000000 ____D C:\Users\Admin\Desktop\Fotky (prodej)
2015-09-27 15:25 - 2015-09-30 22:31 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-09-27 15:21 - 2015-09-27 15:21 - 06130064 _____ (WiseCleaner.com ) C:\Users\Admin\Downloads\WiseCare365.exe
2015-09-27 14:16 - 2015-09-30 23:52 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Azureus
2015-09-27 14:16 - 2015-09-27 14:43 - 00000000 ____D C:\Program Files (x86)\Vuze
2015-09-27 14:16 - 2015-09-27 14:16 - 00000000 ____D C:\Users\Admin\.swt
2015-09-27 02:06 - 2015-09-27 02:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Crystal Security
2015-09-27 01:45 - 2015-09-29 20:10 - 00000000 ____D C:\Users\Admin\AppData\Local\NPE
2015-09-27 01:45 - 2015-09-27 01:45 - 00000000 ____D C:\ProgramData\Norton
2015-09-23 22:48 - 2015-09-23 22:48 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2015-09-23 22:48 - 2015-09-23 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2015-09-23 22:25 - 2015-10-01 14:44 - 00000000 ____D C:\ProgramData\Comodo
2015-09-23 21:04 - 2015-09-23 21:18 - 00000000 ____D C:\Users\Admin\Documents\Fax
2015-09-23 21:02 - 2015-09-23 21:02 - 00003584 _____ C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-20 19:35 - 2015-08-06 20:58 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-09-20 19:31 - 2015-09-29 20:16 - 00000000 ____D C:\ProgramData\Avira
2015-09-20 15:46 - 2015-09-20 15:46 - 00000000 ____D C:\Program Files (x86)\Mad Max
2015-09-20 12:34 - 2015-09-20 12:38 - 429256938 _____ C:\Users\Admin\Downloads\001.bmp
2015-09-20 00:20 - 2015-09-20 00:30 - 1460520960 ____R C:\Users\Admin\Downloads\Insidious 3 Počátek.avi
2015-09-19 23:50 - 2015-09-20 00:02 - 1319640782 _____ C:\Users\Admin\Downloads\SINISTER-2-2015-Horor-by-Becker.avi
2015-09-19 23:21 - 2015-09-30 23:25 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-09-19 10:56 - 2015-09-19 10:56 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-19 10:54 - 2015-09-19 10:54 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-09-19 10:54 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\SysWOW64\IObitSmartDefragExtension.dll20150919154659.dll
2015-09-19 10:47 - 2015-09-20 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-09-19 10:47 - 2015-09-20 14:29 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-09-19 10:47 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-09-18 23:21 - 2015-09-19 16:10 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-09-18 23:21 - 2015-09-18 23:21 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Lavasoft
2015-09-16 16:00 - 2015-09-16 16:00 - 00000000 ____D C:\Users\Admin\Documents\Zvukové záznamy
2015-09-12 23:10 - 2015-09-26 21:36 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-10 21:31 - 2015-09-10 21:31 - 00000000 ____D C:\Users\Admin\AppData\Roaming\dvdcss
2015-09-09 23:48 - 2015-09-09 23:48 - 00001174 _____ C:\Users\Admin\Desktop\KeePass 2.lnk
2015-09-09 23:21 - 2015-09-10 15:00 - 00002087 _____ C:\Users\Admin\Desktop\FileHippo App Manager.lnk
2015-09-09 23:21 - 2015-09-09 23:21 - 00002117 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2015-09-09 23:21 - 2015-09-09 23:21 - 00000000 ____D C:\Program Files (x86)\FileHippo.com
2015-09-09 23:13 - 2015-09-09 23:13 - 00021712 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2015-09-09 22:52 - 2015-09-27 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-08 22:28 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 22:28 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 22:27 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 22:27 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-08 22:27 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 22:27 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-08 22:27 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 22:27 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 22:27 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 22:27 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 22:27 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 22:27 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 22:27 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 22:27 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-08 22:27 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 22:27 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 22:27 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 22:27 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 22:27 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:27 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 22:27 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 22:27 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 22:27 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 22:27 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-07 21:44 - 2015-09-07 21:44 - 00243595 _____ C:\ProgramData\1441654844.bdinstall.bin
2015-09-07 19:05 - 2015-09-07 19:04 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-07 18:35 - 2015-09-09 20:44 - 00001802 _____ C:\Users\Admin\Desktop\Word 2013.lnk
2015-09-07 17:48 - 2015-09-28 23:07 - 00000000 ____D C:\Users\Admin\Desktop\Čtenářský deník
2015-09-05 20:15 - 2015-09-05 20:15 - 00000220 _____ C:\Users\Admin\Desktop\Garry's Mod.url
2015-09-05 18:19 - 2015-09-15 17:25 - 00004036 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-05 18:19 - 2015-09-15 17:25 - 00003804 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-05 14:11 - 2015-09-05 14:11 - 00000000 ____D C:\Users\Admin\AppData\Temp
2015-09-05 02:16 - 2015-09-05 02:16 - 00000385 _____ C:\Users\Admin\AppData\Roaminguser_gensett.xml
2015-09-05 02:15 - 2015-09-05 02:15 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2015-09-05 02:13 - 2015-09-20 14:33 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-05 01:46 - 2015-09-05 01:46 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-09-05 01:46 - 2015-05-29 09:50 - 01730304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2015-09-05 01:46 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2015-09-03 20:42 - 2015-09-27 22:01 - 00000000 ____D C:\Users\Admin\Desktop\Tor Browser
2015-09-03 18:29 - 2015-09-03 18:29 - 00065736 _____ (Prevx) C:\WINDOWS\system32\Drivers\pxrts.sys
2015-09-03 18:29 - 2015-09-03 18:29 - 00036384 _____ (Prevx) C:\WINDOWS\system32\Drivers\pxscan.sys
2015-09-03 18:29 - 2015-09-03 18:29 - 00024024 _____ (Prevx) C:\WINDOWS\system32\Drivers\pxkbf.sys
2015-09-03 18:23 - 2015-09-04 21:32 - 00000000 ____D C:\Program Files (x86)\NoVirusThanks
2015-09-03 18:18 - 2015-10-01 18:14 - 00002482 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Admin
2015-09-03 12:52 - 2015-09-03 12:52 - 00579408 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2015-09-03 12:52 - 2015-09-03 12:52 - 00445472 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2015-09-02 23:14 - 2015-06-23 04:37 - 00091272 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-09-02 22:54 - 2015-09-02 22:54 - 00000000 ____D C:\Program Files\Realtek
