Prosím o kontrolu logu, děkuji

Zpráva

Segepe · #1 Příspěvek od **Segepe** » 09 čer 2016 13:52

Prosím o kontrolu logu, děkuji:

info.txt logfile of random's system information tool 1.10 2016-06-09 14:42:30

======MBR======

0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000133836DD000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->"C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.ini
-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall
-->C:\WINDOWS\system32\RunDll32.Exe C:\WINDOWS\system32\SetupAPI.Dll,InstallHinfSection DefaultUninstall.NTx86 4 C:\WINDOWS\INF\thdudf.Inf
-->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
Adblock Plus for IE (32-bit and 64-bit)-->MsiExec.exe /X{26D488C3-89E9-455C-B96A-1ADF65A26C54}
Adobe Flash Player 21 NPAPI-->C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_Plugin.exe -maintain plugin
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
AMD Radeon Settings-->"C:\AMD\WU-CCC2\ccc2_install\WULaunchApp.exe" -uninstall
ARMA 2 Operation Arrowhead Uninstall-->C:\Program Files (x86)\Bohemia Interactive\ArmA 2\UnInstall_OA.exe
ARMA 2 REINFORCEMENTS Uninstall-->C:\Program Files (x86)\Bohemia Interactive\ArmA 2 REINFORCEMENTS\UnInstall_OA.exe
ArmA 2 Uninstall-->C:\Program Files (x86)\Bohemia Interactive\ArmA 2\UnInstall.exe
Avira Antivirus-->C:\Program Files (x86)\Avira\Antivirus\setup.exe /REMOVE
Avira Launcher-->"C:\ProgramData\Package Cache\{28d41884-9b36-4f54-bed2-92863f08e65d}\Avira.OE.Setup.Bundle.exe" /uninstall
Avira Launcher-->MsiExec.exe /X{6AF775D8-E2DD-4D8B-9636-D0F6992B7A1A}
Avira Phantom VPN-->"C:\Program Files (x86)\Avira\VPN\uninstaller.exe"
Battlefield 2: Special Forces-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{50D4CB89-AF34-4978-96DC-C3034062E901}\setup.exe" -l0x9 -removeonly
Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging
Battlefield 4™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 4\Cleanup.exe" uninstall_game -autologging
Battlefield™ Hardline-->"C:\Program Files (x86)\Common Files\EAInstaller\BFH\Cleanup.exe" uninstall_game -autologging
Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
BattlEye for OA Uninstall-->C:\Program Files (x86)\Bohemia Interactive\ArmA 2Expansion\BattlEye\UnInstallBE.exe
BattlEye Uninstall-->C:\Program Files (x86)\Bohemia Interactive\ArmA 2\BattlEye\UnInstallBE.exe
BattlEye Uninstall-->C:\Program Files (x86)\Bohemia Interactive\ArmA 2Expansion\BattlEye\UnInstallBE.exe
Call of Duty(R) - World at War(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0409
Call of Duty: Black Ops II - Multiplayer-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/202990
Call of Duty: Black Ops II - Zombies-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/212910
Call of Duty: Black Ops II-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/202970
Canon Easy-WebPrint EX-->"C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.ini
Canon IJ Scan Utility-->"C:\Program Files (x86)\Canon\IJ Scan Utility\MAINT.exe" /UninstallRemove C:\Program Files (x86)\Canon\IJ Scan Utility\uninst.ini
Canon Inkjet Printer/Scanner/Fax Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R
Canon MG5500 series MP Drivers-->"C:\Program Files\CanonBJ\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series\DELDRV64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series /L0x0005
Canon MG5500 series On-screen Manual-->C:\Program Files (x86)\Canon\IJ Manual\Canon MG5500 series\uninstall.exe
Canon My Image Garden Design Files-->"C:\Program Files (x86)\Canon\My Image Garden\AddOn\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\My Image Garden\AddOn\uninst.ini
Canon My Image Garden-->"C:\Program Files (x86)\Canon\My Image Garden\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\My Image Garden\uninst.ini
Canon My Printer-->"C:\Program Files\Canon\MyPrinter\uninst.exe" /UninstallRemove C:\Program Files\Canon\MyPrinter\uninst.ini
Canon Quick Menu-->"C:\Program Files (x86)\Canon\Quick Menu\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Quick Menu\uninst.ini
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Far Cry Primal-->"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe" uplay://uninstall/2010
GameSpy Arcade-->C:\PROGRA~2\GAMESP~1\UNWISE.EXE C:\PROGRA~2\GAMESP~1\INSTALL.LOG
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Grand Theft Auto V-->"C:\Program Files (x86)\InstallShield Installation Information\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}\Setup.exe" -runfromtemp -l0x0409 -removeonly
HP Customer Experience Enhancements-->MsiExec.exe /X{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}
HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Support Solutions Framework-->MsiExec.exe /X{79CA8D8A-8371-4146-8920-C1405318E65E}
HTC Driver Installer-->MsiExec.exe /X{4CEEE5D0-F905-4688-B9F9-ECC710507796}
ICQ Toolbar-->C:\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7.5-->"C:\Program Files (x86)\InstallShield Installation Information\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IPTInstaller-->MsiExec.exe /I{08208143-777D-4A06-BB54-71BF0AD1BB70}
KMPlayer (remove only)-->"C:\KMPlayer\uninstall.exe"
Knoll Light Factory EZ Studio 15-->C:\WINDOWS\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 15\Plugins\RTFx\klfezstudio.log
Medal of Honor: Pacific Assault™-->"C:\Program Files (x86)\Common Files\EAInstaller\Medal of Honor Pacific Assault\Cleanup.exe" uninstall_game -autologging
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Office-->MsiExec.exe /X{90150000-0138-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727-->"C:\ProgramData\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610-->"C:\ProgramData\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727-->MsiExec.exe /X{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727-->MsiExec.exe /X{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727-->MsiExec.exe /X{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Mozilla Firefox 41.0.2 (x86 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
OF Dragon Rising-->"C:\Program Files (x86)\InstallShield Installation Information\{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}\setup.exe" -runfromtemp -l0x0009 -removeonly
OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
Operation Flashpoint: Dragon Rising-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/12830
Operation Flashpoint: Red River-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/44340
Ovladače videa společnosti Pinnacle-->MsiExec.exe /X{6DE721A5-5E89-4D74-994C-652BB3C0672E}
Pinnacle Studio 15 Ultimate Plugins-->MsiExec.exe /I{EB5DF19E-75D5-4FF1-AE23-2A9A2E0F2BDD}
Pinnacle Studio 15-->MsiExec.exe /I{1362E602-9625-42D3-B57F-CDA9D26F9DA8}
PunkBuster Services-->C:\Program Files (x86)\Origin Games\BFH\pbsvc.exe -u
Python 3.4.3-->MsiExec.exe /I{CCD588A7-8D55-49F1-A30C-47FAB40889ED}
Realtek Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}\setup.exe" -runfromtemp -removeonly
Record Page-->"C:\Program Files (x86)\Record Page\uninstaller.exe"
Red Giant ToonIt Studio 15-->C:\WINDOWS\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 15\Plugins\RTFx\rgtoonitstudio.log
Registrace uživatele zařízení Canon MG5500 series-->C:\Program Files (x86)\Canon\IJEREG\MG5500 series\UNINST.EXE
Rise of the Tomb Raider-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/391220
Rockstar Games Social Club-->C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {DF2F5DAC-93D7-434B-96B1-EAF4D891AD24}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A33F3451-9AD4-46C0-9CDB-AA38071CDAB5}
Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition -->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {BF11577A-6876-45AA-86C9-2BA4CFB8B019}
Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BF11577A-6876-45AA-86C9-2BA4CFB8B019}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562}
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1}
Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {08F2015D-61E9-4252-9355-AB8D15C73C96}
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FC572B0C-6356-46CC-A01E-CCCEC4340BF5}
Security Update for Microsoft Office 2007 suites (KB2956110) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {488CDF0A-098C-4CF5-8552-DA5F2F7B7829}
Security Update for Microsoft Office 2007 suites (KB2984938) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E359D786-B101-4545-B8AB-8652323CF3CA}
Security Update for Microsoft Office 2007 suites (KB2984943) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {800D1A82-D1B0-4ED4-89B4-C666B570ABA5}
Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8D2CDFAB-0079-43CC-A289-2F7A67F0A4DE}
Security Update for Microsoft Office 2007 suites (KB3085620) 32-Bit Edition -->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {4D53A846-569C-4AEA-B973-4C6A933BCC8D}
Security Update for Microsoft Office 2007 suites (KB3114542) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA74D645-C66D-4B50-9806-57A3CB294365}
Security Update for Microsoft Office 2007 suites (KB3114742) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {338CAB95-B75C-4A6E-92D8-7CA7BA4EE3D0}
Security Update for Microsoft Office Access 2007 (KB2596614) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F774C8A-B1CE-486C-A64E-EA96AE48B813}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114895) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A749C6FE-3DD9-4D3E-AA9A-64095F4CD0CD}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3115115) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {84F2FDE1-DCF6-4480-984D-FFF6E0B3547E}
Security Update for Microsoft Office Excel 2007 (KB3114892) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {DDB4509D-37F2-428E-A256-4E20EDF38338}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office InfoPath 2007 (KB3114426) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {26C5C75F-E1FD-4F95-AA29-CA221C3AFEEE}
Security Update for Microsoft Office OneNote 2007 (KB2889915) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {26BD5742-76C6-460F-97CB-356F0DB338FE}
Security Update for Microsoft Office Outlook 2007 (KB2880510) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6D4A2CBC-38B2-4835-AEAB-3CD6F104A8B9}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B9E85A9D-2565-4DDC-A21D-34DACF7D716A}
Security Update for Microsoft Office Publisher 2007 (KB2880506) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {724051CF-E09E-4F84-9946-F5014AB7389B}
Security Update for Microsoft Office Word 2007 (KB3115116) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {35DBC484-3E2A-40CD-87D3-FF76A7EAECD7}
SketchUp 2015-->MsiExec.exe /X{350488A4-1540-4103-8F01-B27503891EB0}
Skype™ 7.13-->MsiExec.exe /X{6A0549A9-1B96-498C-ACBC-3943001FEB19}
Tom Clancy's EndWar-->"C:\Program Files (x86)\InstallShield Installation Information\{7C3D8108-8D99-427F-A1C2-D8E0D25A469C}\setup.exe" -runfromtemp -l0x0009 -removeonly
TomTom MyDrive Connect 4.1.0.2658-->C:\Program Files (x86)\MyDrive Connect\Uninstall TomTom MyDrive Connect.exe
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7C3337E5-1294-4270-A64F-DCEF812159E5}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3115110) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4DE3F288-79BE-4BFC-BEAB-C8F55BAA1DAB}
UpdateAdmin-->MsiExec.exe /I{81F17B54-5D57-485E-88CC-F6D20D66B5E0}
Uplay-->C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
Visual Studio 2012 x64 Redistributables-->MsiExec.exe /I{8C775E70-A791-4DA8-BCC3-6AB7136F4484}
Visual Studio 2012 x86 Redistributables-->MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
Visual Studio C++ 10.0 Runtime-->MsiExec.exe /I{4412F224-3849-4461-A3E9-DEEF8D252790}

