Prosim o kontrolu logu - Traffic media

[sasha.cz]

Logfile of random's system information tool 1.10 (written by random/random)
Run by sasha.cz at 2016-09-02 21:24:38
Microsoft Windows 10 Home
System drive C: has 25 GB (22%) free of 114 GB
Total RAM: 8137 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:24:42, on 2. 9. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.17071)
Boot mode: Normal

Running processes:
C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\sasha_000\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Users\sasha_000\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
C:\Users\sasha_000\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
C:\Users\sasha_000\AppData\Roaming\GameLauncher\Seviler\Seviler.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
C:\Program Files (x86)\Opera\39.0.2256.48\opera_crashreporter.exe
C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\Users\sasha_000\AppData\Local\Host Service\httpfilter.exe
C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\sasha.cz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [OneDrive] "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\sasha_000\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Seviler] "C:\Users\sasha_000\AppData\Roaming\GameLauncher\Seviler\Seviler.exe"
O4 - HKCU\..\Run: [Host Service] wscript "C:\Users\sasha_000\AppData\Local\Host Service\launchall.js"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DTSAudioService - DTS - C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HPReyos Service - CrabbyCruel Shelter - C:\Users\sasha_000\AppData\Roaming\HPReyos\HPReyosSrv3.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11042 bytes

======Listing Processes======







winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\atiesrxx.exe
atieclxx
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-32716793-bdfb-44e3-b1aa-9d9a7f830c71 -SystemEventPortName:HostProcess-0a3a8cd2-29ab-4876-85fa-e9d9202865bf -IoCancelEventPortName:HostProcess-1a104b19-968c-4db4-a1f1-bf661175ecbc -NonStateChangingEventPortName:HostProcess-dffa69dc-463a-4257-9f4c-6046d9cb387a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0b1ee592-d2a5-459e-90e1-f6cac0f2809a -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\SysWOW64\ASGT.exe
"C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe"
C:\Users\sasha_000\AppData\Roaming\HPReyos\HPReyosSrv3.exe
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
"C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\SysWOW64\PnkBstrA.exe

dashost.exe {e3d40ff8-265b-4d9d-a35ad99c61a338c6}
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE

"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORDTSUPTBT
"C:\Windows\System32\rundll32.exe" "C:\Program Files\BuzzDock\BuzzDock.dll",_
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"fontdrvhost.exe"
"C:\Users\sasha_000\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Users\sasha_000\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe" uTorrent_5532_03A68B90_1561825944 µTorrent4823DF041B09 uTorrent
"C:\Users\sasha_000\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe" uTorrent_5532_03A69770_974741804 µTorrent4823DF041B09 uTorrent
"C:\Users\sasha_000\AppData\Roaming\GameLauncher\Seviler\Seviler.exe"
"C:\Windows\System32\wscript.exe" "C:\Users\sasha_000\AppData\Local\Host Service\launchall.js"
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe" --log_to_file --from_stub --startup
"C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe" --ran-launcher http://ptraleplanty.ru
"C:\Program Files (x86)\Opera\39.0.2256.48\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=588 http://ptraleplanty.ru
"C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe" --type=gpu-process --channel="588.0.962960413\765934580" --mojo-application-channel-token=29A8486F79B456D6689BC22A133F2B92 --enable-features=DownloadResumption --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5504 --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,27,55 --gpu-vendor-id=0x1002 --gpu-device-id=0x6939 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=16.300.2511.1003 --gpu-driver-date=8-30-2016 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5504 --mojo-platform-channel-handle=1444 --ignored=" --type=renderer "
"C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=79F35F0390794782EF218F4BAED61A7E --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5504 --enable-pinch --device-scale-factor=1 --num-raster-threads=3 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=8D7FC114C535EE3124A1E16797CBEED3 --mojo-application-channel-token=177EF9C02D5209C4304ED63289972D09 --channel="588.2.467935860\1184202575" --mojo-platform-channel-handle=2008
"C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=6B1BF9CB265983A43870E7C822836F25 --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5504 --enable-pinch --device-scale-factor=1 --num-raster-threads=3 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=D647D319FB9BB8E8785F0EF07D20B09C --mojo-application-channel-token=9C6A8AF72C6CECFB6591713381FC38D3 --channel="588.3.924525790\2005208931" --mojo-platform-channel-handle=2020
"C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=6BAA5DDC41022C667EDB8E6705FCA097 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5504 --enable-pinch --device-scale-factor=1 --num-raster-threads=3 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=D1CC1ACE8AB3A2DE6437B762A5331C56 --mojo-application-channel-token=6B4CFCB328625A680B9D8CEF2173DCE0 --channel="588.6.1744551884\523142254" --mojo-platform-channel-handle=2756
"C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=4564231CDAF10B51E53C7DAC4ED7C9E4 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5504 --enable-pinch --device-scale-factor=1 --num-raster-threads=3 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=2AD3182D891F8596B609F83C2D4DF922 --mojo-application-channel-token=9138A73366FEB0CD4A72645D97C1B579 --channel="588.7.1074127818\1147734840" --mojo-platform-channel-handle=3944
raptr_im.exe
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr_ep64.exe" 5188
"C:\Users\sasha_000\AppData\Local\Host Service\httpfilter.exe" "C:\Users\sasha_000\AppData\Local\Host Service\settings.ini" "C:\Users\sasha_000\AppData\Local\Host Service\rules.ini"
"C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=40239ACBCA7703166ADAC8D1ED839924 --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5504 --enable-pinch --device-scale-factor=1 --num-raster-threads=3 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=43D979C7B029BE20FDFE19BA167FC5CB --mojo-application-channel-token=CB18213F5A482C9862E30017ABF72F03 --channel="588.9.680310852\1484454067" --mojo-platform-channel-handle=3812
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup

"C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=086CC873063A212981A5BF488A71B6B2 --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5504 --enable-pinch --device-scale-factor=1 --num-raster-threads=3 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=7BC32540A21F969F7E74F5948C5A50AA --mojo-application-channel-token=CC80C1B11DCAD3852595DFEEC8B8FCA1 --channel="588.11.1657278327\671826544" --mojo-platform-channel-handle=5612
C:\WINDOWS\system32\wbem\wmiprvse.exe
chrome.exe "http://ptraleplanty.ru"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\sasha_000\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=52.0.2743.116 --handshake-handle=0x1e4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="824.0.581405337\874132667" --mojo-application-channel-token=DE25A67DDB456435028DD670419999E2 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,27,55 --gpu-vendor-id=0x1002 --gpu-device-id=0x6939 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=16.300.2511.1003 --gpu-driver-date=8-30-2016 --mojo-platform-channel-handle=1312 --ignored=" --type=renderer " /prefetch:2

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=FC529FF5E589158F57CF500C2541E776 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=3 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=84E9229F1CBA71E293B77F8E80323C24 --mojo-application-channel-token=7F5DE023FF72645A0B230379F82EA070 --channel="824.8.1522046260\1304804394" --mojo-platform-channel-handle=5860 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=273CA7A7B6061DBFF6804AF8B86D17B0 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=3 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=951CF1D9915CA3378ECEFE24EF7CF943 --mojo-application-channel-token=EC208DAB0631C89CD7E6FA4D6CC7455D --channel="824.11.1368894020\1128729845" --mojo-platform-channel-handle=3124 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 624 628 636 8192 632
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="824.12.1182888716\1905493909" --ppapi-flash-args --lang=cs --device-scale-factor=1 --mojo-platform-channel-handle=3384 --ignored=" --type=renderer " /prefetch:3
"C:\Users\sasha_000\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Update Service for Youtube AdBlock.job - C:\Program Files (x86)\Youtube AdBlock\fkgeXo6.exe
C:\WINDOWS\tasks\Update Service for Youtube AdBlock2.job -