2015-09-02 22:53 - 2015-06-02 12:48 - 04477656 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-09-02 22:53 - 2015-06-02 12:15 - 02088737 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-09-02 22:53 - 2015-06-02 11:15 - 01747160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-09-02 22:53 - 2015-06-02 08:57 - 02847960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-09-02 22:53 - 2015-06-02 08:57 - 02531544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2015-09-02 22:53 - 2015-05-27 12:51 - 02461016 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2015-09-02 22:53 - 2015-05-27 12:51 - 00944984 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2015-09-02 22:53 - 2015-05-26 05:59 - 00166616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-09-02 22:53 - 2015-05-25 09:18 - 03195416 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-09-02 22:53 - 2015-05-20 10:14 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-09-02 22:53 - 2015-05-18 08:47 - 02702040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-09-02 22:53 - 2015-05-15 13:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-09-02 22:53 - 2015-05-15 10:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-09-02 22:53 - 2015-04-28 04:52 - 05706688 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2015-09-02 22:53 - 2015-04-27 10:09 - 00328816 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2015-09-02 22:53 - 2015-04-23 23:42 - 00858256 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2015-09-02 22:53 - 2015-04-23 23:42 - 00684176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2015-09-02 22:53 - 2015-04-23 23:42 - 00435856 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2015-09-02 22:53 - 2015-04-23 23:41 - 00555664 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2015-09-02 22:53 - 2015-04-13 10:25 - 03262184 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2015-09-02 22:53 - 2015-04-09 09:23 - 01559744 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2015-09-02 22:53 - 2015-04-03 07:24 - 01365768 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2015-09-02 22:53 - 2015-02-05 11:48 - 12834736 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2015-09-02 22:53 - 2015-02-05 11:48 - 02789808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2015-09-02 22:53 - 2015-02-03 18:38 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2015-09-02 22:53 - 2015-01-23 12:16 - 00213432 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2015-09-02 22:53 - 2015-01-19 12:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-09-02 22:53 - 2015-01-19 03:08 - 12975360 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2015-09-02 22:53 - 2014-12-11 02:10 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2015-09-02 22:53 - 2014-12-11 02:10 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2015-09-02 22:53 - 2014-12-11 02:10 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2015-09-02 22:53 - 2014-12-11 02:10 - 00250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2015-09-02 22:53 - 2014-11-11 07:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-09-02 22:53 - 2014-11-04 07:42 - 06242576 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2015-09-02 22:53 - 2014-11-04 07:42 - 01933584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2015-09-02 22:53 - 2014-11-04 07:42 - 00336144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2015-09-02 22:53 - 2014-11-04 07:42 - 00284944 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2015-09-02 22:53 - 2014-10-24 04:12 - 05234952 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2015-09-02 22:53 - 2014-10-24 04:12 - 00995120 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2015-09-02 22:53 - 2014-09-24 05:31 - 07087448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-09-02 22:53 - 2014-09-24 05:31 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-09-02 22:53 - 2014-09-24 05:31 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-09-02 22:53 - 2014-09-24 05:31 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-09-02 22:53 - 2014-08-14 13:16 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2015-09-02 22:53 - 2014-07-03 08:44 - 01499984 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2015-09-02 22:53 - 2014-07-03 08:44 - 00979280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2015-09-02 22:53 - 2014-06-17 13:17 - 00856992 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2015-09-02 22:53 - 2014-06-09 04:59 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-09-02 22:53 - 2014-05-22 10:24 - 00096568 _____ C:\WINDOWS\system32\audioLibVc.dll
2015-09-02 22:53 - 2014-04-17 11:42 - 01136728 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2015-09-02 22:53 - 2014-04-14 11:52 - 00003008 _____ C:\WINDOWS\system32\Drivers\DTSU2P.DAT
2015-09-02 22:53 - 2014-04-10 06:19 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-09-02 22:53 - 2014-04-10 06:19 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-09-02 22:53 - 2014-02-27 14:02 - 02162992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2015-09-02 22:53 - 2014-01-31 11:27 - 01313904 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2015-09-02 22:53 - 2013-10-11 06:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-09-02 22:53 - 2013-10-11 05:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-09-02 22:53 - 2013-10-06 18:26 - 00501184 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2015-09-02 22:53 - 2013-10-06 18:26 - 00487360 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2015-09-02 22:53 - 2013-10-06 18:26 - 00415680 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2015-09-02 22:53 - 2013-08-14 09:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-09-02 22:53 - 2013-08-14 09:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-09-02 22:53 - 2013-07-23 09:39 - 14048512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-09-02 22:53 - 2013-07-23 09:39 - 00922880 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-09-02 22:53 - 2013-06-25 06:47 - 00871856 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2015-09-02 22:53 - 2013-06-25 06:47 - 00162224 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2015-09-02 22:53 - 2013-06-25 06:46 - 00582056 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2015-09-02 22:53 - 2013-06-21 05:01 - 00109848 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2015-09-02 22:53 - 2013-04-03 08:13 - 00906800 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2015-09-02 22:53 - 2012-08-31 13:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-09-02 22:53 - 2012-08-31 13:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-09-02 22:53 - 2012-08-31 13:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-09-02 22:53 - 2012-08-31 13:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-09-02 22:53 - 2012-08-31 13:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-09-02 22:53 - 2012-03-08 05:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-09-02 22:53 - 2012-01-10 04:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2015-09-02 22:53 - 2011-12-20 09:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-09-02 22:53 - 2011-11-22 10:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-09-02 22:53 - 2011-09-02 08:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2015-09-02 22:53 - 2011-09-02 08:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2015-09-02 22:53 - 2011-09-02 08:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2015-09-02 22:53 - 2011-08-23 11:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-09-02 22:53 - 2011-05-31 03:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-09-02 22:53 - 2011-03-17 06:17 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2015-09-02 22:53 - 2011-03-07 11:11 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-09-02 22:53 - 2010-11-08 01:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-09-02 22:53 - 2010-09-27 03:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-09-02 22:53 - 2010-07-22 10:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2015-09-02 22:53 - 2009-11-24 03:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-09-02 22:53 - 2009-11-24 03:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-09-02 22:53 - 2009-11-24 03:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-09-02 22:53 - 2009-11-24 03:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-09-02 20:38 - 2015-09-02 20:44 - 1044737454 _____ C:\Users\Admin\Downloads\Silent Hill 2.avi.part
2015-09-02 16:19 - 2015-09-02 16:19 - 00060821 _____ C:\WINDOWS\SysWOW64\CCCInstall_201509021619462401.log
2015-09-02 15:04 - 2015-09-19 10:38 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Apple Computer
2015-09-02 15:04 - 2015-09-02 15:04 - 00000000 ____D C:\Users\Admin\AppData\Local\Apple Computer
2015-09-01 19:37 - 2015-09-01 19:37 - 00000222 _____ C:\Users\Admin\Desktop\Terraria.url
2015-09-01 16:00 - 2015-09-01 16:01 - 00000000 ____D C:\Users\Admin\Desktop\Fotky (dovolená)