======Hosts File======

127.0.0.1 static3.cdn.ubi.com
127.0.0.1 ubisoft-orbit.s3.amazonaws.com
127.0.0.1 onlineconfigservice.ubi.com
127.0.0.1 orbitservice.ubi.com
127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com

======System event log======

Computer Name: Segepe
Event Code: 32
Message: Nástroj bootmgr strávil 0 ms čekáním na vstup od uživatele.
Record Number: 5
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20151211083602.698502-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Segepe
Event Code: 26
Message: Při spouštění byla použita jednorázová spouštěcí sekvence.
Record Number: 4
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20151211083602.698445-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Segepe
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 3
Source Name: EventLog
Time Written: 20151211083724.728132-000
Event Type: Informace
User:

Computer Name: Segepe
Event Code: 6009
Message: Microsoft (R) Windows (R) 10.00. 10586 Multiprocessor Free.
Record Number: 2
Source Name: EventLog
Time Written: 20151211083724.728132-000
Event Type: Informace
User:

Computer Name: Segepe
Event Code: 12
Message: Operační systém se spustil v systémovém čase ‎2015‎-‎12‎-‎11T08:36:02.496607600Z.
Record Number: 1
Source Name: Microsoft-Windows-Kernel-General
Time Written: 20151211083602.698361-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Segepe
Event Code: 8224
Message: Služba VSS bude ukončena z důvodu vypršení časového limitu nečinnosti.
Record Number: 13335
Source Name: VSS
Time Written: 20160120100713.794765-000
Event Type: Informace
User:

Computer Name: Segepe
Event Code: 2
Message: Agents finished running. 49 total new dataclasses:
* DiskPhysical: no new dataclass in 3389ms
* Biosphere: no new dataclass in 4811ms
* Bios: no new dataclass in 4982ms
* DriverCrash: no new dataclass in 1015ms
* HPITImage: no new dataclass in 359ms
* HpsaMessages: no new dataclass in 203ms
* HpsaUpdates: no new dataclass in 171ms
* OperatingSystem: no new dataclass in 46ms
* MemoryPhysical: no new dataclass in 296ms
* SmartDrive: 13 dataclasses in 484ms
* System: no new dataclass in 250ms
* User: no new dataclass in 171ms
* WindowsServices: 23 dataclasses in 12851ms
* SystemState: 1 dataclass in 18648ms
* WindowsProcesses: 11 dataclasses in 20570ms
* ApplicationsInstalled: 1 dataclass in 29521ms
Record Number: 13334
Source Name: HP Active Health
Time Written: 20160120100655.070765-000
Event Type: Informace
User:

Computer Name: Segepe
Event Code: 1035
Message: Instalační služba systému Windows provedla opětovnou konfiguraci produktu. Název produktu: Catalyst Control Center Graphics Previews Common. Verze produktu: 2013.0219.2221.40111. Jazyk produktu: 1033. Výrobce: Advanced Micro Devices, Inc.. Stav opětovné konfigurace (úspěch nebo chyba): 0.
Record Number: 13333
Source Name: MsiInstaller
Time Written: 20160120100654.961387-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Segepe
Event Code: 1035
Message: Instalační služba systému Windows provedla opětovnou konfiguraci produktu. Název produktu: CCC Help Polish. Verze produktu: 2015.1104.1642.30033. Jazyk produktu: 1033. Výrobce: Advanced Micro Devices, Inc.. Stav opětovné konfigurace (úspěch nebo chyba): 0.
Record Number: 13332
Source Name: MsiInstaller
Time Written: 20160120100654.883262-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Segepe
Event Code: 1035
Message: Instalační služba systému Windows provedla opětovnou konfiguraci produktu. Název produktu: ccc-core-static. Verze produktu: 2013.0219.2221.40111. Jazyk produktu: 1033. Výrobce: Advanced Micro Devices, Inc.. Stav opětovné konfigurace (úspěch nebo chyba): 0.
Record Number: 13331
Source Name: MsiInstaller
Time Written: 20160120100654.805137-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: Segepe
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5539
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160103124650.368995-000
Event Type: Úspěšný audit
User:

Computer Name: Segepe
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SEGEPE$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Informace o přihlášení:
Typ přihlášení: 5
Omezený režim správce: -
Virtuální účet: Ne
Token se zvýšeným oprávněním: Ano

Úroveň zosobnění: Zosobnění

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7
ID propojeného přihlášení: 0x0
Název účtu v síti: -
Doména účtu v síti: -
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x330
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě: -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (jenom NTLM): -
Délka klíče: 0

Tato událost je vygenerována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole předmětu označují účet v místním systému, který si vyžádal přihlášení. Obvykle se jedná o službu, například serverovou službu, nebo o místní proces, například Winlogon.exe nebo Services.exe.

Pole typu přihlášení označuje druh přihlášení, které proběhlo. Nejčastější typy jsou 2 (interaktivní) a 3 (síťové).

Pole Nové přihlášení označují účet, pro který bylo vytvořeno nové přihlášení, tj. přihlášený účet.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole úrovně zosobnění označuje rozsah, ve kterém může být proces v přihlašovací relaci zosobněn.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují pomocné služby, které se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje dílčí protokol z protokolů NTLM, který byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 5538
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160103124650.368982-000
Event Type: Úspěšný audit
User:

Computer Name: Segepe
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5537
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160103124649.838180-000
Event Type: Úspěšný audit
User:

Computer Name: Segepe
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SEGEPE$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Informace o přihlášení:
Typ přihlášení: 5
Omezený režim správce: -
Virtuální účet: Ne
Token se zvýšeným oprávněním: Ano

Úroveň zosobnění: Zosobnění

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7
ID propojeného přihlášení: 0x0
Název účtu v síti: -
Doména účtu v síti: -
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x330
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě: -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (jenom NTLM): -
Délka klíče: 0

Tato událost je vygenerována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole předmětu označují účet v místním systému, který si vyžádal přihlášení. Obvykle se jedná o službu, například serverovou službu, nebo o místní proces, například Winlogon.exe nebo Services.exe.

Pole typu přihlášení označuje druh přihlášení, které proběhlo. Nejčastější typy jsou 2 (interaktivní) a 3 (síťové).

Pole Nové přihlášení označují účet, pro který bylo vytvořeno nové přihlášení, tj. přihlášený účet.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole úrovně zosobnění označuje rozsah, ve kterém může být proces v přihlašovací relaci zosobněn.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují pomocné služby, které se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje dílčí protokol z protokolů NTLM, který byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 5536
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160103124649.838167-000
Event Type: Úspěšný audit
User:

Computer Name: Segepe
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3E7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5535
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160103122825.880078-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=21
"PROCESSOR_IDENTIFIER"=AMD64 Family 21 Model 16 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=1001
"FP_NO_HOST_CHECK"=NO
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PY
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\Pinnacle\Shared Files\
"OnlineServices"=Online Services
"Platform"=HPD
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------

Segepe · #2 Příspěvek od **Segepe** » 09 čer 2016 15:00

LOG:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Segepe at 2016-06-09 14:42:23
Microsoft Windows 10 Home
System drive C: has 86 GB (9%) free of 938 GB
Total RAM: 8133 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:42:28, on 9. 6. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Segepe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=HPDTDFJS
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Record Page - {2335267c-dbba-4dd5-a9d0-c4db8e6a75a4} - (no file)
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKCU\..\Run: [OneDrive] "C:\Users\TEMP.Segepe.001\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\TEMP.Segepe.001\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\TEMP.Segepe.001\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12717 bytes

======Listing Processes======

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
atieclxx
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
"C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
dashost.exe {8187a951-c7b1-444c-86c38ed671edacaa}
C:\WINDOWS\system32\wbem\wmiprvse.exe
taskeng.exe {DD963627-54D2-4948-964F-9D00311B7EFD}
taskeng.exe {8DFFA349-DFC3-4EB1-81E7-DA2B09C70C4E}
"C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe"
sihost.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding

"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.168_none_76587b40265ca57e\TiWorker.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=50.0.2661.102 --handshake-handle=0x1ac
"C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5448 --on-initialized-event-handle=552 --parent-handle=556 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5444.0.1303231641\970986733" --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,12,24,53 --gpu-vendor-id=0x1002 --gpu-device-id=0x6611 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.300.1025.1001 --ignored=" --type=renderer " /prefetch:2
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2896274908-776685517-1184625683-10011_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2896274908-776685517-1184625683-10011 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 620 624 632 8192 628
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_29/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="5444.2.1910552926\1687710416" /prefetch:1
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_000008c8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,WebFontsIntervention<WebFontsIntervention,brotli-encoding<BrotliEncoding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control50pct/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_29/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="5444.5.1194799341\943395126" /prefetch:1
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}

"C:\Users\TEMP.Segepe.001\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForSegepe.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForSegepe (null)
C:\WINDOWS\tasks\simplitec Power Suite (Tray).job - C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
C:\WINDOWS\tasks\simplitec Power Suite.job - C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe -task