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-10-07 8529152]
"RtHDVBg_DTS"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-10-07 1411840]
"rundll32"=C:\Program Files\BuzzDock\BuzzDock.dll [2015-05-11 2712064]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-08-30 6625672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-08-19 633024]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2016-06-09 3639280]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-08-26 55100016]
"uTorrent"=C:\Users\sasha_000\AppData\Roaming\uTorrent\uTorrent.exe [2016-08-13 1972224]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]
"Seviler"=C:\Users\sasha_000\AppData\Roaming\GameLauncher\Seviler\Seviler.exe [2016-09-02 2370048]
"Host Service"=wscript C:\Users\sasha_000\AppData\Local\Host Service\launchall.js []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]
"Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]
"Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]
"Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]
"Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]
"Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]
"Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]
"Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Raptr"=C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [2016-08-23 58640]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe []
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SppExtComObj.exe]
"Debugger="SppExtComObjPatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-02 21:24:38 ----D---- C:\rsit
2016-09-02 21:24:38 ----D---- C:\Program Files\trend micro
2016-09-02 18:54:29 ----A---- C:\WINDOWS\Wininit.ini
2016-09-02 16:56:30 ----D---- C:\WINDOWS\LastGood
2016-09-02 16:42:04 ----D---- C:\Program Files (x86)\Youtube AdBlock
2016-09-02 16:41:27 ----D---- C:\Users\sasha_000\AppData\Roaming\GameLauncher
2016-09-02 16:41:00 ----D---- C:\Users\sasha_000\AppData\Roaming\HPReyos
2016-08-31 21:14:21 ----D---- C:\WINDOWS\LastGood.Tmp
2016-08-31 20:40:14 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\system32\mantleaxl64.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\system32\mantle64.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\system32\GameManager64.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\system32\dgtrayicon.exe
2016-08-31 20:40:14 ----A---- C:\WINDOWS\system32\detoured.dll
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\clinfo.exe
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\atiumd6a.dll
2016-08-31 20:40:10 ----A---- C:\WINDOWS\system32\atiumd64.dll
2016-08-31 20:40:08 ----A---- C:\WINDOWS\SYSWOW64\atisamu32.dll
2016-08-31 20:40:08 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll
2016-08-31 20:40:08 ----A---- C:\WINDOWS\system32\atiu9p64.dll
2016-08-31 20:40:08 ----A---- C:\WINDOWS\system32\atitmm64.dll
2016-08-31 20:40:08 ----A---- C:\WINDOWS\system32\atisamu64.dll
2016-08-31 20:40:08 ----A---- C:\WINDOWS\system32\ATIODE.exe
2016-08-31 20:40:08 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2016-08-31 20:40:08 ----A---- C:\WINDOWS\system32\atio6axx.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\system32\atimuixx.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\system32\atimpc64.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\system32\atiglpxx.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\system32\atig6txx.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\system32\atig6pxx.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\system32\atiesrxx.exe
2016-08-31 20:40:04 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe
2016-08-31 20:40:04 ----A---- C:\WINDOWS\system32\atieclxx.exe
2016-08-31 20:40:04 ----A---- C:\WINDOWS\system32\atieah64.exe
2016-08-31 20:40:02 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll
2016-08-31 20:40:02 ----A---- C:\WINDOWS\system32\atidemgy.dll
2016-08-31 20:40:02 ----A---- C:\WINDOWS\system32\aticalrt64.dll
2016-08-31 20:40:02 ----A---- C:\WINDOWS\system32\aticaldd64.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\system32\aticalcl64.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2016-08-31 20:40:00 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\system32\amfrt64.dll
2016-08-31 20:39:58 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2016-08-31 20:39:58 ----A---- C:\WINDOWS\SYSWOW64\amfrt32.dll
2016-08-31 20:39:58 ----A---- C:\WINDOWS\system32\OpenCL.dll
2016-08-31 20:39:58 ----A---- C:\WINDOWS\system32\amdxc64.dll
2016-08-31 20:39:56 ----A---- C:\WINDOWS\SYSWOW64\amdxc32.dll
2016-08-31 20:39:54 ----A---- C:\WINDOWS\SYSWOW64\amdvlk32.dll
2016-08-31 20:39:54 ----A---- C:\WINDOWS\system32\amdvlk64.dll
2016-08-31 20:39:52 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
2016-08-31 20:39:52 ----A---- C:\WINDOWS\SYSWOW64\amdoclvp9lib32.dll
2016-08-31 20:39:52 ----A---- C:\WINDOWS\system32\amdpcom64.dll
2016-08-31 20:39:52 ----A---- C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-08-31 20:39:52 ----A---- C:\WINDOWS\system32\amdocl64.dll
2016-08-31 20:39:52 ----A---- C:\WINDOWS\system32\amdocl12cl64.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\SYSWOW64\amdmmcl.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\SYSWOW64\amdmcl32.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\system32\amdmmcl6.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\system32\amdmiracast.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\system32\amdmcl64.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\system32\amdmantle64.dll
2016-08-31 20:39:48 ----A---- C:\WINDOWS\SYSWOW64\amdmantle32.dll
2016-08-31 20:39:48 ----A---- C:\WINDOWS\SYSWOW64\amdlvr32.dll
2016-08-31 20:39:48 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll
2016-08-31 20:39:48 ----A---- C:\WINDOWS\SYSWOW64\amdhcp32.dll
2016-08-31 20:39:48 ----A---- C:\WINDOWS\system32\amdlvr64.dll
2016-08-31 20:39:48 ----A---- C:\WINDOWS\system32\amdhdl64.dll
2016-08-31 20:39:48 ----A---- C:\WINDOWS\system32\amdhcp64.dll
2016-08-31 20:39:46 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll
2016-08-31 20:39:46 ----A---- C:\WINDOWS\system32\drivers\amdacpksd.sys
2016-08-31 20:39:46 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll
2016-08-31 20:39:46 ----A---- C:\WINDOWS\system32\amdave64.dll
2016-08-31 20:00:05 ----HD---- C:\Program Files\Common Files\EAInstaller
2016-08-31 19:22:32 ----D---- C:\BF1
2016-08-30 16:39:32 ----A---- C:\WINDOWS\system32\amdacpusl.dll
2016-08-30 16:39:18 ----A---- C:\WINDOWS\SYSWOW64\amdacpusl.dll
2016-08-18 17:25:16 ----HDC---- C:\ProgramData\{5D7D8554-ADF2-463E-B6AC-7A857B390410}
2016-08-18 14:53:36 ----HDC---- C:\ProgramData\{571BB2D7-5EB2-4D33-9E0D-0D95E2CB9AE0}
2016-08-18 14:50:06 ----HDC---- C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2016-08-18 13:56:30 ----D---- C:\ProgramData\mia2B23.tmp
2016-08-18 12:22:24 ----HDC---- C:\ProgramData\{42DEBD12-9D09-4B77-B434-2EF604E45D3D}
2016-08-18 12:22:02 ----HDC---- C:\ProgramData\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B}
2016-08-17 16:53:58 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-08-17 16:53:57 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-08-17 16:53:57 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-08-17 16:53:57 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-08-17 16:53:57 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-08-17 16:53:56 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-08-17 16:53:56 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-08-17 16:53:55 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-08-17 16:53:55 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-08-17 16:53:54 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-08-17 16:53:54 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-08-17 16:53:53 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-08-17 16:53:52 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-08-17 16:53:51 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-08-17 16:53:51 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-08-17 16:53:51 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-08-17 16:53:50 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-08-17 16:53:50 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-08-17 16:53:49 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-08-17 16:53:47 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-08-17 16:53:47 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-17 16:53:46 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-08-17 16:53:45 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-17 16:53:45 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-08-17 16:53:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-08-17 16:53:44 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2016-08-17 16:53:43 ----A---- C:\WINDOWS\SYSWOW64\DbgModel.dll
2016-08-17 16:53:43 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2016-08-17 16:53:43 ----A---- C:\WINDOWS\SYSWOW64\dbgcore.dll
2016-08-17 16:53:43 ----A---- C:\WINDOWS\system32\dbgeng.dll
2016-08-17 16:53:43 ----A---- C:\WINDOWS\system32\dbgcore.dll
2016-08-17 16:53:43 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2016-08-17 16:53:42 ----A---- C:\WINDOWS\SYSWOW64\NaturalLanguage6.dll
2016-08-17 16:53:42 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2016-08-17 16:53:42 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-17 16:53:42 ----A---- C:\WINDOWS\system32\NaturalLanguage6.dll
2016-08-17 16:53:42 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-08-17 16:53:40 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-08-17 16:53:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-08-17 16:53:40 ----A---- C:\WINDOWS\system32\wininet.dll
2016-08-17 16:53:39 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-17 16:53:38 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-08-17 16:53:38 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-08-17 16:53:38 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-08-17 16:53:38 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-08-17 16:53:37 ----A---- C:\WINDOWS\SYSWOW64\provcore.dll
2016-08-17 16:53:37 ----A---- C:\WINDOWS\system32\provcore.dll
2016-08-17 16:53:37 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-08-17 16:53:37 ----A---- C:\WINDOWS\system32\certcli.dll
2016-08-17 16:53:35 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2016-08-17 16:53:35 ----A---- C:\WINDOWS\system32\WpcWebSync.dll
2016-08-17 16:53:35 ----A---- C:\WINDOWS\system32\WpcMon.exe
2016-08-17 16:53:35 ----A---- C:\WINDOWS\system32\Wpc.dll
2016-08-17 16:53:34 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-08-17 16:53:34 ----A---- C:\WINDOWS\SYSWOW64\licensingdiag.exe
2016-08-17 16:53:34 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-08-17 16:53:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-08-17 16:53:34 ----A---- C:\WINDOWS\system32\licensingdiag.exe