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-01 18:15 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-01 16:34 - 2015-04-03 20:23 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2015-10-01 16:18 - 2015-07-31 16:49 - 02342454 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-01 16:18 - 2015-07-10 18:02 - 01072426 _____ C:\WINDOWS\system32\perfh005.dat
2015-10-01 16:18 - 2015-07-10 18:02 - 00270474 _____ C:\WINDOWS\system32\perfc005.dat
2015-10-01 16:13 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-01 16:13 - 2015-07-10 14:20 - 00346768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-01 16:12 - 2015-07-15 02:53 - 00000000 ____D C:\Program Files\COMODO
2015-10-01 16:12 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-01 16:12 - 2015-05-22 01:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-01 16:12 - 2015-03-23 23:57 - 00000000 ____D C:\Program Files (x86)\360
2015-10-01 16:10 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-01 16:10 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-01 16:10 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-01 16:10 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-01 16:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-01 16:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-01 16:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-01 16:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-01 16:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-01 14:59 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-01 14:45 - 2015-06-10 22:16 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Comodo
2015-09-30 23:56 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys
2015-09-30 23:52 - 2015-04-21 22:08 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2015-09-30 23:52 - 2015-03-23 20:01 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-30 23:25 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2015-09-30 23:25 - 2015-07-10 11:05 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-30 23:15 - 2015-03-26 00:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-30 23:14 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-30 23:13 - 2015-07-10 18:05 - 00000000 ____D C:\WINDOWS\ShellNew
2015-09-30 23:11 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-30 23:11 - 2013-08-22 15:25 - 00000111 _____ C:\WINDOWS\win.ini
2015-09-30 23:04 - 2015-08-05 21:10 - 00000049 _____ C:\WINDOWS\SysWOW64\ScrRecX.log
2015-09-30 23:03 - 2015-03-30 22:21 - 00000000 ____D C:\Users\Admin\AppData\Local\Rockstar Games
2015-09-30 23:03 - 2015-03-30 20:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-30 23:03 - 2015-03-23 20:12 - 00000000 ____D C:\Hry
2015-09-30 23:00 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-30 22:43 - 2015-07-31 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2015-09-30 22:23 - 2015-07-31 16:33 - 00000000 ____D C:\Users\Admin
2015-09-30 17:29 - 2015-03-24 00:36 - 00000000 ____D C:\ProgramData\360Quarant
2015-09-30 17:26 - 2015-07-31 18:29 - 00000452 __RSH C:\ProgramData\ntuser.pol
2015-09-29 23:39 - 2015-03-24 16:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent
2015-09-29 21:57 - 2015-03-25 17:21 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2015-09-29 20:16 - 2015-07-31 16:29 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-29 20:16 - 2015-07-16 01:22 - 00000000 ____D C:\Program Files (x86)\Avira
2015-09-29 16:58 - 2015-07-15 00:01 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-28 16:12 - 2015-04-01 23:23 - 00000000 ____D C:\Users\Admin\AppData\Roaming\KeePass
2015-09-27 23:57 - 2015-03-23 23:15 - 00000000 ____D C:\Program Files\CCleaner
2015-09-27 20:21 - 2015-06-15 02:00 - 00000000 ____D C:\Program Files\Bitdefender
2015-09-27 01:50 - 2015-03-21 21:10 - 00007602 _____ C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2015-09-26 21:52 - 2015-04-02 01:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2015-09-26 21:36 - 2015-08-28 13:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-26 21:36 - 2015-04-02 01:41 - 00000000 ____D C:\ProgramData\Skype
2015-09-26 14:22 - 2015-04-01 23:27 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-25 17:33 - 2015-08-02 18:52 - 00000693 _____ C:\Users\Admin\Desktop\Touhou.lnk
2015-09-23 21:17 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-09-22 11:37 - 2015-03-21 09:51 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2015-09-21 22:33 - 2015-08-02 02:45 - 11790493 _____ C:\Users\Admin\Desktop\Nový textový dokument.txt
2015-09-20 17:12 - 2015-06-14 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kholat
2015-09-20 17:12 - 2015-06-09 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repacky od tomi2k9
2015-09-20 14:34 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Defender
2015-09-20 14:33 - 2015-07-31 19:33 - 00000000 ____D C:\Users\Baruška
2015-09-20 14:33 - 2015-07-31 16:44 - 00000000 ____D C:\Users\MSSQL$ADK
2015-09-20 14:33 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2015-09-20 14:33 - 2015-05-22 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-20 14:29 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\registration
2015-09-20 14:28 - 2015-05-22 17:40 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-19 23:21 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated
2015-09-19 16:08 - 2015-03-23 20:13 - 00000000 ____D C:\Users\Admin\AppData\Roaming\IObit
2015-09-19 16:08 - 2015-03-23 20:13 - 00000000 ____D C:\ProgramData\IObit
2015-09-19 16:08 - 2015-03-23 20:13 - 00000000 ____D C:\Program Files (x86)\IObit