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 209504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25 728840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2335267c-dbba-4dd5-a9d0-c4db8e6a75a4}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25 414776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25 617736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 6133848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 4439128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-08-23 41664]
"StartCN"=C:\Program Files\AMD\CNext\CNext\cnext.exe [2015-11-29 4866760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\TEMP.Segepe.001\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-11 548552]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
"cz.seznam.software.autoupdate"=C:\Users\TEMP.Segepe.001\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\TEMP.Segepe.001\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2013-05-02 1282120]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2016-05-04 67840]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2016-05-16 814608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SafeModeBlockNonAdmins"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2016-06-09 14:42:23 ----D---- C:\rsit
2016-06-03 04:37:10 ----D---- C:\ProgramData\dbdata
2016-05-13 17:52:09 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2016-05-11 14:03:18 ----A---- C:\WINDOWS\SYSWOW64\MosStorage.dll
2016-05-11 14:03:18 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-05-11 14:03:17 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-05-11 14:03:17 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-05-11 14:03:17 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-05-11 14:03:17 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-05-11 14:03:17 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-05-11 14:03:17 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 14:03:17 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 14:03:16 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 14:03:16 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-05-11 14:03:15 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 14:03:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-05-11 14:03:09 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-05-11 14:03:08 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-05-11 14:03:08 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-05-11 14:03:08 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-05-11 14:03:08 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-05-11 14:03:08 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 14:03:07 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-05-11 14:03:07 ----A---- C:\WINDOWS\system32\mos.dll
2016-05-11 14:03:07 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-05-11 14:03:06 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-05-11 14:03:05 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-05-11 14:03:02 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-05-11 14:02:58 ----A---- C:\WINDOWS\system32\shell32.dll
2016-05-11 14:02:58 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 14:02:57 ----A---- C:\WINDOWS\system32\twinui.dll
2016-05-11 14:02:57 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 14:02:56 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-05-11 14:02:55 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-05-11 14:02:55 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-05-11 14:02:55 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 14:02:54 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-05-11 14:02:54 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-05-11 14:02:52 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-05-11 14:02:52 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-05-11 14:02:51 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-05-11 14:02:51 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-05-11 14:02:51 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-05-11 14:02:50 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-05-11 14:02:50 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-05-11 14:02:50 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-05-11 14:02:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-05-11 14:02:49 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 14:02:47 ----A---- C:\WINDOWS\system32\d2d1.dll
2016-05-11 14:02:46 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-05-11 14:02:45 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 14:02:45 ----A---- C:\WINDOWS\explorer.exe
2016-05-11 14:02:44 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2016-05-11 14:02:44 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 14:02:44 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-05-11 14:02:44 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-05-11 14:02:43 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2016-05-11 14:02:43 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-05-11 14:02:43 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-05-11 14:02:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-05-11 14:02:42 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-05-11 14:02:41 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 14:02:40 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-05-11 14:02:40 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 14:02:40 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 14:02:40 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 14:02:40 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-05-11 14:02:40 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 14:02:39 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-05-11 14:02:39 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-05-11 14:02:39 ----A---- C:\WINDOWS\system32\moshost.dll
2016-05-11 14:02:39 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 14:02:39 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-05-11 14:02:38 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 14:02:38 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 14:02:38 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 14:02:37 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 14:02:37 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 14:02:36 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2016-05-11 14:02:36 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-05-11 14:02:36 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-05-11 14:02:36 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-05-11 14:02:36 ----A---- C:\WINDOWS\system32\dxgi.dll
2016-05-11 14:02:35 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 14:02:35 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-05-11 14:02:35 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-05-11 14:02:35 ----A---- C:\WINDOWS\system32\devinv.dll
2016-05-11 14:02:34 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2016-05-11 14:02:34 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-05-11 14:02:34 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-05-11 14:02:34 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 14:02:34 ----A---- C:\WINDOWS\system32\LogonController.dll
2016-05-11 14:02:33 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-05-11 14:02:33 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2016-05-11 14:02:33 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2016-05-11 14:02:33 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 14:02:33 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 14:02:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-05-11 14:02:32 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-05-11 14:02:32 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 14:02:32 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-05-11 14:02:32 ----A---- C:\WINDOWS\system32\invagent.dll
2016-05-11 14:02:32 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-05-11 14:02:31 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-05-11 14:02:31 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-05-11 14:02:31 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-05-11 14:02:31 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 14:02:31 ----A---- C:\WINDOWS\system32\jscript.dll
2016-05-11 14:02:31 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-05-11 14:02:31 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 14:02:30 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-05-11 14:02:30 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-05-11 14:02:30 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-05-11 14:02:30 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-05-11 14:02:30 ----A---- C:\WINDOWS\system32\RDXService.dll
2016-05-11 14:02:30 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 14:02:29 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-05-11 14:02:29 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-05-11 14:02:29 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-05-11 14:02:29 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 14:02:28 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 14:02:28 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-05-11 14:02:28 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-05-11 14:02:27 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-05-11 14:02:27 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-05-11 14:02:27 ----A---- C:\WINDOWS\system32\user32.dll
2016-05-11 14:02:27 ----A---- C:\WINDOWS\system32\SHCore.dll
2016-05-11 14:02:27 ----A---- C:\WINDOWS\system32\provhandlers.dll
2016-05-11 14:02:27 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-05-11 14:02:26 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-05-11 14:02:26 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-05-11 14:02:26 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 14:02:26 ----A---- C:\WINDOWS\system32\schannel.dll
2016-05-11 14:02:26 ----A---- C:\WINDOWS\system32\provengine.dll
2016-05-11 14:02:26 ----A---- C:\WINDOWS\system32\aepic.dll
2016-05-11 14:02:26 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 14:02:25 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2016-05-11 14:02:25 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-05-11 14:02:25 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-05-11 14:02:25 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 14:02:25 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-05-11 14:02:25 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 14:02:25 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 14:02:24 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2016-05-11 14:02:24 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2016-05-11 14:02:24 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 14:02:24 ----A---- C:\WINDOWS\system32\shacct.dll
2016-05-11 14:02:24 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 14:02:24 ----A---- C:\WINDOWS\system32\drivers\sdport.sys
2016-05-11 14:02:24 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-05-11 14:02:24 ----A---- C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 14:02:23 ----A---- C:\WINDOWS\SYSWOW64\d3d10level9.dll
2016-05-11 14:02:23 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2016-05-11 14:02:23 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-05-11 14:02:23 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 14:02:23 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-05-11 14:02:22 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll
2016-05-11 14:02:22 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-05-11 14:02:22 ----A---- C:\WINDOWS\system32\wininit.exe
2016-05-11 14:02:22 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-05-11 14:02:22 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 14:02:22 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 14:02:21 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-05-11 14:02:21 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2016-05-11 14:02:21 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 14:02:21 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 14:02:21 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 14:02:21 ----A---- C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 14:02:21 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 14:02:21 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 14:02:21 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-05-11 14:02:20 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2016-05-11 14:02:20 ----A---- C:\WINDOWS\SYSWOW64\MosHostClient.dll
2016-05-11 14:02:20 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2016-05-11 14:02:20 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2016-05-11 14:02:20 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 14:02:20 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 14:02:20 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 14:02:19 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2016-05-11 14:02:19 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 14:02:19 ----A---- C:\WINDOWS\system32\rsaenh.dll
2016-05-11 14:02:19 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 14:02:19 ----A---- C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 14:02:18 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2016-05-11 14:02:18 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 14:02:18 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2016-05-11 14:02:18 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2016-05-11 14:02:17 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-05-11 14:02:17 ----A---- C:\WINDOWS\system32\dwminit.dll
2016-05-11 14:02:17 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-05-11 14:02:16 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2016-05-11 14:02:16 ----A---- C:\WINDOWS\system32\wups.dll
2016-05-11 14:02:16 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-05-11 14:02:16 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 14:02:16 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2016-05-11 14:02:16 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 14:02:16 ----A---- C:\WINDOWS\system32\drivers\ufxsynopsys.sys
2016-05-11 14:02:16 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2016-05-11 14:02:16 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2016-05-11 14:02:16 ----A---- C:\WINDOWS\system32\drivers\filecrypt.sys
2016-05-11 14:02:16 ----A---- C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 14:02:15 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2016-05-11 14:02:15 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-05-11 14:02:15 ----A---- C:\WINDOWS\SYSWOW64\hmkd.dll
2016-05-11 14:02:15 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2016-05-11 14:02:15 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 14:02:15 ----A---- C:\WINDOWS\system32\hmkd.dll
2016-05-11 14:02:15 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 14:02:14 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-05-11 14:02:14 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-05-11 14:02:14 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 14:02:14 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2016-05-11 14:02:14 ----A---- C:\WINDOWS\system32\cryptngc.dll
2016-05-11 14:02:13 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2016-05-11 14:02:13 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2016-05-11 14:02:13 ----A---- C:\WINDOWS\SYSWOW64\ByteCodeGenerator.exe
2016-05-11 14:02:13 ----A---- C:\WINDOWS\SYSWOW64\BrowserSettingSync.dll
2016-05-11 14:02:13 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 14:02:10 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2016-05-11 14:02:10 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2016-05-11 14:02:10 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2016-05-11 14:02:10 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 14:02:10 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 14:02:10 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-05-11 14:02:10 ----A---- C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 14:02:09 ----A---- C:\WINDOWS\SYSWOW64\wshbth.dll
2016-05-11 14:02:09 ----A---- C:\WINDOWS\SYSWOW64\wlansec.dll
2016-05-11 14:02:09 ----A---- C:\WINDOWS\system32\wshbth.dll
2016-05-11 14:02:09 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 14:02:09 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 14:02:08 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 14:02:08 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 14:02:08 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-05-07 07:55:12 ----D---- C:\Users\TEMP.Segepe.001\AppData\Roaming\Rise_Of_TB_Instaler
2016-05-06 21:43:23 ----D---- C:\Users\TEMP.Segepe.001\AppData\Roaming\Crystal Dynamics
2016-04-29 18:25:43 ----AD---- C:\Program Files (x86)\AMD
2016-04-22 17:52:36 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll
2016-04-22 17:52:36 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll
2016-04-22 17:52:36 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll
2016-04-22 17:52:36 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll
2016-04-22 17:52:36 ----A---- C:\WINDOWS\system32\mantleaxl64.dll
2016-04-22 17:52:36 ----A---- C:\WINDOWS\system32\mantle64.dll