2016-08-17 16:53:34 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-08-17 16:53:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-08-17 16:53:33 ----A---- C:\WINDOWS\system32\ole32.dll
2016-08-17 16:53:32 ----A---- C:\WINDOWS\system32\tquery.dll
2016-08-17 16:53:32 ----A---- C:\WINDOWS\system32\aclui.dll
2016-08-17 16:53:31 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2016-08-17 16:53:31 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2016-08-17 16:53:31 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2016-08-17 16:53:31 ----A---- C:\WINDOWS\system32\WSShared.dll
2016-08-17 16:53:31 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-08-17 16:53:30 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2016-08-17 16:53:30 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-08-17 16:53:30 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-08-17 16:53:30 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2016-08-17 16:53:30 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2016-08-17 16:53:29 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-08-17 16:53:28 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2016-08-17 16:53:28 ----A---- C:\WINDOWS\system32\SHCore.dll
2016-08-17 16:53:28 ----A---- C:\WINDOWS\system32\mssrch.dll
2016-08-17 16:53:28 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-08-17 16:53:28 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-08-17 16:53:28 ----A---- C:\WINDOWS\system32\BFE.DLL
2016-08-17 16:53:28 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-17 16:53:27 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2016-08-17 16:53:27 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-08-17 16:53:26 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-08-17 16:53:26 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2016-08-17 16:53:26 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-08-17 16:53:26 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-08-17 16:53:26 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-17 16:53:25 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-08-17 16:53:25 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-08-17 16:53:25 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2016-08-17 16:53:25 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-08-17 16:53:25 ----A---- C:\WINDOWS\system32\DbgModel.dll
2016-08-17 16:53:24 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-08-17 16:53:24 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-08-17 16:53:24 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2016-08-17 16:53:24 ----A---- C:\WINDOWS\system32\winmde.dll
2016-08-17 16:53:24 ----A---- C:\WINDOWS\system32\twinui.dll
2016-08-17 16:53:23 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-08-17 16:53:23 ----A---- C:\WINDOWS\system32\wmp.dll
2016-08-17 16:53:22 ----A---- C:\WINDOWS\system32\eappprxy.dll
2016-08-17 16:53:22 ----A---- C:\WINDOWS\system32\eapphost.dll
2016-08-17 16:53:22 ----A---- C:\WINDOWS\system32\eappcfg.dll
2016-08-17 16:53:22 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2016-08-17 16:53:21 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2016-08-17 16:53:21 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2016-08-17 16:53:20 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2016-08-17 16:53:20 ----A---- C:\WINDOWS\SYSWOW64\eappprxy.dll
2016-08-17 16:53:20 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2016-08-17 16:53:20 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2016-08-17 16:53:20 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-08-17 16:53:20 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2016-08-17 16:53:20 ----A---- C:\WINDOWS\system32\apprepsync.dll
2016-08-17 16:53:20 ----A---- C:\WINDOWS\system32\apprepapi.dll
2016-08-17 16:53:19 ----A---- C:\WINDOWS\system32\WSClient.dll
2016-08-17 16:53:19 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2016-08-17 16:53:19 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-08-17 16:53:18 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2016-08-17 16:53:18 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2016-08-17 16:53:18 ----A---- C:\WINDOWS\system32\WSSync.dll
2016-08-17 16:53:18 ----A---- C:\WINDOWS\system32\WPTaskScheduler.dll
2016-08-17 16:53:18 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-17 16:53:17 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-08-17 16:53:17 ----A---- C:\WINDOWS\SYSWOW64\oemlicense.dll
2016-08-17 16:53:17 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-17 16:53:17 ----A---- C:\WINDOWS\system32\wmpps.dll
2016-08-17 16:53:17 ----A---- C:\WINDOWS\system32\winsrv.dll
2016-08-17 16:53:17 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2016-08-17 16:53:16 ----A---- C:\WINDOWS\SYSWOW64\WSSync.dll
2016-08-17 16:53:16 ----A---- C:\WINDOWS\SYSWOW64\WSClient.dll
2016-08-17 16:53:16 ----A---- C:\WINDOWS\SYSWOW64\apprepsync.dll
2016-08-17 16:53:16 ----A---- C:\WINDOWS\SYSWOW64\apprepapi.dll
2016-08-17 16:53:16 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-17 16:53:16 ----A---- C:\WINDOWS\system32\InputService.dll
2016-08-17 16:53:15 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-08-17 16:53:15 ----A---- C:\WINDOWS\SYSWOW64\iassvcs.dll
2016-08-17 16:53:15 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-08-17 16:53:15 ----A---- C:\WINDOWS\system32\iassvcs.dll
2016-08-17 16:53:14 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2016-08-17 16:53:14 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-08-17 16:53:13 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2016-08-17 16:53:13 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2016-08-17 16:53:13 ----A---- C:\WINDOWS\system32\oemlicense.dll
2016-08-17 16:53:13 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-08-17 16:53:13 ----A---- C:\WINDOWS\system32\eappgnui.dll
2016-08-17 16:53:12 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2016-08-17 16:53:12 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-08-17 16:53:12 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-17 16:53:12 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-08-17 16:53:11 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-08-17 16:53:11 ----A---- C:\WINDOWS\SYSWOW64\Clipc.dll
2016-08-17 16:53:11 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2016-08-17 16:53:11 ----A---- C:\WINDOWS\system32\Clipc.dll
2016-08-17 16:53:10 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2016-08-17 16:53:10 ----A---- C:\WINDOWS\SYSWOW64\NAPCRYPT.DLL
2016-08-17 16:53:10 ----A---- C:\WINDOWS\SYSWOW64\mssphtb.dll
2016-08-17 16:53:10 ----A---- C:\WINDOWS\system32\wmpmde.dll
2016-08-17 16:53:10 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-08-17 16:53:10 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2016-08-17 16:53:09 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2016-08-17 16:53:09 ----A---- C:\WINDOWS\system32\wldp.dll
2016-08-17 16:53:09 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-08-17 16:53:09 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-17 16:53:08 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-08-17 16:53:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2016-08-17 16:53:08 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2016-08-17 16:53:08 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-08-17 16:53:08 ----A---- C:\WINDOWS\system32\mssph.dll
2016-08-17 16:53:08 ----A---- C:\WINDOWS\system32\ClipUp.exe
2016-08-17 16:53:07 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-08-17 16:53:07 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2016-08-17 16:53:07 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2016-08-17 16:53:07 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-08-17 16:53:07 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-17 16:53:07 ----A---- C:\WINDOWS\system32\mssphtb.dll
2016-08-17 16:53:07 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-08-17 16:53:06 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-08-17 16:53:06 ----A---- C:\WINDOWS\system32\mssvp.dll
2016-08-17 16:53:06 ----A---- C:\WINDOWS\system32\mfps.dll
2016-08-17 16:53:06 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-08-17 16:53:05 ----A---- C:\WINDOWS\system32\mssprxy.dll
2016-08-17 16:53:05 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-08-17 16:53:05 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-08-17 16:53:05 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-08-17 16:53:05 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-17 16:53:04 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2016-08-17 16:53:04 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2016-08-17 16:53:04 ----A---- C:\WINDOWS\system32\WSService.dll
2016-08-17 16:53:04 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-17 16:53:04 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2016-08-17 16:53:04 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2016-08-17 16:53:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-17 16:53:03 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2016-08-17 16:53:03 ----A---- C:\WINDOWS\system32\wpccpl.dll
2016-08-17 16:53:03 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-08-17 16:53:02 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2016-08-17 16:53:02 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-08-17 16:53:02 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-08-17 16:53:02 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-08-17 16:53:01 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2016-08-17 16:53:01 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-17 16:53:01 ----A---- C:\WINDOWS\system32\mos.dll
2016-08-17 16:53:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-17 16:53:00 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2016-08-17 16:53:00 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2016-08-17 16:53:00 ----A---- C:\WINDOWS\SYSWOW64\MosHostClient.dll
2016-08-17 16:53:00 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-08-17 16:53:00 ----A---- C:\WINDOWS\system32\msscntrs.dll
2016-08-17 16:53:00 ----A---- C:\WINDOWS\system32\MosHostClient.dll
2016-08-17 16:53:00 ----A---- C:\WINDOWS\system32\moshost.dll
2016-08-17 16:53:00 ----A---- C:\WINDOWS\system32\GamePanel.exe
2016-08-17 16:52:59 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2016-08-17 16:52:59 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2016-08-17 16:35:17 ----D---- C:\Users\sasha_000\AppData\Roaming\PlaysTV
2016-08-17 15:14:44 ----HDC---- C:\ProgramData\{BC13C66E-D01E-4443-A1D1-35EEDF3A964A}
2016-08-17 14:19:36 ----ASH---- C:\hiberfil.sys
2016-08-11 17:43:50 ----A---- C:\WINDOWS\system32\SETB1A1.tmp
2016-08-11 17:43:50 ----A---- C:\WINDOWS\system32\coinst_16.30.dll
2016-08-07 19:36:26 ----D---- C:\ProgramData\ConMet