2015-09-15 21:16 - 2015-03-24 22:05 - 00001128 _____ C:\Users\Admin\Desktop\League of Legends.lnk
2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-13 00:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\System
2015-09-12 23:40 - 2015-08-05 05:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-09-12 23:40 - 2015-08-05 05:27 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-09-12 23:40 - 2015-04-21 22:07 - 00000842 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-09-12 11:28 - 2015-05-22 17:40 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2015-09-11 08:16 - 2015-07-10 18:05 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-11 08:14 - 2015-03-21 21:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-11 08:14 - 2015-03-21 21:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-10 17:01 - 2015-03-23 23:37 - 00000000 ____D C:\Program Files (x86)\Secunia
2015-09-09 23:48 - 2015-04-01 23:32 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2015-09-09 23:48 - 2015-04-01 23:32 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2015-09-09 20:45 - 2015-08-29 00:20 - 00001439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2015-09-09 20:45 - 2015-07-31 16:40 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-09 20:45 - 2015-06-29 19:00 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-09-09 20:45 - 2015-05-22 01:43 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-09 20:44 - 2015-08-29 00:20 - 00001427 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-09-09 20:44 - 2015-08-22 19:52 - 00000727 _____ C:\Users\Admin\Desktop\ZOMBI.lnk
2015-09-09 20:44 - 2015-07-31 18:20 - 00002358 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-09 20:44 - 2015-05-26 22:20 - 00000755 _____ C:\Users\Admin\Desktop\Start Tor Browser.lnk
2015-09-09 20:44 - 2015-05-22 01:43 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-09 20:44 - 2015-04-22 22:01 - 00001714 _____ C:\Users\Public\Desktop\Recuva.lnk
2015-09-09 20:44 - 2015-04-19 00:25 - 00001377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Centrum řešení HP.lnk
2015-09-09 20:44 - 2015-04-02 21:00 - 00002046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 17.lnk
2015-09-09 20:44 - 2015-03-25 23:52 - 00000990 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2015-09-09 20:44 - 2015-03-25 17:21 - 00001082 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-09-09 20:44 - 2015-03-24 00:50 - 00001032 _____ C:\Users\Public\Desktop\PWGen.lnk
2015-09-09 20:44 - 2015-03-24 00:26 - 00000931 _____ C:\Users\Admin\Desktop\TrueCrypt.lnk
2015-09-09 20:44 - 2015-03-23 23:59 - 00001190 _____ C:\Users\Admin\Desktop\Telegram.lnk
2015-09-09 20:44 - 2015-03-23 20:45 - 00001656 _____ C:\Users\Public\Desktop\Far Cry 4.lnk
2015-09-09 20:44 - 2015-03-23 20:01 - 00000975 _____ C:\Users\Public\Desktop\Steam.lnk
2015-09-09 20:43 - 2015-08-23 17:53 - 00001125 _____ C:\Users\Admin\Desktop\MEGAsync.lnk
2015-09-09 20:43 - 2015-06-23 18:28 - 00000833 _____ C:\Users\Admin\Desktop\Serious Sam 2.lnk
2015-09-09 20:43 - 2015-04-30 01:36 - 00001113 _____ C:\Users\Admin\Desktop\Fallout 3.lnk
2015-09-09 20:43 - 2015-04-05 01:24 - 00000679 _____ C:\Users\Admin\Desktop\Movies.lnk
2015-09-09 15:46 - 2015-03-21 10:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-07 21:44 - 2015-06-15 01:55 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-09-07 19:07 - 2015-03-29 17:42 - 00000000 ____D C:\ProgramData\Oracle
2015-09-07 19:06 - 2015-04-02 01:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-07 19:04 - 2015-04-02 01:21 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-07 17:54 - 2015-03-21 21:03 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2015-09-07 17:52 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-09-06 23:31 - 2015-03-23 20:00 - 00000000 ____D C:\Program Files\WinRAR
2015-09-06 12:25 - 2015-03-24 00:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\PWGen
2015-09-05 20:04 - 2015-03-21 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-05 18:58 - 2015-03-24 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PWGen
2015-09-05 18:58 - 2015-03-24 00:50 - 00000000 ____D C:\Program Files (x86)\PWGen
2015-09-05 14:16 - 2015-06-15 02:00 - 00000000 ____D C:\ProgramData\BDLogging
2015-09-05 01:23 - 2015-08-05 14:17 - 00000000 ____D C:\avast! sandbox
2015-09-05 01:23 - 2015-03-23 19:38 - 00000000 ____D C:\ProgramData\AVAST Software
2015-09-03 19:44 - 2015-03-28 00:49 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-03 18:54 - 2015-07-15 00:01 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-03 00:29 - 2015-07-27 21:19 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-09-02 23:22 - 2015-07-31 16:29 - 00000000 ____D C:\Program Files\AMD
2015-09-02 23:14 - 2015-05-18 21:53 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-09-02 23:01 - 2015-05-18 21:52 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-09-02 22:54 - 2015-07-31 16:28 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-09-02 22:33 - 2015-08-22 20:18 - 00000000 ____D C:\AMD
2015-09-02 17:10 - 2015-07-31 16:28 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-09-02 16:57 - 2015-04-01 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-02 16:20 - 2015-07-31 16:30 - 00000000 ____D C:\ProgramData\AMD
2015-09-02 15:31 - 2015-03-21 10:00 - 00002878 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2560372422-2021965399-549226919-1001
2015-09-01 20:50 - 2015-08-31 14:06 - 00000000 ____D C:\Users\Admin\AppData\Local\ftblauncher
2015-09-01 15:55 - 2015-04-01 23:51 - 00209518 _____ C:\Users\Admin\Desktop\DTBS.kdbx