2016-04-22 17:52:36 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll
2016-04-22 17:52:36 ----A---- C:\WINDOWS\system32\dgtrayicon.exe
2016-04-22 17:52:36 ----A---- C:\WINDOWS\system32\detoured.dll
2016-04-22 17:52:36 ----A---- C:\WINDOWS\system32\coinst_15.30.dll
2016-04-22 17:52:36 ----A---- C:\WINDOWS\system32\atio6axx.dll
2016-04-22 17:52:36 ----A---- C:\WINDOWS\system32\amdocl64.dll
2016-04-22 17:52:34 ----A---- C:\WINDOWS\SYSWOW64\detoured.dll
2016-04-22 17:52:34 ----A---- C:\WINDOWS\SYSWOW64\atisamu32.dll
2016-04-22 17:52:34 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll
2016-04-22 17:52:34 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
2016-04-22 17:52:34 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe
2016-04-22 17:52:34 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\clinfo.exe
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\atitmm64.dll
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\atisamu64.dll
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\ATIODE.exe
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\atimuixx.dll
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\atiglpxx.dll
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\atig6txx.dll
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\atig6pxx.dll
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\atieah64.exe
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\atidemgy.dll
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\aticaldd64.dll
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\amdocl12cl64.dll
2016-04-22 17:52:32 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll
2016-04-22 17:52:32 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll
2016-04-22 17:52:32 ----A---- C:\WINDOWS\SYSWOW64\amdocl12cl.dll
2016-04-22 17:52:32 ----A---- C:\WINDOWS\system32\aticalrt64.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\SYSWOW64\amdmmcl.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\SYSWOW64\amdmantle32.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\SYSWOW64\amdlvr32.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\system32\OpenCL.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\system32\aticalcl64.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2016-04-22 17:52:30 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\system32\amdmmcl6.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\system32\amdmantle64.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\system32\amdlvr64.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\system32\amdhdl64.dll
2016-04-22 17:52:30 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll
2016-04-22 17:50:34 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
2016-04-22 17:50:34 ----A---- C:\WINDOWS\SYSWOW64\amdxc32.dll
2016-04-22 17:50:34 ----A---- C:\WINDOWS\system32\atiumd64.dll
2016-04-22 17:50:34 ----A---- C:\WINDOWS\system32\atiu9p64.dll
2016-04-22 17:50:34 ----A---- C:\WINDOWS\system32\amdxc64.dll
2016-04-22 17:50:32 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
2016-04-22 17:50:32 ----A---- C:\WINDOWS\SYSWOW64\amdhcp32.dll
2016-04-22 17:50:32 ----A---- C:\WINDOWS\SYSWOW64\amdave32.dll
2016-04-22 17:50:32 ----A---- C:\WINDOWS\system32\atimpc64.dll
2016-04-22 17:50:32 ----A---- C:\WINDOWS\system32\amdpcom64.dll
2016-04-22 17:50:32 ----A---- C:\WINDOWS\system32\amdmiracast.dll
2016-04-22 17:50:32 ----A---- C:\WINDOWS\system32\amdhcp64.dll
2016-04-22 17:50:32 ----A---- C:\WINDOWS\system32\amdave64.dll
2016-04-17 10:36:19 ----D---- C:\Users\TEMP.Segepe.001\AppData\Roaming\Avira
2016-04-17 10:35:53 ----D---- C:\Users\TEMP.Segepe.001\AppData\Roaming\Mozilla
2016-04-17 10:34:34 ----A---- C:\WINDOWS\system32\drivers\avnetflt.sys
2016-04-17 10:34:34 ----A---- C:\WINDOWS\system32\drivers\avkmgr.sys
2016-04-17 10:34:34 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2016-04-17 10:34:34 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2016-04-17 10:30:59 ----D---- C:\ProgramData\Avira
2016-04-13 17:59:31 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2016-04-13 17:59:31 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-04-13 17:59:26 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-04-13 17:59:26 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-04-13 17:59:26 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-04-13 17:59:24 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-04-13 17:59:24 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-04-13 17:59:24 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-04-13 17:59:23 ----A---- C:\WINDOWS\system32\wininet.dll
2016-04-13 17:59:21 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-04-13 17:59:18 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-04-13 17:59:18 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 17:59:18 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-04-13 17:59:17 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-04-13 17:59:11 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-04-13 17:59:09 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 17:59:08 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-04-13 17:58:52 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll
2016-04-13 17:58:52 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2016-04-13 17:58:52 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 17:58:52 ----A---- C:\WINDOWS\system32\SRH.dll
2016-04-13 17:58:42 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-04-13 17:58:42 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-04-13 17:58:42 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-04-13 17:58:41 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 17:58:41 ----A---- C:\WINDOWS\system32\InputService.dll
2016-04-13 17:58:37 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 17:58:35 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 17:58:34 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 17:58:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-04-13 17:58:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-04-13 17:58:31 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 17:58:30 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-04-13 17:58:29 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 17:58:29 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 17:58:28 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2016-04-13 17:58:28 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-04-13 17:58:28 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-04-13 17:58:27 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 17:58:26 ----A---- C:\WINDOWS\system32\esent.dll
2016-04-13 17:58:25 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2016-04-13 17:58:24 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-04-13 17:58:24 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 17:58:24 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 17:58:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 17:58:21 ----A---- C:\WINDOWS\system32\winload.exe
2016-04-13 17:58:21 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 17:58:20 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 17:58:20 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-04-13 17:58:19 ----A---- C:\WINDOWS\system32\winresume.exe
2016-04-13 17:58:19 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 17:58:17 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-04-13 17:58:17 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 17:58:17 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 17:58:17 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 17:58:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2016-04-13 17:58:16 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2016-04-13 17:58:16 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 17:58:16 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-04-13 17:58:16 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-04-13 17:58:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 17:58:15 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-04-13 17:58:15 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-04-13 17:58:15 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 17:58:15 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 17:58:14 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2016-04-13 17:58:14 ----A---- C:\WINDOWS\SYSWOW64\AccountsRt.dll
2016-04-13 17:58:13 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2016-04-13 17:58:13 ----A---- C:\WINDOWS\system32\msxml3.dll
2016-04-13 17:58:13 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 17:58:12 ----A---- C:\WINDOWS\SYSWOW64\InputLocaleManager.dll
2016-04-13 17:58:12 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-04-13 17:58:12 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-04-13 17:58:12 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 17:58:11 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-04-13 17:58:11 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 17:58:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-04-13 17:58:10 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 17:58:09 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 17:58:04 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 17:58:04 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-04-13 17:58:03 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2016-04-13 17:58:03 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-04-13 17:58:03 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-04-13 17:58:02 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 17:58:02 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 17:58:02 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 17:58:01 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2016-04-13 17:58:01 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 17:58:01 ----A---- C:\WINDOWS\system32\msi.dll
2016-04-13 17:58:01 ----A---- C:\WINDOWS\system32\drivers\ufx01000.sys
2016-04-13 17:58:01 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-04-13 17:58:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2016-04-13 17:58:00 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2016-04-13 17:58:00 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 17:58:00 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-04-13 17:57:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2016-04-13 17:57:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2016-04-13 17:57:59 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2016-04-13 17:57:59 ----A---- C:\WINDOWS\system32\LsaIso.exe
2016-04-13 17:57:59 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2016-04-13 17:57:59 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 17:57:58 ----A---- C:\WINDOWS\SYSWOW64\msorcl32.dll
2016-04-13 17:57:58 ----A---- C:\WINDOWS\system32\profsvc.dll
2016-04-13 17:57:58 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 17:57:58 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2016-04-13 17:57:58 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 17:57:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2016-04-13 17:57:56 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 17:57:56 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-04-13 17:57:56 ----A---- C:\WINDOWS\system32\ncbservice.dll
2016-04-13 17:57:56 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 17:57:56 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-04-13 17:57:55 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 17:57:55 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 17:57:55 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 17:57:55 ----A---- C:\WINDOWS\system32\omadmapi.dll
2016-04-13 17:57:55 ----A---- C:\WINDOWS\system32\fveui.dll
2016-04-13 17:57:55 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-04-13 17:57:54 ----A---- C:\WINDOWS\SYSWOW64\srvcli.dll
2016-04-13 17:57:54 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2016-04-13 17:57:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 17:57:53 ----A---- C:\WINDOWS\SYSWOW64\netapi32.dll
2016-04-13 17:57:53 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2016-04-13 17:57:53 ----A---- C:\WINDOWS\system32\srvcli.dll
2016-04-13 17:57:53 ----A---- C:\WINDOWS\system32\netapi32.dll
2016-04-13 17:57:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2016-04-13 17:57:52 ----A---- C:\WINDOWS\system32\wkscli.dll
2016-04-13 17:57:51 ----A---- C:\WINDOWS\SYSWOW64\wkscli.dll
2016-04-13 17:57:51 ----A---- C:\WINDOWS\system32\oleacc.dll
2016-04-13 17:57:51 ----A---- C:\WINDOWS\system32\iuilp.dll
2016-04-13 17:57:51 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2016-04-13 17:57:51 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-04-13 17:57:51 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2016-04-13 17:57:51 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 17:57:50 ----A---- C:\WINDOWS\SYSWOW64\WSDApi.dll
2016-04-13 17:57:50 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.dll
2016-04-13 17:57:50 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2016-04-13 17:57:50 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-04-13 17:57:50 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 17:57:50 ----A---- C:\WINDOWS\system32\easinvoker.exe
2016-04-13 17:57:50 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-04-13 17:57:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2016-04-13 17:57:49 ----A---- C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 17:57:49 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 17:57:49 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 17:57:49 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 17:57:49 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 17:57:48 ----A---- C:\WINDOWS\system32\credprovhost.dll
2016-04-13 17:57:46 ----A---- C:\WINDOWS\system32\easwrt.dll
2016-04-13 17:57:45 ----A---- C:\WINDOWS\SYSWOW64\wsdchngr.dll
2016-04-13 17:57:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 17:57:45 ----A---- C:\WINDOWS\SYSWOW64\NotificationObjFactory.dll
2016-04-13 17:57:45 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 17:57:45 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 17:57:45 ----A---- C:\WINDOWS\system32\dmcsps.dll
2016-04-13 17:57:45 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-04-13 17:57:44 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2016-04-13 17:57:44 ----A---- C:\WINDOWS\system32\WSDApi.dll
2016-04-13 17:57:44 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 17:57:43 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 17:57:43 ----A---- C:\WINDOWS\system32\basesrv.dll
2016-04-13 17:57:42 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2016-04-13 17:57:42 ----A---- C:\WINDOWS\SYSWOW64\browcli.dll
2016-04-13 17:57:42 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 17:57:42 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 17:57:42 ----A---- C:\WINDOWS\system32\fvewiz.dll
2016-04-13 17:57:42 ----A---- C:\WINDOWS\system32\browser.dll
2016-04-13 17:57:42 ----A---- C:\WINDOWS\system32\browcli.dll
2016-04-13 17:57:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 17:57:41 ----A---- C:\WINDOWS\SYSWOW64\easwrt.dll
2016-04-13 17:57:41 ----A---- C:\WINDOWS\system32\tbauth.dll
2016-04-13 17:57:41 ----A---- C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 17:57:41 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-04-13 17:57:41 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-04-13 17:57:41 ----A---- C:\WINDOWS\system32\BFE.DLL
2016-04-13 17:57:40 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 17:57:40 ----A---- C:\WINDOWS\system32\samlib.dll
2016-04-13 17:57:39 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 17:57:38 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2016-04-13 17:57:38 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2016-04-13 17:57:38 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2016-04-13 17:57:38 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 17:57:38 ----A---- C:\WINDOWS\system32\FontProvider.dll
2016-04-13 17:57:38 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2016-04-13 17:57:37 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 17:57:36 ----A---- C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 17:57:35 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2016-04-13 17:57:35 ----A---- C:\WINDOWS\SYSWOW64\OnDemandConnRouteHelper.dll
2016-04-13 17:57:35 ----A---- C:\WINDOWS\SYSWOW64\mtxoci.dll
2016-04-13 17:57:35 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-04-13 17:57:35 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-04-13 17:57:35 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 17:57:34 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.V2.dll
2016-04-13 17:57:34 ----A---- C:\WINDOWS\SYSWOW64\oleacchooks.dll
2016-04-13 17:57:34 ----A---- C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 17:57:34 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 17:57:33 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
2016-04-13 17:57:33 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-04-13 17:57:33 ----A---- C:\WINDOWS\system32\MTF.dll
2016-03-14 16:48:23 ----D---- C:\Users\TEMP.Segepe.001\AppData\Roaming\ATI
2016-03-13 18:23:57 ----D---- C:\Program Files (x86)\Megasoft Security
2016-03-13 18:23:54 ----D---- C:\Users\TEMP.Segepe.001\AppData\Roaming\Better Menager
2016-03-10 21:46:37 ----D---- C:\ProgramData\Avg_Update_0316av