======List of files/folders modified in the last 1 month======

2016-09-02 21:24:38 ----RD---- C:\Program Files
2016-09-02 21:23:41 ----D---- C:\WINDOWS\Prefetch
2016-09-02 21:23:02 ----D---- C:\Users\sasha_000\AppData\Roaming\uTorrent
2016-09-02 21:21:56 ----D---- C:\Users\sasha_000\AppData\Roaming\Skype
2016-09-02 21:20:28 ----D---- C:\WINDOWS\System32
2016-09-02 21:20:28 ----D---- C:\WINDOWS\INF
2016-09-02 21:20:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-02 21:19:23 ----D---- C:\WINDOWS\Temp
2016-09-02 21:15:26 ----D---- C:\Users\sasha_000\AppData\Roaming\Raptr
2016-09-02 21:14:53 ----D---- C:\ProgramData\Origin
2016-09-02 21:10:12 ----D---- C:\WINDOWS\system32\sru
2016-09-02 20:42:47 ----SHDC---- C:\WINDOWS\Installer
2016-09-02 20:42:46 ----SD---- C:\Users\sasha_000\AppData\Roaming\Microsoft
2016-09-02 20:37:24 ----HD---- C:\ProgramData
2016-09-02 19:23:22 ----D---- C:\WINDOWS\Microsoft.NET
2016-09-02 18:55:40 ----RD---- C:\Program Files (x86)
2016-09-02 18:55:21 ----D---- C:\Program Files (x86)\PokerStars.EU
2016-09-02 18:54:29 ----D---- C:\Windows
2016-09-02 18:52:03 ----D---- C:\ProgramData\Package Cache
2016-09-02 17:02:10 ----D---- C:\WINDOWS\system32\drivers
2016-09-02 16:57:20 ----D---- C:\WINDOWS\SysWOW64
2016-09-02 16:57:20 ----D---- C:\Program Files\AMD
2016-09-02 16:56:27 ----D---- C:\WINDOWS\system32\DriverStore
2016-09-02 16:56:27 ----D---- C:\WINDOWS\system32\CatRoot
2016-09-02 16:55:06 ----D---- C:\AMD
2016-09-02 16:44:15 ----D---- C:\WINDOWS\AppReadiness
2016-09-02 16:42:22 ----D---- C:\WINDOWS\Tasks
2016-09-02 16:42:22 ----D---- C:\WINDOWS\system32\Tasks
2016-09-02 16:41:58 ----D---- C:\WINDOWS\system32\GroupPolicy
2016-09-01 16:11:14 ----HD---- C:\Program Files\WindowsApps
2016-08-31 21:15:05 ----D---- C:\Program Files (x86)\VulkanRT
2016-08-31 21:14:52 ----D---- C:\Program Files (x86)\AMD
2016-08-31 20:40:14 ----A---- C:\WINDOWS\SYSWOW64\GameManager32.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\SYSWOW64\detoured.dll
2016-08-31 20:40:12 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll
2016-08-31 20:40:12 ----A---- C:\WINDOWS\SYSWOW64\atiumdva.dll
2016-08-31 20:40:12 ----A---- C:\WINDOWS\SYSWOW64\atiumdag.dll
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\atiuxp64.dll
2016-08-31 20:40:08 ----A---- C:\WINDOWS\SYSWOW64\atiu9pag.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
2016-08-31 20:40:04 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
2016-08-31 20:40:04 ----A---- C:\WINDOWS\system32\atidxx64.dll
2016-08-31 20:40:02 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll
2016-08-31 20:40:02 ----A---- C:\WINDOWS\system32\aticfx64.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\SYSWOW64\amdocl12cl.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll
2016-08-31 20:39:46 ----A---- C:\WINDOWS\SYSWOW64\amdave32.dll
2016-08-31 20:00:05 ----D---- C:\Program Files\Common Files
2016-08-30 19:26:23 ----D---- C:\WINDOWS\system32\config
2016-08-21 20:40:21 ----D---- C:\WINDOWS\rescache
2016-08-21 19:58:30 ----D---- C:\WINDOWS\WinSxS
2016-08-21 19:57:48 ----D---- C:\WINDOWS\system32\catroot2
2016-08-21 19:34:09 ----SHD---- C:\Boot
2016-08-20 00:31:51 ----D---- C:\WINDOWS\SYSWOW64\oobe
2016-08-20 00:31:51 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-08-20 00:31:51 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-08-20 00:31:49 ----D---- C:\WINDOWS\system32\oobe
2016-08-20 00:31:49 ----D---- C:\WINDOWS\system32\migration
2016-08-20 00:31:48 ----D---- C:\WINDOWS\system32\cs-CZ
2016-08-20 00:31:46 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-08-20 00:31:46 ----RD---- C:\WINDOWS\DevicesFlow
2016-08-20 00:31:45 ----D---- C:\Program Files\Windows Defender
2016-08-20 00:31:45 ----D---- C:\Program Files\Internet Explorer
2016-08-20 00:31:45 ----D---- C:\Program Files (x86)\Windows Defender
2016-08-20 00:31:45 ----D---- C:\Program Files (x86)\Internet Explorer
2016-08-18 17:23:48 ----D---- C:\Program Files (x86)\Common Files
2016-08-18 14:53:35 ----D---- C:\Program Files\Native Instruments
2016-08-18 12:22:22 ----D---- C:\Program Files\Common Files\Native Instruments
2016-08-17 16:56:21 ----D---- C:\WINDOWS\CbsTemp
2016-08-17 15:14:42 ----D---- C:\ProgramData\Native Instruments
2016-08-13 19:41:08 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrB.exe
2016-08-13 18:40:41 ----D---- C:\WINDOWS\system32\MRT
2016-08-13 18:38:11 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-08-13 18:37:53 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2016-08-11 17:46:02 ----A---- C:\WINDOWS\SYSWOW64\SETAF42.tmp
2016-08-11 17:46:02 ----A---- C:\WINDOWS\system32\SET9FBC.tmp
2016-08-11 17:46:00 ----A---- C:\WINDOWS\SYSWOW64\SET8CC1.tmp
2016-08-11 17:45:56 ----A---- C:\WINDOWS\SYSWOW64\SET8BA6.tmp
2016-08-11 17:45:32 ----A---- C:\WINDOWS\SYSWOW64\SETAF30.tmp
2016-08-11 17:45:18 ----A---- C:\WINDOWS\SYSWOW64\SET92F6.tmp
2016-08-11 17:45:14 ----A---- C:\WINDOWS\system32\SETA00E.tmp
2016-08-11 17:45:12 ----A---- C:\WINDOWS\SYSWOW64\SETA14A.tmp
2016-08-11 17:44:20 ----A---- C:\WINDOWS\SYSWOW64\SET9F36.tmp
2016-08-11 17:43:56 ----A---- C:\WINDOWS\SYSWOW64\SET9D2A.tmp
2016-08-11 17:43:52 ----A---- C:\WINDOWS\SYSWOW64\SET96F8.tmp
2016-08-11 17:43:12 ----A---- C:\WINDOWS\system32\drivers\SET9F8A.tmp
2016-08-11 17:42:54 ----A---- C:\WINDOWS\SYSWOW64\SETAF54.tmp
2016-08-11 17:42:16 ----A---- C:\WINDOWS\SYSWOW64\SET8D14.tmp
2016-08-11 17:41:26 ----A---- C:\WINDOWS\SYSWOW64\SET9C1D.tmp
2016-08-11 17:41:18 ----A---- C:\WINDOWS\SYSWOW64\SETAE31.tmp
2016-08-11 17:38:24 ----A---- C:\WINDOWS\system32\SET8ABA.tmp
2016-08-07 16:37:07 ----D---- C:\Program Files (x86)\Opera
2016-08-03 08:45:18 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-12-01 8192]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [2016-08-31 314392]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2016-08-31 26719376]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2016-08-31 510096]
R3 AtiHDAudioService;@oem33.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2016-07-28 118848]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-10-07 4585728]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-10 587264]
R4 IOMap;IOMap; \??\C:\WINDOWS\system32\drivers\IOMap64.sys [2014-10-24 24824]
S0 amdkmafd;@oem16.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-07-28 40720]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S1 gppnksvf;gppnksvf; \??\C:\WINDOWS\system32\drivers\gppnksvf.sys []
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 dg_ssudbus;@oem25.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-04-16 122160]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 niks2m2audio;@oem30.inf,%MediaDevice.Desc%;Traktor Kontrol S2 MK2 WDM Audio; C:\WINDOWS\System32\Drivers\niks2m2audio.sys [2015-09-04 382408]
S3 niks2m2usb;@oem31.inf,%USBDriver.SvcDesc%;Traktor Kontrol S2 MK2; C:\WINDOWS\system32\DRIVERS\niks2m2usb.sys [2015-09-04 99712]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-09-10 934752]
S3 ssudmdm;@oem24.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-04-16 214832]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-09-10 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-07-10 57696]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-07-10 28512]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-07-10 27488]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2015-07-10 131584]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\WINDOWS\System32\drivers\usbser.sys [2016-01-31 67072]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\WINDOWS\System32\drivers\vhf.sys [2015-07-10 31744]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2016-08-31 279184]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-10-12 351944]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2016-08-30 121856]
R2 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2015-05-29 48640]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DTSAudioService;DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [2015-10-07 227472]
R2 HPReyos Service;HPReyos Service; C:\Users\sasha_000\AppData\Roaming\HPReyos\HPReyosSrv3.exe [2016-09-02 1564160]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2015-11-17 14326896]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2016-07-28 76152]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 UnistoreSvc_Session1;Úložiště uživatelských dat_Session1; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 UserDataSvc_Session1;Přístup k uživatelským datům_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15 107848]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc_Session16;Hostitel synchronizace_Session16; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13 270016]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15 107848]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-06-09 2122248]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session16;Data kontaktů_Session16; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-09-10 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc_Session16;Úložiště uživatelských dat_Session16; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 UserDataSvc_Session16;Přístup k uživatelským datům_Session16; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S4 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[sasha.cz]