==================== Files in the root of some directories =======

2015-09-23 21:02 - 2015-09-23 21:02 - 0003584 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-24 00:36 - 2015-03-24 00:36 - 0000218 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-03-21 21:10 - 2015-09-27 01:50 - 0007602 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2015-09-07 21:44 - 2015-09-07 21:44 - 0243595 _____ () C:\ProgramData\1441654844.bdinstall.bin
2015-09-27 20:22 - 2015-09-27 20:22 - 0201499 _____ () C:\ProgramData\1443378030.bdinstall.bin
2015-09-30 23:09 - 2015-09-30 23:09 - 0177845 _____ () C:\ProgramData\1443647147.bdinstall.bin
2015-07-15 22:06 - 2015-07-15 22:06 - 0000000 _____ () C:\ProgramData\cis20E3.exe
2015-05-15 00:13 - 2015-05-15 00:13 - 0000000 _____ () C:\ProgramData\cis2AD1.exe
2015-05-15 18:59 - 2015-05-15 18:59 - 0000000 _____ () C:\ProgramData\cisE1C7.exe
2015-05-15 00:21 - 2015-05-15 00:21 - 0000000 _____ () C:\ProgramData\cisE73A.exe
2015-05-15 00:11 - 2015-05-15 00:11 - 0000000 _____ () C:\ProgramData\cisF5EB.exe
2015-05-15 00:43 - 2015-05-15 00:43 - 0000000 _____ () C:\ProgramData\cisFFC2.exe
2015-07-31 16:29 - 2015-07-31 16:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-19 00:23 - 2015-07-14 02:23 - 0009270 _____ () C:\ProgramData\hpzinstall.log
2015-09-29 20:15 - 2015-09-29 20:15 - 0000000 _____ () C:\ProgramData\rebootpending.txt
2015-09-29 23:39 - 2015-09-29 23:39 - 0611910 _____ () C:\ProgramData\SMRResults501.dat

Files to move or delete:
====================
C:\ProgramData\cis20E3.exe
C:\ProgramData\cis2AD1.exe
C:\ProgramData\cisE1C7.exe
C:\ProgramData\cisE73A.exe
C:\ProgramData\cisF5EB.exe
C:\ProgramData\cisFFC2.exe
C:\ProgramData\SMRResults501.dat


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-24 15:15

==================== End of FRST.txt ============================

[Mine.]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-09-2015 01
Ran by Admin (2015-10-01 18:26:36)
Running from C:\Users\Admin\Desktop
Windows 10 Pro (X64) (2015-07-31 16:16:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2560372422-2021965399-549226919-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2560372422-2021965399-549226919-500 - Administrator - Disabled)
Baruška (S-1-5-21-2560372422-2021965399-549226919-1007 - Limited - Enabled) => C:\Users\Baruška
DefaultAccount (S-1-5-21-2560372422-2021965399-549226919-503 - Limited - Disabled)
Guest (S-1-5-21-2560372422-2021965399-549226919-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Bitdefender Safepay™ (HKLM\...\Bitdefender Safepay) (Version: 2.0.0.744 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Crysis 3 v1.0.0.1 (HKLM-x32\...\Crysis 3_is1) (Version: - )
Fallout 3 (HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.7.0.3 - Bethesda Softworks)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.4.0 - Ubisoft)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GDR 5343 for SQL Server 2012 (KB3045321) (HKLM-x32\...\KB3045321) (Version: 11.2.5343.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.0.3.171 - IObit)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KeePass Password Safe 2.30 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.30 - Dominik Reichl)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version: - Tripwire Interactive)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.385 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.385 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (HKLM-x32\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 cs)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Prime Benchmark 3.1 (HKLM-x32\...\Prime Benchmark_is1) (Version: - Vlastimil Burian)
PWGen 2.6.0 (HKLM-x32\...\{8A5E6B59-2804-4677-8A5F-DEBC218CE4E0}_is1) (Version: - Christian Thöing)
qBittorrent 3.2.3 (HKLM-x32\...\qBittorrent) (Version: 3.2.3 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
Serious Sam 2 (HKLM-x32\...\SeriousSam2) (Version: - )
Service Pack 2 for SQL Server 2012 (KB2958429) (HKLM-x32\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Telegram Desktop version 0.9.2 (HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.2 - Telegram Messenger LLP)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
ZOMBI v.версия 1.0 (HKLM-x32\...\ZOMBI_is1) (Version: - )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.9 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