======List of files/folders modified in the last 3 months======

2016-06-09 14:42:26 ----D---- C:\WINDOWS\Temp
2016-06-09 14:42:26 ----D---- C:\Program Files\trend micro
2016-06-09 14:42:09 ----D---- C:\Users\TEMP.Segepe.001\AppData\Roaming\uTorrent
2016-06-09 14:40:26 ----HD---- C:\Program Files\WindowsApps
2016-06-09 14:40:20 ----D---- C:\WINDOWS\AppReadiness
2016-06-09 14:28:09 ----D---- C:\WINDOWS\system32\sru
2016-06-08 20:19:11 ----D---- C:\WINDOWS\Prefetch
2016-06-08 19:55:14 ----D---- C:\WINDOWS\System32
2016-06-08 19:55:14 ----D---- C:\WINDOWS\INF
2016-06-08 19:55:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-08 14:19:28 ----D---- C:\WINDOWS\system32\config
2016-06-08 14:16:37 ----D---- C:\WINDOWS\Microsoft.NET
2016-06-05 09:53:05 ----SHD---- C:\System Volume Information
2016-06-04 17:47:55 ----AD---- C:\KMPlayer
2016-06-04 17:05:04 ----RD---- C:\Program Files (x86)
2016-06-04 17:04:21 ----D---- C:\Hry
2016-06-03 12:55:00 ----D---- C:\WINDOWS\Tasks
2016-06-03 04:37:10 ----HD---- C:\ProgramData
2016-06-03 04:36:39 ----D---- C:\ProgramData\Package Cache
2016-06-02 20:17:50 ----RSD---- C:\WINDOWS\assembly
2016-05-26 04:34:58 ----SHDC---- C:\WINDOWS\Installer
2016-05-23 20:55:30 ----D---- C:\Program Files (x86)\Steam
2016-05-16 18:07:26 ----D---- C:\WINDOWS\system32\drivers
2016-05-16 15:03:11 ----D---- C:\WINDOWS\WinSxS
2016-05-16 14:17:21 ----D---- C:\ProgramData\CanonIJPLM
2016-05-15 19:04:48 ----D---- C:\ProgramData\Origin
2016-05-14 15:36:05 ----D---- C:\WINDOWS\rescache
2016-05-14 15:29:10 ----D---- C:\WINDOWS\CbsTemp
2016-05-14 15:29:09 ----D---- C:\WINDOWS\SysWOW64
2016-05-14 11:06:23 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrB.exe
2016-05-12 12:01:00 ----D---- C:\WINDOWS\system32\DriverStore
2016-05-12 11:58:47 ----D---- C:\WINDOWS\system32\catroot2
2016-05-12 09:24:12 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrA.exe
2016-05-12 03:32:20 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-05-12 03:32:20 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-05-12 03:32:12 ----D---- C:\WINDOWS\system32\oobe
2016-05-12 03:32:11 ----D---- C:\WINDOWS\system32\migration
2016-05-12 03:32:11 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-05-12 03:32:11 ----D---- C:\WINDOWS\system32\cs-CZ
2016-05-12 03:32:11 ----D---- C:\WINDOWS\system32\appraiser
2016-05-12 03:32:04 ----D---- C:\WINDOWS\Provisioning
2016-05-12 03:32:00 ----D---- C:\WINDOWS\bcastdvr
2016-05-12 03:32:00 ----D---- C:\WINDOWS\AppPatch
2016-05-12 03:32:00 ----D---- C:\Windows
2016-05-12 03:32:00 ----D---- C:\Program Files\Windows Journal
2016-05-12 03:32:00 ----D---- C:\Program Files\Internet Explorer
2016-05-12 03:32:00 ----D---- C:\Program Files (x86)\Internet Explorer
2016-05-11 21:57:14 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-05-11 21:16:19 ----D---- C:\Program Files (x86)\Origin Games
2016-05-11 14:32:50 ----D---- C:\ProgramData\Microsoft Help
2016-05-11 14:30:18 ----D---- C:\WINDOWS\system32\MRT
2016-05-11 14:13:06 ----D---- C:\WINDOWS\system32\Tasks
2016-05-11 14:09:35 ----A---- C:\WINDOWS\system32\MRT.exe
2016-05-07 21:48:45 ----AD---- C:\Program Files (x86)\MyDrive Connect
2016-05-06 18:47:53 ----D---- C:\Program Files (x86)\EA GAMES
2016-05-06 18:42:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-05-06 18:41:30 ----RD---- C:\Program Files
2016-05-05 20:44:14 ----D---- C:\ProgramData\AMD
2016-04-29 18:47:26 ----D---- C:\Program Files (x86)\Origin
2016-04-29 18:25:28 ----AD---- C:\Program Files\AMD
2016-04-29 18:24:10 ----D---- C:\AMD
2016-04-23 10:27:45 ----D---- C:\ProgramData\MFAData
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\atiesrxx.exe
2016-04-22 17:52:34 ----A---- C:\WINDOWS\system32\atieclxx.exe
2016-04-22 17:50:34 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll
2016-04-22 17:50:34 ----A---- C:\WINDOWS\SYSWOW64\atiumdva.dll
2016-04-22 17:50:34 ----A---- C:\WINDOWS\SYSWOW64\atiumdag.dll
2016-04-22 17:50:34 ----A---- C:\WINDOWS\SYSWOW64\atiu9pag.dll
2016-04-22 17:50:34 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
2016-04-22 17:50:34 ----A---- C:\WINDOWS\system32\atiuxp64.dll
2016-04-22 17:50:34 ----A---- C:\WINDOWS\system32\atiumd6a.dll
2016-04-22 17:50:34 ----A---- C:\WINDOWS\system32\atidxx64.dll
2016-04-22 17:50:32 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll
2016-04-22 17:50:32 ----A---- C:\WINDOWS\system32\aticfx64.dll
2016-04-18 13:54:13 ----AD---- C:\ProgramData\AVG
2016-04-18 13:51:54 ----HD---- C:\WINDOWS\ELAMBKUP
2016-04-17 20:57:24 ----D---- C:\WINDOWS\system32\CatRoot
2016-04-17 20:56:03 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-04-17 20:56:03 ----D---- C:\WINDOWS\system32\Boot
2016-04-17 20:55:58 ----D---- C:\WINDOWS\PolicyDefinitions
2016-04-17 19:13:46 ----D---- C:\WINDOWS\LiveKernelReports
2016-04-17 10:35:59 ----D---- C:\Program Files (x86)\Avira
2016-04-07 19:21:01 ----D---- C:\Program Files (x86)\Rockstar Games
2016-04-07 19:20:52 ----D---- C:\Program Files\Rockstar Games
2016-03-24 15:39:48 ----D---- C:\WINDOWS\system32\NDF
2016-03-22 20:06:49 ----SD---- C:\Users\TEMP.Segepe.001\AppData\Roaming\Microsoft
2016-03-13 18:43:42 ----D---- C:\WINDOWS\system32\wbem
2016-03-13 18:36:03 ----D---- C:\WINDOWS\registration
2016-03-13 18:31:11 ----D---- C:\WINDOWS\Logs
2016-03-10 22:22:31 ----D---- C:\Program Files\Windows Portable Devices
2016-03-10 22:22:31 ----D---- C:\Program Files\Windows Multimedia Platform
2016-03-10 22:22:31 ----D---- C:\Program Files\Windows Media Player
2016-03-10 22:22:31 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-03-10 22:22:31 ----D---- C:\Program Files (x86)\Windows Multimedia Platform