# AdwCleaner v6.010 - Log soubor vytvořen 02/09/2016 na 22:14:51
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-09-01.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : sasha.cz - MY-PC
# Beží od : C:\Users\sasha_000\AppData\Local\Temp\scoped_dir588_30633\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****



***** [ Adresáře ] *****

[-] Adresář smazán:C:\Program Files (x86)\Youtube AdBlock
[-] Adresář smazán:C:\ProgramData\tWdsManProt
[-] Adresář smazán:C:\Users\sasha_000\AppData\Local\Host Service
[#] Adresář nelze smazat:C:\Program Files (x86)\Youtube AdBlock
[-] Adresář smazán:C:\Users\SASHA_~1\AppData\Local\Temp\ext


***** [ Soubory ] *****

[-] Soubor smazán:C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[#] Soubor smazán:C:\ProgramData\Application Data\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[-] Soubor smazán:C:\Users\sasha_000\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_ad.turn.com_0.localstorage
[-] Soubor smazán:C:\Users\sasha_000\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_ad.turn.com_0.localstorage-journal
[-] Soubor smazán:C:\Users\sasha_000\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_cdn.turn.com_0.localstorage
[-] Soubor smazán:C:\Users\sasha_000\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_cdn.turn.com_0.localstorage-journal


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****

[-] Úlohy smazány:Update Service for Youtube AdBlock2


***** [ Registry ] *****

[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdsManPro
[-] Klíč smazán:HKU\S-1-5-21-3789576113-306388386-477534582-1001\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[#] Klíč smazán po restartování:HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[-] Klíč smazán:HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Klíč smazán:HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Klíč smazán:HKU\S-1-5-21-3789576113-306388386-477534582-1001\Software\Conduit
[-] Klíč smazán:HKU\S-1-5-21-3789576113-306388386-477534582-1001\Software\IM
[-] Klíč smazán:HKU\S-1-5-21-3789576113-306388386-477534582-1001\Software\PRODUCTSETUP
[#] Klíč smazán po restartování:HKCU\Software\Conduit
[#] Klíč smazán po restartování:HKCU\Software\IM
[#] Klíč smazán po restartování:HKCU\Software\PRODUCTSETUP
[-] Klíč smazán:HKLM\SOFTWARE\Conduit
[-] Klíč smazán:HKLM\SOFTWARE\WdsManPro


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3490 Bajtů] - [02/09/2016 22:14:51]
C:\AdwCleaner\AdwCleaner[S0].txt - [3806 Bajtů] - [02/09/2016 22:10:05]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3638 Bajtů] ##########

[Rudy]

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[sasha.cz]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by sasha.cz (administrator) on MY-PC (02-09-2016 22:33:31)
Running from C:\Users\sasha_000\AppData\Local\Temp\scoped_dir5988_3094
Loaded Profiles: sasha.cz (Available Profiles: sasha.cz)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(CrabbyCruel Shelter) C:\Users\sasha_000\AppData\Roaming\HPReyos\HPReyosSrv3.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\sasha_000\AppData\Roaming\uTorrent\uTorrent.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(BitTorrent Inc.) C:\Users\sasha_000\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
(BitTorrent Inc.) C:\Users\sasha_000\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
(Yaqoyqsail Rvivigeu) C:\Users\sasha_000\AppData\Roaming\GameLauncher\Seviler\Seviler.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.23941.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8529152 2015-10-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411840 2015-10-07] (Realtek Semiconductor)
HKLM\...\Run: [rundll32] => C:\Program Files\BuzzDock\BuzzDock.dll [2712064 2015-05-11] ()
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6625672 2016-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-23] (Raptr, Inc)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-06-09] (Electronic Arts)
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55100016 2015-08-26] (Skype Technologies S.A.)
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\Run: [uTorrent] => C:\Users\sasha_000\AppData\Roaming\uTorrent\uTorrent.exe [1972224 2016-08-13] (BitTorrent Inc.)
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\Run: [Seviler] => C:\Users\sasha_000\AppData\Roaming\GameLauncher\Seviler\Seviler.exe [2370048 2016-09-02] (Yaqoyqsail Rvivigeu)
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\Run: [Host Service] => wscript "C:\Users\sasha_000\AppData\Local\Host Service\launchall.js" <===== ATTENTION
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\RunOnce: [Uninstall C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sasha_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
IFEO\SppExtComObj.exe: [Debugger] SppExtComObjPatcher.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0b99442f-47ac-4df0-88ea-46b1e108b2aa}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=14421562 ... SBG111667V

FireFox:
========
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\sasha_000\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\sasha_000\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Dokumenty Google) - C:\Users\sasha_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\sasha_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-02]
CHR Extension: (Chrome Media Router) - C:\Users\sasha_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-02]