19-09-2015 20:22:18 AVG 2015 restore point
19-09-2015 23:08:43 Removed AVG 2015
19-09-2015 23:10:59 Removed AVG 2015
20-09-2015 14:25:53 Operace obnovení
23-09-2015 21:49:30 Windows Update
23-09-2015 22:47:27 Installing COMODO Firewall
26-09-2015 01:31:15 µTorrent restore point
30-09-2015 22:41:28 360 Total Security restore point
30-09-2015 23:09:32 Removed Microsoft Office Professional Plus 2013
30-09-2015 23:10:04 PROPLUSR
30-09-2015 23:16:45 Removing COMODO Firewall
01-10-2015 16:05:51 Restore Point Created by FRST

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-06-18 21:45 - 2015-10-01 16:14 - 00000029 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {060020EF-B665-4795-9FF3-7115BCCA5BFA} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {1754DEE7-B15D-4684-BFE4-7EC7B2A8102E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {22904216-C1D0-45D0-881E-26E480E29E42} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {26EBDCD2-C7FA-4C1D-8DF3-27C98C16F469} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-17] (Adobe Systems Incorporated)
Task: {40F1D8AC-7C74-419D-99A4-FDC8E34EEBD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {47BF8136-5BC1-499F-A958-FDD22F09D56D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {4CC7DDEE-8F7E-456F-87AA-91B06C4069F5} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {54C33C36-CEEE-449E-95E1-5A5B3A5D9B46} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-05-27] (Microsoft Corporation)
Task: {5B03405B-ADCD-48C6-8F69-E693E10A0D2F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5F3DDBD1-B785-47A5-B9BE-577CB73E3E59} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {650178BC-DBFD-4C8B-A89E-7481C097C057} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-05-27] (Microsoft Corporation)
Task: {6BAA8D42-87C0-428A-91E3-4545A9E4D1F3} - System32\Tasks\Uninstaller_SkipUac_Admin => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-08-25] (IObit)
Task: {7B7626C5-6A36-4283-9A05-AEE639239C09} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {89E8D41F-9A78-4F7D-9220-9D8609A151E0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A79AFD1A-A733-4902-A5BC-A090B8FA8B45} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-05-27] (Microsoft Corporation)
Task: {B2261EC4-2B08-4F2F-A0B5-F238F58E6577} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-05-27] (Microsoft)
Task: {B71AAB24-5395-4C0B-9856-60518FD24143} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {C15FD362-C855-4D7C-BB25-78B1C06D7EC2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-05-27] (Microsoft Corporation)
Task: {C681F58B-B5CE-4EAD-8AD5-09CD82DDD995} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {CBF8079A-012D-4D4B-A471-0CECF116DF43} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {F1266AB4-BA42-4E81-A579-8A5AC42FCED4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-26] (Piriform Ltd)
Task: {FE997E90-DF24-4029-BC98-F09B7367650C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Admin.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-31 17:20 - 2015-07-31 17:20 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-21 01:38 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-09-02 22:33 - 2014-01-28 05:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2015-09-03 00:29 - 2014-04-24 08:29 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2015-09-30 22:50 - 2015-09-30 22:50 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-01 16:13 - 2014-05-01 16:13 - 00470016 _____ () C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 22:50 - 2015-09-30 22:50 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:05 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-09-18 12:47 - 2015-09-18 12:47 - 03495936 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\kpcengine.2.3.dll
2015-09-04 21:33 - 2015-10-01 16:13 - 00033792 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-09-02 22:33 - 2014-01-28 05:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-27 20:21 - 2014-09-03 10:46 - 00203768 _____ () C:\Program Files\Bitdefender\Bitdefender Safepay\txmlutil.dll
2015-09-27 20:21 - 2014-09-03 10:48 - 00033336 _____ () C:\Program Files\Bitdefender\Bitdefender Safepay\manupdchksch.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\accountaccessor.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\appdrvrem01.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AppointmentApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentClient.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentExtensions.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AppXDeploymentServer.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\BingMaps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\bisrv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\CallHistoryClient.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\CellularAPI.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Chakra.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Chakradiag.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ChatApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\cloudAP.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\coin95itp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\configmanager2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ContactApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\CoreMessaging.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\CoreUIComponents.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\CredProvDataModel.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\DataSenseHandlers.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\DeviceEnroller.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\directmanipulation.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dmcertinst.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dmcsps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dmenrollengine.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\edgehtml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\EmailApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\enrollmentapi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\enterprisecsps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\esent.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hevcdecoder.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpotscl1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpovst01.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hpowiav1.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\hppldcoi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\HPZLLLHN.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\HttpsDataSource.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\JpMapControl.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\KnobsCore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\KnobsCsp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LicenseManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LicenseManagerShellext.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LocationCrowdsource.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LocationFramework.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LocationGeofences.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LocationPeCell.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LocationPeIP.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LocationPeWiFi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LocationWebproxy.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LocationWiFiAdapter.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LockAppBroker.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MapConfiguration.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MapControlCore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MapsStore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MbaeApi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MBMediaManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MDMAppInstaller.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mdmmigrator.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mdmregistration.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MessagingDataModel2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MFCaptureEngine.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfcore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfds.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MFMediaEngine.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfsvr.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\modernexecserver.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mos.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MPSSVC.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\msmpeg2vdec.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ncryptprov.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\netcenter.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NetworkMobileSettings.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ngccredprov.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ngckeyenum.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ngcsvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NotificationController.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\omadmapi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\omadmclient.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\OpenAL32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PhoneCallHistoryApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PimIndexMaintenance.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\pnidui.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PortChanger.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\provengine.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\provisioningcsp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\provops.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PsmServiceExtHost.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\psmsrv.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\pwdrvio.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\pwdspio.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\pwNative.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\RDXService.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\remoteaudioendpoint.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\RemoteNaturalLanguage.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SensorsApi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_nt.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SettingSyncHost.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SharedStartModel.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\StoreAgent.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SubscriptionMgr.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\syncmlhook.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\syncutil.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SystemEventsBrokerServer.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\tetheringservice.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\tileobjserver.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\TokenBroker.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\twinapi.appcore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\UIAutomationCore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Unistore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\UserDataAccountApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\UserDataService.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\VEEventDispatcher.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\VEStoreEventHandlers.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wcmcsp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wcmsvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wifinetworkmanager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\win32kbase.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\win32kfull.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Internal.Management.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Speech.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Speech.Pal.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\windows.storage.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Logon.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Shell.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\winlogon.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\winmde.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wlansvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wlidsvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wmpmde.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\workfolderssvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wpnapps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wpx.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wrap_oal.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WUDFx02000.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuuhext.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WWanAPI.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wwancfg.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wwanconn.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wwanmm.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wwansvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppointmentApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\AsIO.dll:$CmdZnID
AlternateDataStreams: C:\WINDOWS\SysWOW64\atl70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\atl71.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\BingMaps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\CallHistoryClient.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakra.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakradiag.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ChatApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\comct232.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\comct332.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\comctl32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\comdlg32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ContactApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\CoreMessaging.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\CoreUIComponents.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\CredProvDataModel.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\dblist32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\directmanipulation.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\edgehtml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\EmailApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\esent.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\hevcdecoder.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\JpMapControl.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\LicenseManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppBroker.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapConfiguration.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapControlCore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MbaeApi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mci32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mdmregistration.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MessagingDataModel2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70chs.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70cht.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70deu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70enu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70esp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70fra.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70ita.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70jpn.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70kor.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc70u.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71chs.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71cht.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71deu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71enu.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71esp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71fra.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71ita.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71jpn.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71kor.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfc71u.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MFCaptureEngine.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfcore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfds.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MFMediaEngine.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsvr.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mos.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscomct2.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscomctl.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscomctl32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscomm32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msdatgrd.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msdatlst.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msflxgrd.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshflxgd.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msinet.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msmask32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msmpeg2vdec.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msstdfmt.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msstkprp.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvbvm50.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvci70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcp70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcp71.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr70.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcr71.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvcrt10.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mswinsck.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ncryptprov.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\netcenter.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenAL32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\picclp32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\richtx32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\SensorsApi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncHost.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\sysinfo.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\tabctl32.ocx:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\TokenBroker.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinapi.appcore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\UIAutomationCore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Unistore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserDataAccountApis.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\usoapi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\vb40032.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\VEEventDispatcher.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\windows.storage.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\winmde.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wpnapps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wrap_oal.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\WWanAPI.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\amdacpksl.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\buttonconverter.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4Prt.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Dot4usb.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgkrnl.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms1.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms2.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\fastfat.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetbus64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetdiag64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgandnetmodem64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndis.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pdc.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\portcls.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Rt630x64.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdbus.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudmdm.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tcpip.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbfilter.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBHUB3.SYS:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Wdf01000.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Drivers\AsIO.sys:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Desktop\1236267_561312527249977_783174237_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Desktop\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Desktop\OOSU10.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Desktop\OOSU10.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Desktop\procexp.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Desktop\procexp.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Documents\BRenamerl.exe:$CmdTcID
AlternateDataStreams: C:\Users\Admin\Documents\BRenamerl.exe:$CmdZnID
AlternateDataStreams: C:\Users\Admin\Documents\M5A97R20.CAP:$CmdZnID