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2016-05-16 146712]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2016-02-22 35488]
R1 dtsoftbus01;@oem46.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-05-01 283064]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2016-02-22 128664]
R2 avnetflt;avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [2016-05-16 78208]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2016-04-22 23969776]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2016-04-22 679912]
R3 AtiHDAudioService;@oem38.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-05-28 102912]
R3 dtlitescsibus;@oem15.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-10-31 30264]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2015-10-30 121344]
R3 MarvinBus;@oem8.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 RTSUER;@oem52.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-11-06 402136]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2015-12-11 551936]
S0 amdkmafd;@oem35.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-12-11 117248]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 htcnprot;@oem41.inf,%NDISPROT_Desc%;HTC NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [2013-10-17 36928]
S3 HtcVCom32;@oem65.inf,%OEMSerialPortName00%;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [2010-03-09 121800]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2014-05-16 263896]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-04-23 63488]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2016-03-29 258912]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-04-23 131424]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2016-04-22 254960]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2016-05-16 467016]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2016-05-16 467016]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-05-04 276424]
R2 AviraPhantomVPN;Avira Phantom VPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [2016-05-31 226064]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2016-05-12 76152]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-11-20 339456]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
R3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2015-11-29 138752]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2016-05-16 970656]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2016-05-16 1435704]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-21 144200]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-04-26 28552]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1007513c;Hostitel synchronizace_1007513c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1417d4c;Hostitel synchronizace_1417d4c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_156cee5;Hostitel synchronizace_156cee5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_48169;Hostitel synchronizace_48169; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_84b52d;Hostitel synchronizace_84b52d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-01-03 1257504]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-21 144200]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1007513c;Služba zasílání zpráv_1007513c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1417d4c;Služba zasílání zpráv_1417d4c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_156cee5;Služba zasílání zpráv_156cee5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_48169;Služba zasílání zpráv_48169; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_84b52d;Služba zasílání zpráv_84b52d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-10-18 147624]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-04-29 2120712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1007513c;Data kontaktů_1007513c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1417d4c;Data kontaktů_1417d4c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_156cee5;Data kontaktů_156cee5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_48169;Data kontaktů_48169; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_84b52d;Data kontaktů_84b52d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-04-30 835664]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------

#3 Příspěvek od **Rudy** » 09 čer 2016 17:05

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Segepe · #4 Příspěvek od **Segepe** » 09 čer 2016 19:34

# AdwCleaner v5.119 - Log vytvořen 09/06/2016 v 20:24:47
# Aktualizováno 30/05/2016 by Xplode
# Databáze : 2016-06-07.1 [Server]
# Operační system : Windows 10 Home (X64)
# Uživatelské jméno : Segepe - SEGEPE
# Spuštěno z : C:\Users\TEMP.Segepe.001\Desktop\adwcleaner_5.119.exe
# Nastavení : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****

[-] Služba Smazáno : ICQ Service

***** [ Složky ] *****

[-] Složka Smazáno : C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777
[-] Složka Smazáno : C:\ProgramData\ICQ\ICQToolbar
[-] Složka Smazáno : C:\ProgramData\simplitec
[-] Složka Smazáno : C:\ProgramData\tencent
[-] Složka Smazáno : C:\ProgramData\TXQMPC
[-] Složka Smazáno : C:\ProgramData\ytd video downloader
[#] Složka Smazáno : C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777
[-] Složka Smazáno : C:\ProgramData\Avg_Update_0116av
[-] Složka Smazáno : C:\ProgramData\Avg_Update_0316av
[-] Složka Smazáno : C:\ProgramData\Avg_Update_1215av
[-] Složka Smazáno : C:\ProgramData\c6d435b3d7b4c3d6
[-] Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
[-] Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateAdmin
[-] Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[-] Složka Smazáno : C:\Program Files (x86)\ICQ6Toolbar
[-] Složka Smazáno : C:\Program Files (x86)\Megasoft Security
[-] Složka Smazáno : C:\Program Files (x86)\Prompt Downloader
[-] Složka Smazáno : C:\Program Files (x86)\Record Page
[-] Složka Smazáno : C:\Program Files (x86)\simplitec
[-] Složka Smazáno : C:\Program Files (x86)\tencent
[-] Složka Smazáno : C:\Program Files (x86)\PlusHD-V1.9
[#] Složka Smazáno : C:\Program Files (x86)\Record Page
[-] Složka Smazáno : C:\Program Files (x86)\Common Files\87737dd0-ad90-4193-bd48-336966b8d777
[-] Složka Smazáno : C:\Program Files (x86)\Common Files\tencent
[#] Složka Smazáno : C:\Program Files (x86)\Common Files\87737dd0-ad90-4193-bd48-336966b8d777
[-] Složka Smazáno : C:\Users\TEMP.Segepe.001\AppData\Local\Prompt Downloader
[-] Složka Smazáno : C:\Users\TEMP.Segepe.001\AppData\Local\UpdateAdmin
[-] Složka Smazáno : C:\Users\TEMP.Segepe.001\AppData\Roaming\tencent
[-] Složka Smazáno : C:\Users\TEMP.Segepe.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Složka Smazáno : C:\Program Files\Common Files\tencent
[-] Složka Smazáno : C:\Users\TEMP.Segepe.001\AppData\Local\VirtualStore\Program Files (x86)\tencent

***** [ Soubory ] *****

[-] Soubor Smazáno : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[-] Soubor Smazáno : C:\WINDOWS\Reimage.ini
[-] Soubor Smazáno : C:\WINDOWS\SysNative\drivers\TAOKernel64.sys
[-] Soubor Smazáno : C:\WINDOWS\SysNative\drivers\TFsFltX64.sys

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

[-] Úloha Smazáno : globalUpdateUpdateTaskMachineCore
[-] Úloha Smazáno : globalUpdateUpdateTaskMachineUA
[-] Úloha Smazáno : amiupdaterExd
[-] Úloha Smazáno : amiupdaterExi
[-] Úloha Smazáno : MdmUpdateTaskMachineCore
[-] Úloha Smazáno : simplitec Power Suite (Tray)
[-] Úloha Smazáno : simplitec Power Suite
[-] Úloha Smazáno : AION nextFirstSaturday
[-] Úloha Smazáno : AION nextFirstSunday
[-] Úloha Smazáno : AION 1D

***** [ Registry ] *****

[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\metnsd
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qmgcfiles
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{EC0FA563-E0F2-406F-8659-1E728458A91E}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{88260EA6-BC91-42DF-ABEF-4A683E8A3C23}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{4C097DF1-0716-4FA1-84A9-025BC1E7B03F}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{D1611ACC-4B10-4B34-8CDE-0AE7B2A270A6}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{1FCDF527-B10C-481D-B214-B09EEA106124}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2335267C-DBBA-4DD5-A9D0-C4DB8E6A75A4}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Klíč Smazáno : HKCU\Software\CoinisRevShare
[-] Klíč Smazáno : HKCU\Software\DownloadAdmin
[-] Klíč Smazáno : HKCU\Software\Prompt Downloader
[-] Klíč Smazáno : HKCU\Software\Reimage
[-] Klíč Smazáno : HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Klíč Smazáno : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Klíč Smazáno : HKLM\SOFTWARE\simplitec
[-] Klíč Smazáno : HKLM\SOFTWARE\webssearchesSoftware
[-] Klíč Smazáno : HKLM\SOFTWARE\Mail.Ru
[-] Klíč Smazáno : HKLM\SOFTWARE\PlusHD-V1.9
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9563BC59-9556-4805-8CD4-886781779D8D}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Record Page
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{81F17B54-5D57-485E-88CC-F6D20D66B5E0}
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Reimage
[-] Klíč Smazáno : HKU\.DEFAULT\Software\AppDataLow\Software\PlusHD-V1.9
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\45B71F1875D5E58488CC6F2DD0665B0E
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\45B71F1875D5E58488CC6F2DD0665B0E
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\45B71F1875D5E58488CC6F2DD0665B0E
[-] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{444DB0B2-86FC-48F3-843B-B119B1539E52}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{8DF0DAD9-DB29-45D0-8D55-5B6D7A514964}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{1EC88CD4-187D-4740-936C-5717B9D01628}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{702A8938-633B-4EA2-9582-6504FFF43520}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{C4980F26-B28D-4958-892F-42B070892DBC}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{087252C3-AAB0-47CB-B3EF-3575CB1A249D}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{DBC2BC36-6F8B-4AD7-B20D-CD896E90762F}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{A3A36000-6FCD-4C68-BD44-3FF7525B35C5}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{1039DC35-D3C2-41DC-87C1-62D2E7A7E768}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{A37CCC96-8B8F-43A6-8E71-6B946161B6F0}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{5AFA07E0-56AC-4E24-ABB6-F0D9EB751E0D}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{2ADC8F93-F6A4-4FD9-B9C9-838C296BF370}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{4AA9D190-377B-463C-9DC4-52B5B555DFBC}C:\program files (x86)\simplitec\kmpfaster\serviceprovider.exe]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{7A940F8B-FFBF-4210-B320-FC16008ACBF5}C:\program files (x86)\simplitec\kmpfaster\serviceprovider.exe]
[-] Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdsManPro

***** [ Prohlížeče ] *****

[-] [C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : virtualdj.en.softonic.com
[-] [C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : questhelper.en.softonic.com

*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [11844 bytů] - [09/06/2016 20:24:47]
C:\AdwCleaner\AdwCleaner[R0].txt - [78346 bytů] - [14/07/2014 18:14:18]
C:\AdwCleaner\AdwCleaner[S0].txt - [8303 bytů] - [14/07/2014 18:18:39]
C:\AdwCleaner\AdwCleaner[S1].txt - [12913 bytů] - [09/06/2016 20:18:34]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12139 bytů] ##########