Opera:
=======
OPR StartupUrls: "hxxp://seznam.cz/"
OPR Extension: (Adblocker pro Youtube™) - C:\Users\sasha_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\dpiglkccaeohciincfjglehlcjlpfmjd [2016-09-02]
OPR Extension: (Adblock Plus) - C:\Users\sasha_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-08-28]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-10-12] (Advanced Micro Devices, Inc.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-08-30] (Advanced Micro Devices) [File not signed]
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2015-05-29] () [File not signed]
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [227472 2015-10-07] (DTS)
R2 HPReyos Service; C:\Users\sasha_000\AppData\Roaming\HPReyos\HPReyosSrv3.exe [1564160 2016-09-02] (CrabbyCruel Shelter) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-09] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-05-23] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-07-28] ()
S3 vmicvss; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24856 2016-08-03] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [314392 2016-08-31] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [118848 2016-07-28] (Advanced Micro Devices)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-24] (ASUSTeK Computer Inc.)
S3 niks2m2audio; C:\Windows\System32\Drivers\niks2m2audio.sys [382408 2015-09-04] (Native Instruments GmbH)
S3 niks2m2usb; C:\Windows\system32\DRIVERS\niks2m2usb.sys [99712 2015-09-04] (Native Instruments GmbH)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U4 dmwappushsvc; no ImagePath
S1 gppnksvf; \??\C:\WINDOWS\system32\drivers\gppnksvf.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-02 22:32 - 2016-09-02 22:32 - 00112640 _____ (forum.viry.cz) C:\Users\sasha_000\Desktop\FRSTLauncher.exe
2016-09-02 22:32 - 2016-09-02 22:32 - 00029696 _____ C:\Users\sasha_000\AppData\Local\MSGBOX.EXE
2016-09-02 22:32 - 2016-09-02 22:32 - 00015327 _____ C:\Users\sasha_000\Desktop\LM.bat
2016-09-02 22:31 - 2016-09-02 22:33 - 00000000 ____D C:\FRST
2016-09-02 22:31 - 2016-09-02 22:31 - 02397696 _____ (Farbar) C:\Users\sasha_000\Desktop\FRST64.exe
2016-09-02 22:30 - 2016-09-02 22:30 - 00016148 _____ C:\WINDOWS\system32\MY-PC_sasha.cz_HistoryPrediction.bin
2016-09-02 22:09 - 2016-09-02 22:14 - 00000000 ____D C:\AdwCleaner
2016-09-02 22:08 - 2016-09-02 22:09 - 03826240 _____ C:\Users\sasha_000\Desktop\adwcleaner_6.010.exe
2016-09-02 21:24 - 2016-09-02 21:24 - 01222144 _____ C:\Users\sasha_000\Downloads\RSITx64.exe
2016-09-02 21:24 - 2016-09-02 21:24 - 00000000 ____D C:\rsit
2016-09-02 21:24 - 2016-09-02 21:24 - 00000000 ____D C:\Program Files\trend micro
2016-09-02 20:42 - 2016-09-02 20:43 - 00000000 ____D C:\Users\sasha_000\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2016-09-02 20:42 - 2016-09-02 20:42 - 02721168 _____ (Microsoft Corporation) C:\Users\sasha_000\Desktop\Windows7-USB-DVD-Download-Tool-Installer-en-US.exe
2016-09-02 20:42 - 2016-09-02 20:42 - 00002650 _____ C:\Users\sasha_000\Desktop\Windows 7 USB DVD Download Tool.lnk
2016-09-02 20:42 - 2016-09-02 20:42 - 00000000 ____D C:\Users\sasha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2016-09-02 19:14 - 2016-09-02 19:14 - 00014231 _____ C:\Users\sasha_000\Downloads\[CzT]Windows_10_Pred_Aktivovane_2015_.torrent
2016-09-02 18:54 - 2016-09-02 18:54 - 00000064 _____ C:\WINDOWS\Wininit.ini
2016-09-02 16:57 - 2016-09-02 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-09-02 16:56 - 2016-09-02 16:56 - 00000000 ____D C:\WINDOWS\LastGood
2016-09-02 16:53 - 2016-09-02 16:55 - 219690624 _____ (AMD Inc.) C:\Users\sasha_000\Desktop\non-whql-win10-64bit-radeon-software-crimson-16.8.3-aug30.exe
2016-09-02 16:49 - 2016-09-02 16:49 - 00000000 _____ C:\Users\sasha_000\Desktop\~battlefield1_Patch_Fix.exe
2016-09-02 16:43 - 2016-09-02 16:43 - 00000270 __RSH C:\Users\sasha_000\ntuser.pol
2016-09-02 16:42 - 2016-09-02 16:42 - 00003060 _____ C:\WINDOWS\System32\Tasks\Update Service for Youtube AdBlock2
2016-09-02 16:41 - 2016-09-02 16:41 - 00002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-09-02 16:41 - 2016-09-02 16:41 - 00002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ореrа.lnk
2016-09-02 16:41 - 2016-09-02 16:41 - 00000270 __RSH C:\ProgramData\ntuser.pol
2016-09-02 16:41 - 2016-09-02 16:41 - 00000000 ____D C:\Users\sasha_000\AppData\Roaming\HPReyos
2016-09-02 16:41 - 2016-09-02 16:41 - 00000000 ____D C:\Users\sasha_000\AppData\Roaming\GameLauncher
2016-08-31 21:14 - 2016-08-31 21:14 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-08-31 21:11 - 2016-08-31 21:12 - 218350688 _____ (AMD Inc.) C:\Users\sasha_000\Desktop\non-whql-win10-64bit-radeon-software-crimson-16.8.2-rc4-aug11 (1).exe
2016-08-31 21:10 - 2016-08-31 21:21 - 00000000 ____D C:\Users\sasha_000\Documents\Battlefield 1 Open Beta
2016-08-31 20:40 - 2016-08-31 20:40 - 32550032 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 26633872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 15721104 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 14312080 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 10285464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 08864688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-08-31 20:40 - 2016-08-31 20:40 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-08-31 20:40 - 2016-08-31 20:40 - 02139792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 01321104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00987280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00732336 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-08-31 20:40 - 2016-08-31 20:40 - 00732336 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-08-31 20:40 - 2016-08-31 20:40 - 00513680 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00451720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00394896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00342152 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00284296 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00279696 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00279184 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00267920 _____ C:\WINDOWS\system32\GameManager64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00262288 _____ C:\WINDOWS\system32\clinfo.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00260752 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00226448 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00223368 _____ C:\WINDOWS\system32\atieah64.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00201360 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00194704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00161432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00151696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00129168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00127120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00122512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00120384 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00115856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00110736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00103056 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00101520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00100496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00100496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00071816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00065168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00061576 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00060560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2016-08-31 20:40 - 2016-08-31 20:40 - 00058512 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00052880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-08-31 20:40 - 2016-08-31 20:40 - 00013456 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 48811152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 27481232 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 08828560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 08653760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 08620176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 07085712 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 07045344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 06947984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 02370704 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 02281104 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 01829520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00743568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00619152 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00475632 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00314392 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2016-08-31 20:39 - 2016-08-31 20:39 - 00241296 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00214160 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00193680 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00173712 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00156248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00152096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00135920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00120376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00105616 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00096400 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00075920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00060040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00059536 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-08-31 20:39 - 2016-08-31 20:39 - 00047760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-08-31 20:00 - 2016-08-31 20:00 - 00000811 _____ C:\Users\Public\Desktop\Battlefield 1 Open Beta.lnk
2016-08-31 20:00 - 2016-08-31 20:00 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-08-31 20:00 - 2016-08-31 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1 Open Beta
2016-08-31 19:22 - 2016-08-31 19:22 - 00000000 ____D C:\BF1
2016-08-30 16:48 - 2016-08-30 16:48 - 02412544 _____ C:\WINDOWS\system32\amdacpusl.pdb
2016-08-30 16:39 - 2016-08-30 16:39 - 00364544 _____ (Advanced Micro Devices) C:\WINDOWS\system32\amdacpusl.dll
2016-08-30 16:39 - 2016-08-30 16:39 - 00306176 _____ C:\WINDOWS\system32\amdacpusl.pdb.pub
2016-08-30 16:39 - 2016-08-30 16:39 - 00248832 _____ (Advanced Micro Devices) C:\WINDOWS\SysWOW64\amdacpusl.dll
2016-08-28 18:35 - 2016-08-28 18:35 - 00028585 _____ C:\Users\sasha_000\Downloads\[CzT]V_zajeti_demonu_2_The_Conjuring_2_2016_720pHD_ (1).torrent
2016-08-28 18:32 - 2016-08-28 18:32 - 00028584 _____ C:\Users\sasha_000\Downloads\[CzT]V_zajeti_demonu_2_The_Conjuring_2_2016_720pHD_.torrent
2016-08-27 00:08 - 2016-08-27 00:08 - 00028579 _____ C:\Users\sasha_000\Downloads\[CzT]Nez_jsem_te_poznala_Me_Before_You_2016_720pHD_.torrent
2016-08-27 00:07 - 2016-08-27 00:07 - 00002092 _____ C:\Users\Public\Desktop\Raptr.lnk
2016-08-27 00:07 - 2016-08-27 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2016-08-21 19:41 - 2016-08-21 19:41 - 00022835 _____ C:\Users\sasha_000\Downloads\[CzT]Kniha_dzungli_The_Jungle_Book_2016_720pHD_.torrent
2016-08-19 00:18 - 2016-08-19 00:18 - 00003336 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-18 23:44 - 2016-08-18 23:44 - 00021170 _____ C:\Users\sasha_000\Downloads\[CzT]Warcraft_Prvni_stret_Warcraft_2016_WebRip_1080p_.torrent
2016-08-18 17:25 - 2016-08-18 17:25 - 00001075 _____ C:\Users\Public\Desktop\Traktor 2.lnk
2016-08-18 17:25 - 2016-08-18 17:25 - 00000000 __HDC C:\ProgramData\{5D7D8554-ADF2-463E-B6AC-7A857B390410}