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Desktop\11951000_1124818207545513_2093467924_n - kopie.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: appdrvrem01 => 3
MSCONFIG\Services: cmdvirth => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: Secunia PSI Agent => 3
MSCONFIG\Services: Secunia Update Agent => 3
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "Classic Start Menu"
HKLM\...\StartupApproved\Run: => "InstallerLauncher"
HKLM\...\StartupApproved\Run: => "obkagent"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{7CCF0C25-11D5-4CA3-A17C-88176E07BBE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B1378552-86AD-4D8F-B766-399ED8AA1EB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{FEE81C9C-4983-4427-B73C-363C9F430C04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{884490E6-DD28-4AC2-BB92-D6814E7AAF6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D999DEBF-8316-4E97-B3C8-DBD9B76699E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A9DDC3BA-5DBC-4AB9-9AFF-03523FEFA388}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2F336433-F382-4DA8-8E5B-04CEE10B9457}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{8AF5C2DB-6EDD-4A7F-B912-9E56A18FC4A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{922E858E-3D74-40CB-9857-33BBB806E4DC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{38A25821-D07E-4BD4-A502-1B8A8B10B1D9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{F66DE5FC-611A-4871-B65E-EF076E6B0C4D}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [UDP Query User{C73CD06D-C9E4-4837-B4E3-39B4C97C570E}C:\hry\far cry 4\bin\farcry4.exe] => (Block) C:\hry\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{5539A1A8-2B60-4F32-A105-9A8B791DFF0F}C:\hry\far cry 4\bin\farcry4.exe] => (Block) C:\hry\far cry 4\bin\farcry4.exe
FirewallRules: [{2550B052-FD6D-4338-8847-CE1B8B70B389}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4B9F961C-C405-4E44-AEA1-DFD040588F34}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{72DF78AC-E0C4-4548-9B2C-C9A809B359A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5D09E645-414F-4AD5-85A2-6D8F0B5D5175}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9382ED3E-9F6A-4E9C-AE1E-A68515157CD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{E94DD0B9-4099-4496-877A-206EBF843DF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{98BFAA31-5FCB-466E-BB20-FD89F2BC54A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{C1E0919B-90C3-4FFA-80DA-D46CAC3768A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [TCP Query User{3DD7B35F-D681-401C-B612-23E64F12DF12}C:\hry\th145\th145.exe] => (Allow) C:\hry\th145\th145.exe
FirewallRules: [UDP Query User{EC15E5B0-364B-4C03-ADC0-503E983C8966}C:\hry\th145\th145.exe] => (Allow) C:\hry\th145\th145.exe
FirewallRules: [TCP Query User{48BD4D45-1698-4D90-97D3-56043EF72AA0}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{2668DAA6-946D-44E9-A88C-C7E2728E39FD}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{004203BE-33B1-41BA-ADD9-ADDBCBC546E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{9A26A461-049E-463B-ACA3-615B0A2C5A85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{C246FA8F-5E0C-4F18-8BB7-88B5BE9E9FE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{186F2F85-B3EA-4CE4-9310-D579078A47A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{DC0F2D4E-128E-48FD-9C71-EC4AB6A8A1BA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C8514DE6-43DB-4A4C-82E0-CFE438AD6CC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{0B2EB879-D9A5-4BA0-BC6B-C46BE1AEB374}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{097060B4-941C-47E4-B333-2B55B196E0E4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{743A4758-5EB5-48FA-9F31-22AB13FFA1C0}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{408380CB-0C96-4D75-AAA4-A3B0C793D514}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/01/2015 04:34:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: herdProtectScan.exe, verze: 1.0.3.9, časové razítko: 0x549300f9
Název chybujícího modulu: LSASRV.dll, verze: 10.0.10240.16392, časové razítko: 0x55a868f9
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004e20e
ID chybujícího procesu: 0xe4
Čas spuštění chybující aplikace: 0xherdProtectScan.exe0
Cesta k chybující aplikaci: herdProtectScan.exe1
Cesta k chybujícímu modulu: herdProtectScan.exe2
ID zprávy: herdProtectScan.exe3
Úplný název chybujícího balíčku: herdProtectScan.exe4
ID aplikace související s chybujícím balíčkem: herdProtectScan.exe5