#5 Příspěvek od **Rudy** » 09 čer 2016 20:38

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Segepe · #6 Příspěvek od **Segepe** » 10 čer 2016 12:44

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-06-2016
Ran by Segepe (administrator) on SEGEPE (10-06-2016 04:39:43)
Running from C:\Users\TEMP.Segepe.001\Desktop
Loaded Profiles: Segepe (Available Profiles: Segepe)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(forum.viry.cz) C:\Users\TEMP.Segepe.001\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2012-08-23] (Hewlett-Packard )
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4866760 2015-11-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-05-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\TEMP.Segepe.001\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\TEMP.Segepe.001\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\...\MountPoints2: {9d188602-7f3e-11e5-8d6c-78e3b5c77fba} - "H:\setup.exe"
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\...\MountPoints2: {e0b029d2-8480-11e5-bee8-78e3b5c77fba} - "I:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\TEMP.Segepe.001\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\FileSyncShell64.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\TEMP.Segepe.001\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\FileSyncShell64.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\TEMP.Segepe.001\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64\FileSyncShell64.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\TEMP.Segepe.001\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\FileSyncShell.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\TEMP.Segepe.001\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\FileSyncShell.dll [2015-12-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\TEMP.Segepe.001\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\FileSyncShell.dll [2015-12-11] (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{d16ffe14-5416-45ae-b386-8b79f94c1bf5}: [DhcpNameServer] 10.0.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)

FireFox:
========
FF ProfilePath: C:\Users\TEMP.Segepe.001\AppData\Roaming\Mozilla\Firefox\Profiles\kCKJ51OW.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\TEMP.Segepe.001\AppData\Roaming\Mozilla\Firefox\Profiles\kCKJ51OW.default\Extensions\abs@avira.com.xpi [2016-04-17]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=14482829 ... 6184861848
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!EE1A2AF7BF2711027EEE8ACAF0C3F843EE1A.js [2015-11-24] <==== ATTENTION
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\EE1A2AF7BF2711027EEE8ACAF0C3F843EE1A [2015-11-24] <==== ATTENTION

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Profile: C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-21]
CHR Extension: (Dokumenty Google) - C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-21]
CHR Extension: (Disk Google) - C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-21]
CHR Extension: (YouTube) - C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-21]
CHR Extension: (Calendar and Countdown) - C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\caplfhpahpkhhckglldpmdmjclabckhc [2016-05-23]
CHR Extension: (Vyhledávání Google) - C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-21]
CHR Extension: (Tabulky Google) - C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-21]
CHR Extension: (Avira Browser Safety) - C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-05-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\TEMP.Segepe.001\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-21]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-11-29] () [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-05-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-05-16] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [276424 2016-05-04] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [226064 2016-05-31] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1257504 2016-01-03] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-04-29] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-08-02] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-05-12] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-02-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-02-22] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-16] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-31] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-05-01] (Disc Soft Ltd)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-11-06] (Realsil Semiconductor Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-10 04:37 - 2016-06-10 04:37 - 00057445 _____ C:\Users\TEMP.Segepe.001\Desktop\FRST3.txt
2016-06-10 04:36 - 2016-06-10 04:37 - 00069198 _____ C:\Users\TEMP.Segepe.001\Desktop\Addition.txt
2016-06-10 04:35 - 2016-06-10 04:39 - 00018925 _____ C:\Users\TEMP.Segepe.001\Desktop\FRST.txt
2016-06-10 04:35 - 2016-06-10 04:39 - 00000000 ____D C:\FRST
2016-06-10 04:33 - 2016-06-10 04:34 - 00112640 _____ (forum.viry.cz) C:\Users\TEMP.Segepe.001\Desktop\FRSTLauncher.exe
2016-06-10 04:32 - 2016-06-10 04:34 - 02385408 _____ (Farbar) C:\Users\TEMP.Segepe.001\Desktop\FRST64.exe
2016-06-09 20:17 - 2016-06-09 20:17 - 03677248 _____ C:\Users\TEMP.Segepe.001\Desktop\adwcleaner_5.119.exe
2016-06-09 14:42 - 2016-06-09 14:42 - 00000000 ____D C:\rsit
2016-06-09 14:34 - 2016-06-09 14:34 - 01222144 _____ C:\Users\TEMP.Segepe.001\Desktop\RSITx64.exe
2016-06-08 17:57 - 2016-06-08 18:14 - 00000000 ____D C:\Users\TEMP.Segepe.001\Downloads\Elysium
2016-06-05 21:40 - 2016-06-06 19:16 - 1599231256 _____ C:\Users\TEMP.Segepe.001\Downloads\pop-brip.avi
2016-06-05 17:24 - 2016-06-05 18:19 - 1896728416 _____ C:\Users\TEMP.Segepe.001\Downloads\13.Hours.The.Secret.Soldiers.of.Benghazi.2016.BRRip.XViD.AC3.CZ-PiRaTE.avi
2016-06-03 04:37 - 2016-06-03 04:37 - 00000000 ____D C:\ProgramData\dbdata
2016-06-02 19:52 - 2016-06-02 19:52 - 00000234 _____ C:\Users\TEMP.Segepe.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Far Cry Primal.url
2016-06-02 19:35 - 2016-06-02 19:35 - 00001281 _____ C:\Users\TEMP.Segepe.001\Desktop\Uplay.lnk
2016-06-02 19:35 - 2016-06-02 19:35 - 00000000 ____D C:\Users\TEMP.Segepe.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-05-14 09:25 - 2016-05-14 09:25 - 00001250 _____ C:\Users\TEMP.Segepe.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNext.lnk
2016-05-13 17:52 - 2016-05-13 17:52 - 05995712 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-05-12 09:24 - 2016-05-12 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield Hardline
2016-05-11 14:03 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-11 14:03 - 2016-04-23 06:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 14:03 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 14:03 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-11 14:03 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-11 14:03 - 2016-04-23 06:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 14:03 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-11 14:03 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-11 14:03 - 2016-04-23 06:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 14:03 - 2016-04-23 06:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 14:03 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 14:03 - 2016-04-23 06:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 14:03 - 2016-04-23 06:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 14:03 - 2016-04-23 06:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 14:03 - 2016-04-23 06:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 14:03 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-11 14:03 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-11 14:03 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-11 14:03 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-11 14:03 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-11 14:03 - 2016-04-23 06:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 14:03 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-11 14:03 - 2016-04-23 06:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 14:03 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-11 14:03 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-11 14:02 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 14:02 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-11 14:02 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 14:02 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 14:02 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 14:02 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 14:02 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 14:02 - 2016-05-06 05:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 14:02 - 2016-04-30 08:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 14:02 - 2016-04-30 08:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 14:02 - 2016-04-23 08:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 14:02 - 2016-04-23 08:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 14:02 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 14:02 - 2016-04-23 08:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 14:02 - 2016-04-23 08:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 14:02 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 14:02 - 2016-04-23 08:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 14:02 - 2016-04-23 08:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 14:02 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-11 14:02 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-11 14:02 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-11 14:02 - 2016-04-23 07:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 14:02 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 14:02 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 14:02 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 14:02 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 14:02 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 14:02 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 14:02 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 14:02 - 2016-04-23 07:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 14:02 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-11 14:02 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-11 14:02 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-11 14:02 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-11 14:02 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-11 14:02 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 14:02 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 14:02 - 2016-04-23 07:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 14:02 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 14:02 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 14:02 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 14:02 - 2016-04-23 07:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 14:02 - 2016-04-23 07:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 14:02 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-11 14:02 - 2016-04-23 07:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 14:02 - 2016-04-23 07:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 14:02 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-11 14:02 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-11 14:02 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-11 14:02 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-11 14:02 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 14:02 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-11 14:02 - 2016-04-23 07:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 14:02 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-11 14:02 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 14:02 - 2016-04-23 07:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 14:02 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 14:02 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 14:02 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-11 14:02 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 14:02 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-11 14:02 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 14:02 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-11 14:02 - 2016-04-23 07:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 14:02 - 2016-04-23 07:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 14:02 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 14:02 - 2016-04-23 07:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 14:02 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-11 14:02 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-11 14:02 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 14:02 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 14:02 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 14:02 - 2016-04-23 07:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 14:02 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-11 14:02 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 14:02 - 2016-04-23 07:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-11 14:02 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-11 14:02 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 14:02 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-11 14:02 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 14:02 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 14:02 - 2016-04-23 06:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 14:02 - 2016-04-23 06:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 14:02 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 14:02 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 14:02 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 14:02 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 14:02 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 14:02 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 14:02 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 14:02 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 14:02 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 14:02 - 2016-04-23 06:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 14:02 - 2016-04-23 06:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 14:02 - 2016-04-23 06:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 14:02 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-11 14:02 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-11 14:02 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 14:02 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 14:02 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 14:02 - 2016-04-23 06:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 14:02 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-11 14:02 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-11 14:02 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-11 14:02 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 14:02 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 14:02 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 14:02 - 2016-04-23 06:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 14:02 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-11 14:02 - 2016-04-23 06:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 14:02 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-11 14:02 - 2016-04-23 06:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 14:02 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 14:02 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 14:02 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 14:02 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 14:02 - 2016-04-23 06:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 14:02 - 2016-04-23 06:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-11 14:02 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 14:02 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 14:02 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 14:02 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 14:02 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 14:02 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-11 14:02 - 2016-04-23 06:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 14:02 - 2016-04-23 06:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 14:02 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 14:02 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 14:02 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-11 14:02 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-11 14:02 - 2016-04-23 06:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 14:02 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 14:02 - 2016-04-23 06:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 14:02 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 14:02 - 2016-04-23 06:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 14:02 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 14:02 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 14:02 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-11 14:02 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-11 14:02 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 14:02 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-11 14:02 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-11 14:02 - 2016-04-23 06:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 14:02 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 14:02 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 14:02 - 2016-04-23 06:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 14:02 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 14:02 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 14:02 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 14:02 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 14:02 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-11 14:02 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 14:02 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 14:02 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-11 14:02 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-11 14:02 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 14:02 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 14:02 - 2016-04-23 06:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 14:02 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 14:02 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 14:02 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 14:02 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-11 14:02 - 2016-04-23 06:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 14:02 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 14:02 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 14:02 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-11 14:02 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-11 14:02 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-11 14:02 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-11 14:02 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-11 14:02 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-11 14:02 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-11 14:02 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-11 14:02 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-11 14:02 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-11 14:02 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-11 14:02 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-11 14:02 - 2016-04-23 06:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 14:02 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-11 14:02 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 14:02 - 2016-04-23 06:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 14:02 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 14:02 - 2016-04-23 06:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 14:02 - 2016-04-23 06:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 14:02 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 14:02 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-11 14:02 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 14:02 - 2016-04-23 06:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 14:02 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-11 14:02 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-11 14:02 - 2016-04-23 06:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 14:02 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-11 14:02 - 2016-04-23 06:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 14:02 - 2016-04-23 06:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 14:02 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-11 14:02 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-11 14:02 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-11 14:02 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-11 14:02 - 2016-04-23 06:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 14:02 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 14:02 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 14:02 - 2016-04-23 06:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 14:02 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 14:02 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-11 14:02 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 14:02 - 2016-04-23 04:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 14:02 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-10 04:31 - 2015-11-28 14:49 - 00004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CF55047E-308E-46C7-AA00-480044E9414B}
2016-06-10 04:28 - 2015-08-05 15:56 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-09 20:52 - 2014-05-01 22:13 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-09 20:35 - 2015-10-30 21:52 - 01908636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-09 20:35 - 2015-10-30 20:31 - 00795214 _____ C:\WINDOWS\system32\perfh005.dat
2016-06-09 20:35 - 2015-10-30 20:31 - 00173976 _____ C:\WINDOWS\system32\perfc005.dat
2016-06-09 20:35 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-09 20:30 - 2015-12-11 11:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-09 20:29 - 2015-12-11 10:44 - 00000000 ____D C:\Users\TEMP.Segepe.001
2016-06-09 20:29 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-09 20:24 - 2015-04-09 21:48 - 00000000 ____D C:\ProgramData\ICQ
2016-06-09 20:24 - 2014-07-14 18:14 - 00000000 ____D C:\AdwCleaner
2016-06-09 20:18 - 2015-08-05 15:56 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-09 15:20 - 2015-12-21 12:59 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-09 14:51 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-09 14:51 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-09 14:42 - 2015-10-31 10:26 - 00000000 ____D C:\Users\TEMP.Segepe.001\AppData\Roaming\uTorrent
2016-06-09 14:42 - 2014-07-14 17:19 - 00000000 ____D C:\Program Files\trend micro
2016-06-08 17:54 - 2015-10-31 01:12 - 00000000 ___RD C:\Users\TEMP.Segepe.001\Desktop\Hry
2016-06-05 09:02 - 2015-11-03 21:33 - 00000000 ____D C:\Users\TEMP.Segepe.001\Desktop\Prodej
2016-06-04 18:11 - 2014-05-01 18:32 - 00000000 ____D C:\Users\Věci z plochy
2016-06-04 17:47 - 2014-09-16 17:06 - 00000000 ____D C:\KMPlayer
2016-06-04 17:04 - 2015-12-11 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2016-06-04 17:04 - 2015-10-31 01:27 - 00000000 ____D C:\Users\TEMP.Segepe.001\Documents\My Games
2016-06-04 17:04 - 2014-05-01 21:45 - 00000000 ____D C:\Hry
2016-06-03 12:55 - 2015-09-05 08:30 - 00000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForSegepe.job
2016-06-03 04:36 - 2015-12-11 10:40 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-02 19:49 - 2015-11-17 18:37 - 00000000 ____D C:\Users\TEMP.Segepe.001\AppData\Local\Ubisoft Game Launcher
2016-06-02 19:46 - 2016-04-17 10:36 - 00001132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira Phantom VPN.lnk
2016-05-26 04:34 - 2016-04-17 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-23 20:55 - 2014-05-02 16:09 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-20 22:50 - 2016-02-10 16:00 - 00000600 _____ C:\Users\TEMP.Segepe.001\PUTTY.RND
2016-05-16 18:06 - 2016-04-17 10:34 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-05-16 18:06 - 2016-04-17 10:34 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-05-16 14:17 - 2015-06-21 20:21 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-05-15 19:04 - 2014-05-02 16:04 - 00000000 ____D C:\ProgramData\Origin
2016-05-15 12:51 - 2016-05-06 21:43 - 00000000 ____D C:\Users\TEMP.Segepe.001\Documents\Rise of the Tomb Raider
2016-05-14 15:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-14 15:29 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-14 11:06 - 2014-05-02 03:54 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-05-12 09:24 - 2014-05-02 03:54 - 00291496 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-05-12 09:24 - 2014-05-02 03:53 - 00076152 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-05-12 04:30 - 2015-09-10 07:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-12 03:32 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-12 03:32 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-12 03:32 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-12 03:32 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-12 03:32 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-12 03:31 - 2015-10-30 09:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 21:57 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 21:16 - 2014-05-02 16:07 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-05-11 14:30 - 2014-05-01 19:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 14:13 - 2015-08-05 15:56 - 00004032 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 14:13 - 2015-08-05 15:56 - 00003800 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 14:09 - 2014-05-01 19:04 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2015-11-25 16:04 - 2015-11-25 16:04 - 0005120 _____ () C:\Users\TEMP.Segepe.001\AppData\Roaming\GiftBag.db
2015-11-14 22:54 - 2015-11-15 01:51 - 0005120 _____ () C:\Users\TEMP.Segepe.001\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
C:\Users\TEMP.Segepe.000\AppData\Local\Temp\avgnt.exe
C:\Users\TEMP.Segepe.001\AppData\Local\Temp\avgnt.exe
C:\Users\TEMP.Segepe.001\AppData\Local\Temp\libeay32.dll
C:\Users\TEMP.Segepe.001\AppData\Local\Temp\msvcr120.dll
C:\Users\TEMP.Segepe.001\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-06-04 13:09