2016-08-18 17:20 - 2016-08-18 17:20 - 00013141 _____ C:\Users\sasha_000\Downloads\[CzT]NEW_Native_Instruments_Traktor_Pro_2.torrent
2016-08-18 17:15 - 2016-08-18 17:15 - 00012890 _____ C:\Users\sasha_000\Downloads\[CzT]Native_Instruments_Traktor_Pro_2_v2_6.torrent
2016-08-18 14:53 - 2016-08-18 14:53 - 26169672 _____ C:\Users\sasha_000\Downloads\Traktor_Kontrol_S2_MK2_420_PC_p.zip
2016-08-18 14:53 - 2016-08-18 14:53 - 00000000 __HDC C:\ProgramData\{571BB2D7-5EB2-4D33-9E0D-0D95E2CB9AE0}
2016-08-18 14:53 - 2016-08-18 14:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_niks2m2usb_01011.Wdf
2016-08-18 14:50 - 2016-08-18 14:50 - 00000000 __HDC C:\ProgramData\{9F570B21-E27A-40BE-A508-292899A7D042}
2016-08-18 13:56 - 2016-08-18 13:56 - 00000000 ____D C:\ProgramData\mia2B23.tmp
2016-08-18 12:22 - 2016-08-18 12:22 - 00001167 _____ C:\Users\Public\Desktop\Controller Editor.lnk
2016-08-18 12:22 - 2016-08-18 12:22 - 00000000 __HDC C:\ProgramData\{90D8CE90-3E6B-4034-A281-BC9F19B60A5B}
2016-08-18 12:22 - 2016-08-18 12:22 - 00000000 __HDC C:\ProgramData\{42DEBD12-9D09-4B77-B434-2EF604E45D3D}
2016-08-18 12:18 - 2016-08-18 12:20 - 243027807 _____ C:\Users\sasha_000\Downloads\Traktor_2_2102_PC.zip
2016-08-18 12:16 - 2016-08-18 12:16 - 06123330 _____ C:\Users\sasha_000\Downloads\DeviceUpdater_120_PC.zip
2016-08-17 16:53 - 2016-08-03 08:25 - 00953472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-17 16:53 - 2016-08-03 08:25 - 00365120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-08-17 16:53 - 2016-08-03 08:24 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-08-17 16:53 - 2016-08-03 08:24 - 01767008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-08-17 16:53 - 2016-08-03 08:24 - 01531368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-08-17 16:53 - 2016-08-03 08:24 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-17 16:53 - 2016-08-03 08:24 - 00439648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-17 16:53 - 2016-08-03 08:24 - 00046480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-17 16:53 - 2016-08-03 08:23 - 01895576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-08-17 16:53 - 2016-08-03 08:22 - 01811360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-08-17 16:53 - 2016-08-03 08:15 - 02881624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-17 16:53 - 2016-08-03 08:15 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-17 16:53 - 2016-08-03 08:15 - 00468832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-17 16:53 - 2016-08-03 08:15 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
2016-08-17 16:53 - 2016-08-03 08:14 - 00565648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-08-17 16:53 - 2016-08-03 08:13 - 00065096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2016-08-17 16:53 - 2016-08-03 08:09 - 00185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-08-17 16:53 - 2016-08-03 07:46 - 08016728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-17 16:53 - 2016-08-03 07:46 - 03467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-08-17 16:53 - 2016-08-03 07:46 - 02816016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-08-17 16:53 - 2016-08-03 07:46 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-08-17 16:53 - 2016-08-03 07:46 - 01951864 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-08-17 16:53 - 2016-08-03 07:46 - 01563480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-08-17 16:53 - 2016-08-03 07:46 - 01561360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-17 16:53 - 2016-08-03 07:46 - 01538168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-17 16:53 - 2016-08-03 07:46 - 01314496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-17 16:53 - 2016-08-03 07:46 - 00632680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-17 16:53 - 2016-08-03 07:46 - 00601336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-17 16:53 - 2016-08-03 07:46 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-17 16:53 - 2016-08-03 07:46 - 00432352 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-17 16:53 - 2016-08-03 07:46 - 00158048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-17 16:53 - 2016-08-03 07:46 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-17 16:53 - 2016-08-03 07:44 - 02495776 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-17 16:53 - 2016-08-03 07:44 - 02429792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-08-17 16:53 - 2016-08-03 07:44 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-08-17 16:53 - 2016-08-03 07:44 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-08-17 16:53 - 2016-08-03 07:44 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-08-17 16:53 - 2016-08-03 07:44 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-08-17 16:53 - 2016-08-03 07:39 - 00660320 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-17 16:53 - 2016-08-03 07:38 - 06525424 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-17 16:53 - 2016-08-03 07:38 - 03625928 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-17 16:53 - 2016-08-03 07:38 - 01134792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-08-17 16:53 - 2016-08-03 07:38 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-17 16:53 - 2016-08-03 07:38 - 00724168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-08-17 16:53 - 2016-08-03 07:38 - 00252760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-08-17 16:53 - 2016-08-03 07:38 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2016-08-17 16:53 - 2016-08-03 07:37 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-08-17 16:53 - 2016-08-03 07:33 - 00224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-08-17 16:53 - 2016-08-03 07:32 - 00983904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-08-17 16:53 - 2016-08-03 07:09 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-08-17 16:53 - 2016-08-03 07:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-17 16:53 - 2016-08-03 06:57 - 24604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-17 16:53 - 2016-08-03 06:57 - 21862912 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-17 16:53 - 2016-08-03 06:57 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-08-17 16:53 - 2016-08-03 06:57 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-17 16:53 - 2016-08-03 06:55 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-08-17 16:53 - 2016-08-03 06:54 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-17 16:53 - 2016-08-03 06:53 - 13027328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-17 16:53 - 2016-08-03 06:53 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-08-17 16:53 - 2016-08-03 06:52 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-08-17 16:53 - 2016-08-03 06:51 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-08-17 16:53 - 2016-08-03 06:50 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-08-17 16:53 - 2016-08-03 06:49 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-17 16:53 - 2016-08-03 06:49 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2016-08-17 16:53 - 2016-08-03 06:49 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-17 16:53 - 2016-08-03 06:48 - 06788096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-17 16:53 - 2016-08-03 06:47 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-08-17 16:53 - 2016-08-03 06:47 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-08-17 16:53 - 2016-08-03 06:47 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2016-08-17 16:53 - 2016-08-03 06:47 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-08-17 16:53 - 2016-08-03 06:47 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2016-08-17 16:53 - 2016-08-03 06:46 - 02238464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-17 16:53 - 2016-08-03 06:46 - 01416704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-17 16:53 - 2016-08-03 06:46 - 01123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-08-17 16:53 - 2016-08-03 06:46 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-08-17 16:53 - 2016-08-03 06:46 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-08-17 16:53 - 2016-08-03 06:46 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-17 16:53 - 2016-08-03 06:46 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-08-17 16:53 - 2016-08-03 06:45 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-17 16:53 - 2016-08-03 06:45 - 12514304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-17 16:53 - 2016-08-03 06:45 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-17 16:53 - 2016-08-03 06:45 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassvcs.dll
2016-08-17 16:53 - 2016-08-03 06:44 - 19337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-17 16:53 - 2016-08-03 06:44 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-17 16:53 - 2016-08-03 06:44 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-08-17 16:53 - 2016-08-03 06:44 - 00814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\provcore.dll
2016-08-17 16:53 - 2016-08-03 06:44 - 00345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-08-17 16:53 - 2016-08-03 06:44 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-08-17 16:53 - 2016-08-03 06:43 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-08-17 16:53 - 2016-08-03 06:43 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-08-17 16:53 - 2016-08-03 06:43 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-08-17 16:53 - 2016-08-03 06:43 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-08-17 16:53 - 2016-08-03 06:42 - 02839040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-08-17 16:53 - 2016-08-03 06:42 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-08-17 16:53 - 2016-08-03 06:42 - 02253824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-08-17 16:53 - 2016-08-03 06:42 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-17 16:53 - 2016-08-03 06:42 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-08-17 16:53 - 2016-08-03 06:41 - 04398592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-17 16:53 - 2016-08-03 06:41 - 03119104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-17 16:53 - 2016-08-03 06:41 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2016-08-17 16:53 - 2016-08-03 06:41 - 01686528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-17 16:53 - 2016-08-03 06:41 - 01606656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-17 16:53 - 2016-08-03 06:41 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2016-08-17 16:53 - 2016-08-03 06:40 - 05160960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-17 16:53 - 2016-08-03 06:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-08-17 16:53 - 2016-08-03 06:40 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-17 16:53 - 2016-08-03 06:40 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-08-17 16:53 - 2016-08-03 06:40 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-08-17 16:53 - 2016-08-03 06:40 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-08-17 16:53 - 2016-08-03 06:39 - 05448704 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-17 16:53 - 2016-08-03 06:39 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-08-17 16:53 - 2016-08-03 06:39 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-08-17 16:53 - 2016-08-03 06:39 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-17 16:53 - 2016-08-03 06:39 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-17 16:53 - 2016-08-03 06:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-17 16:53 - 2016-08-03 06:39 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-17 16:53 - 2016-08-03 06:39 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-08-17 16:53 - 2016-08-03 06:39 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2016-08-17 16:53 - 2016-08-03 06:38 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-08-17 16:53 - 2016-08-03 06:38 - 03873280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-17 16:53 - 2016-08-03 06:38 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-08-17 16:53 - 2016-08-03 06:38 - 00819712 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-08-17 16:53 - 2016-08-03 06:38 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-08-17 16:53 - 2016-08-03 06:38 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-08-17 16:53 - 2016-08-03 06:38 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-17 16:53 - 2016-08-03 06:38 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-17 16:53 - 2016-08-03 06:37 - 04453888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-08-17 16:53 - 2016-08-03 06:37 - 04168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-08-17 16:53 - 2016-08-03 06:37 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-08-17 16:53 - 2016-08-03 06:37 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassvcs.dll