Error: (10/01/2015 04:14:14 PM) (Source: MSSQL$ADK) (EventID: 17207) (User: )
Description: FileMgr::StartLogFiles: Operating system error 2(Systém nemůže nalézt uvedený soubor.) occurred while creating or opening file 'e:\sql11_main_t.obj.x86release\sql\mkmastr\databases\objfre\i386\modellog.ldf'. Diagnose and correct the operating system error, and retry the operation.

Error: (10/01/2015 04:14:14 PM) (Source: MSSQL$ADK) (EventID: 17204) (User: )
Description: FCB::Open failed: Could not open file e:\sql11_main_t.obj.x86release\sql\mkmastr\databases\objfre\i386\model.mdf for file number 1. OS error: 3(Systém nemůže nalézt uvedenou cestu.).

Error: (10/01/2015 04:14:13 PM) (Source: MSSQL$ADK) (EventID: 17207) (User: )
Description: FileMgr::StartLogFiles: Operating system error 2(Systém nemůže nalézt uvedený soubor.) occurred while creating or opening file 'e:\sql11_main_t.obj.x86release\sql\mkmastr\databases\objfre\i386\MSDBLog.ldf'. Diagnose and correct the operating system error, and retry the operation.

Error: (10/01/2015 04:14:13 PM) (Source: MSSQL$ADK) (EventID: 17204) (User: )
Description: FCB::Open failed: Could not open file e:\sql11_main_t.obj.x86release\sql\mkmastr\databases\objfre\i386\MSDBData.mdf for file number 1. OS error: 3(Systém nemůže nalézt uvedenou cestu.).

Error: (10/01/2015 04:06:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service COMODO Internet Security Helper Service since QueryServiceConfig API failed

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (10/01/2015 04:06:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (10/01/2015 04:06:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary COMODO Internet Security Eradication Driver.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (10/01/2015 04:06:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary BAPIDRV.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (10/01/2015 04:06:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary 360FsFlt mini-filter driver.

System Error:
Systém nemůže nalézt uvedený soubor.
.


System errors:
=============
Error: (10/01/2015 04:38:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/01/2015 04:38:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/01/2015 04:38:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/01/2015 04:38:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/01/2015 04:38:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/01/2015 04:38:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/01/2015 04:38:13 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/01/2015 04:38:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/01/2015 04:38:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/01/2015 04:38:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici


CodeIntegrity:
===================================
Date: 2015-10-01 15:29:21.000
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-09-30 23:50:41.288
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-09-30 23:50:13.086
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-30 23:50:13.062
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-30 23:50:13.048
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-30 23:50:13.010
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-30 23:50:12.992
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-30 23:50:12.958
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-30 23:50:12.939
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-09-30 23:50:12.893
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 41%
Total physical RAM: 8093.5 MB
Available physical RAM: 4740.23 MB
Total Virtual: 16285.5 MB
Available Virtual: 12452.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.73 GB) (Free:416.88 GB) NTFS
Drive d: (Untitled) (Fixed) (Total:931.51 GB) (Free:339.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E3B86E78)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B7F7BA07)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[altrok]

Smazte tyto soubory:

• C:\ProgramData\cis20E3.exe
  C:\ProgramData\cis2AD1.exe
  C:\ProgramData\cisE1C7.exe
  C:\ProgramData\cisE73A.exe
  C:\ProgramData\cisF5EB.exe
  C:\ProgramData\cisFFC2.exe

V logu jinak zadny malware nevidim.

[Mine.]

Děkuji Vám. Prosím lock.

[altrok]

Nemate zac, rad jsem pomohl


Mejte se krasne a treba zase nekdy