==================== End of FRST.txt ============================

#7 Příspěvek od **Rudy** » 10 čer 2016 16:51

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\...\MountPoints2: {9d188602-7f3e-11e5-8d6c-78e3b5c77fba} - "H:\setup.exe"
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\...\MountPoints2: {e0b029d2-8480-11e5-bee8-78e3b5c77fba} - "I:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!EE1A2AF7BF2711027EEE8ACAF0C3F843EE1A.js [2015-11-24] <==== ATTENTION
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\EE1A2AF7BF2711027EEE8ACAF0C3F843EE1A [2015-11-24] <==== ATTENTION
U3 aspnet_state; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\TEMP.Segepe.001\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\TEMP.Segepe.000\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Segepe · #8 Příspěvek od **Segepe** » 10 čer 2016 17:02

Fix result of Farbar Recovery Scan Tool (x64) Version:09-06-2016
Ran by Segepe (2016-06-10 18:00:35) Run:2
Running from C:\Users\TEMP.Segepe.001\Desktop
Loaded Profiles: Segepe (Available Profiles: Segepe)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\...\MountPoints2: {9d188602-7f3e-11e5-8d6c-78e3b5c77fba} - "H:\setup.exe"
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\...\MountPoints2: {e0b029d2-8480-11e5-bee8-78e3b5c77fba} - "I:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!EE1A2AF7BF2711027EEE8ACAF0C3F843EE1A.js [2015-11-24] <==== ATTENTION
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\EE1A2AF7BF2711027EEE8ACAF0C3F843EE1A [2015-11-24] <==== ATTENTION
U3 aspnet_state; no ImagePath
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\TEMP.Segepe.001\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\TEMP.Segepe.000\AppData\Local\Temp
End
*****************

HKU\S-1-5-21-2896274908-776685517-1184625683-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d188602-7f3e-11e5-8d6c-78e3b5c77fba} => key not found.
HKCR\CLSID\{9d188602-7f3e-11e5-8d6c-78e3b5c77fba} => key not found.
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e0b029d2-8480-11e5-bee8-78e3b5c77fba} => key not found.
HKCR\CLSID\{e0b029d2-8480-11e5-bee8-78e3b5c77fba} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key not found.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1 => key not found.
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2 => key not found.
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3 => key not found.
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4 => key not found.
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found.
HKLM\SOFTWARE\Policies\Google => key not found.
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-2896274908-776685517-1184625683-1001\Software\Microsoft\Internet Explorer\Main\\First Home Page => value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.5.1 => key not found.
HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2 => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.3.2 => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0 => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1 => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2 => key not found.
"C:\Program Files (x86)\mozilla firefox\defaults\pref\!EE1A2AF7BF2711027EEE8ACAF0C3F843EE1A.js" => not found.
"C:\Program Files (x86)\mozilla firefox\EE1A2AF7BF2711027EEE8ACAF0C3F843EE1A" => not found.
aspnet_state => service not found.
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job" => not found.
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job" => not found.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found.
"C:\Users\TEMP.Segepe.001\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found.
"C:\Users\TEMP.Segepe.000\AppData\Local\Temp" => not found.

==== End of Fixlog 18:00:36 ====

#9 Příspěvek od **Rudy** » 10 čer 2016 17:59

Smazáno, log by již měl být OK.

Segepe · #10 Příspěvek od **Segepe** » 10 čer 2016 19:10

Děkuji moc

#11 Příspěvek od **Rudy** » 10 čer 2016 19:11

Rádo se stalo!

VIRY.CZ

Prosím o kontrolu logu, děkuji

Prosím o kontrolu logu, děkuji

Re: Prosím o kontrolu logu, děkuji

Re: Prosím o kontrolu logu, děkuji

Re: Prosím o kontrolu logu, děkuji

Re: Prosím o kontrolu logu, děkuji

Re: Prosím o kontrolu logu, děkuji

Re: Prosím o kontrolu logu, děkuji

Re: Prosím o kontrolu logu, děkuji

Re: Prosím o kontrolu logu, děkuji

Re: Prosím o kontrolu logu, děkuji

Re: Prosím o kontrolu logu, děkuji