2016-08-17 16:53 - 2016-08-03 06:36 - 07524352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-17 16:53 - 2016-08-03 06:36 - 07502848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-17 16:53 - 2016-08-03 06:36 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-08-17 16:53 - 2016-08-03 06:36 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provcore.dll
2016-08-17 16:53 - 2016-08-03 06:36 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-08-17 16:53 - 2016-08-03 06:36 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-08-17 16:53 - 2016-08-03 06:36 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2016-08-17 16:53 - 2016-08-03 06:36 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-08-17 16:53 - 2016-08-03 06:35 - 18799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-17 16:53 - 2016-08-03 06:35 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-17 16:53 - 2016-08-03 06:35 - 03584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-17 16:53 - 2016-08-03 06:35 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-17 16:53 - 2016-08-03 06:35 - 01381376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-17 16:53 - 2016-08-03 06:35 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-08-17 16:53 - 2016-08-03 06:35 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-08-17 16:53 - 2016-08-03 06:35 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-08-17 16:53 - 2016-08-03 06:35 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2016-08-17 16:53 - 2016-08-03 06:35 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-08-17 16:53 - 2016-08-03 06:35 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-08-17 16:53 - 2016-08-03 06:34 - 01522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-17 16:53 - 2016-08-03 06:34 - 00763904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2016-08-17 16:53 - 2016-08-03 06:34 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-17 16:53 - 2016-08-03 06:34 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-08-17 16:53 - 2016-08-03 06:34 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-08-17 16:53 - 2016-08-03 06:34 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-17 16:53 - 2016-08-03 06:34 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-08-17 16:53 - 2016-08-03 06:34 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-08-17 16:53 - 2016-08-03 06:34 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-08-17 16:53 - 2016-08-03 06:34 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-08-17 16:53 - 2016-08-03 06:33 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-17 16:53 - 2016-08-03 06:33 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-17 16:53 - 2016-08-03 06:33 - 02198016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-08-17 16:53 - 2016-08-03 06:33 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-08-17 16:53 - 2016-08-03 06:33 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-17 16:53 - 2016-08-03 06:33 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-17 16:53 - 2016-08-03 06:33 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-17 16:53 - 2016-08-03 06:33 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-08-17 16:53 - 2016-08-03 06:33 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-17 16:53 - 2016-08-03 06:33 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2016-08-17 16:53 - 2016-08-03 06:32 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-08-17 16:53 - 2016-08-03 06:32 - 01492992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-17 16:53 - 2016-08-03 06:32 - 00939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-08-17 16:53 - 2016-08-03 06:32 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-08-17 16:53 - 2016-08-03 06:32 - 00679936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-17 16:53 - 2016-08-03 06:32 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-17 16:53 - 2016-08-03 06:32 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-08-17 16:53 - 2016-08-03 06:32 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-08-17 16:53 - 2016-08-03 06:31 - 05329408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-17 16:53 - 2016-08-03 06:31 - 01096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2016-08-17 16:53 - 2016-08-03 06:31 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2016-08-17 16:53 - 2016-08-03 06:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-08-17 16:53 - 2016-08-03 06:31 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-17 16:53 - 2016-08-03 06:30 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-08-17 16:53 - 2016-08-03 06:30 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-08-17 16:53 - 2016-08-03 06:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-17 16:53 - 2016-08-03 06:30 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgcore.dll
2016-08-17 16:53 - 2016-08-03 06:30 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-17 16:53 - 2016-08-03 06:29 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-08-17 16:53 - 2016-08-03 06:29 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-08-17 16:53 - 2016-08-03 06:28 - 03692032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-08-17 16:53 - 2016-08-03 06:28 - 03579392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-17 16:53 - 2016-08-03 06:27 - 11270656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-17 16:53 - 2016-08-03 06:27 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-08-17 16:53 - 2016-08-03 06:27 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-08-17 16:53 - 2016-08-03 06:26 - 06713856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-17 16:53 - 2016-08-03 06:26 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-17 16:53 - 2016-08-03 06:26 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-17 16:53 - 2016-08-03 06:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-08-17 16:53 - 2016-08-03 06:26 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-08-17 16:53 - 2016-08-03 06:26 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-08-17 16:53 - 2016-08-03 06:26 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-08-17 16:53 - 2016-08-03 06:25 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-08-17 16:53 - 2016-08-03 06:25 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2016-08-17 16:53 - 2016-08-03 06:25 - 00565760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-17 16:53 - 2016-08-03 06:25 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2016-08-17 16:53 - 2016-08-03 06:25 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2016-08-17 16:53 - 2016-08-03 06:25 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-08-17 16:53 - 2016-08-03 06:22 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-08-17 16:53 - 2016-08-03 06:21 - 00854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2016-08-17 16:53 - 2016-08-03 06:21 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-08-17 16:53 - 2016-08-03 06:21 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-08-17 16:53 - 2016-08-03 06:20 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgcore.dll
2016-08-17 16:52 - 2016-08-03 06:40 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-08-17 16:52 - 2016-08-03 06:25 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2016-08-17 16:39 - 2016-08-18 12:22 - 00001132 _____ C:\Users\Public\Desktop\Service Center.lnk
2016-08-17 16:35 - 2016-08-17 16:35 - 00000000 ____D C:\Users\sasha_000\AppData\Roaming\PlaysTV
2016-08-17 15:20 - 2016-08-18 14:40 - 00000000 ____D C:\Users\sasha_000\Documents\Native Instruments
2016-08-17 15:14 - 2016-08-17 15:14 - 00001063 _____ C:\Users\Public\Desktop\Traktor.lnk
2016-08-17 15:14 - 2016-08-17 15:14 - 00000000 __HDC C:\ProgramData\{BC13C66E-D01E-4443-A1D1-35EEDF3A964A}
2016-08-17 14:38 - 2016-08-17 14:38 - 11434385 _____ C:\Users\sasha_000\Downloads\Traktor_Kontrol_S2_310_PC.zip
2016-08-17 13:56 - 2016-08-17 13:56 - 11050642 _____ C:\Users\sasha_000\Downloads\TRAKTOR_KONTROL_S2_Setup_Guides_10_2013.zip
2016-08-13 16:54 - 2016-08-13 16:56 - 218350688 _____ (AMD Inc.) C:\Users\sasha_000\Desktop\non-whql-win10-64bit-radeon-software-crimson-16.8.2-rc4-aug11.exe
2016-08-11 17:43 - 2016-08-31 20:40 - 00875152 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00875152 _____ (AMD) C:\WINDOWS\system32\SETB1A1.tmp
2016-08-09 20:13 - 2016-08-09 20:13 - 00014995 _____ C:\Users\sasha_000\Downloads\[CzT]Spravni_chlapi_The_Nice_Guys_2016_WebRip_.torrent
2016-08-07 19:36 - 2016-09-02 18:54 - 00000000 ____D C:\ProgramData\ConMet
2016-08-07 19:36 - 2016-08-07 19:36 - 02845184 _____ (Mgr. Tomas Papousek) C:\Users\sasha_000\Desktop\cm897f.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-02 22:33 - 2015-09-11 15:43 - 00000000 ____D C:\Users\sasha_000\AppData\Roaming\uTorrent
2016-09-02 22:21 - 2015-09-10 05:45 - 01762290 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-02 22:21 - 2015-07-10 18:02 - 00745406 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-02 22:21 - 2015-07-10 18:02 - 00149344 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-02 22:21 - 2015-07-10 13:02 - 00000000 ____D C:\WINDOWS\INF
2016-09-02 22:16 - 2016-07-19 17:31 - 00000000 ____D C:\Users\sasha_000\AppData\LocalLow\uTorrent
2016-09-02 22:16 - 2015-09-11 14:41 - 00000000 ____D C:\Users\sasha_000\AppData\Roaming\Skype
2016-09-02 22:16 - 2015-09-10 05:52 - 00000000 ____D C:\ProgramData\Origin
2016-09-02 22:16 - 2015-09-10 04:36 - 00000000 ____D C:\Users\sasha_000\AppData\Roaming\Raptr
2016-09-02 22:15 - 2016-02-17 12:18 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-09-02 22:15 - 2015-09-15 12:07 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-02 22:15 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-02 22:15 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-09-02 21:43 - 2015-09-15 12:07 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-02 21:39 - 2016-06-11 17:15 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-02 18:56 - 2016-06-11 17:03 - 00000000 ____D C:\Users\sasha_000\AppData\Local\CrashDumps
2016-09-02 18:55 - 2016-07-20 19:51 - 00000000 ____D C:\Users\sasha_000\AppData\Local\IIIQF
2016-09-02 18:55 - 2016-02-29 20:41 - 00000000 ____D C:\Users\sasha_000\AppData\Local\PokerStars.EU
2016-09-02 18:55 - 2016-02-29 20:41 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2016-09-02 18:54 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-02 18:52 - 2015-09-10 05:36 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-02 17:59 - 2015-09-10 04:25 - 00004196 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{ABC10B88-E8D3-43A4-8F9E-FC5B84659DA5}
2016-09-02 17:01 - 2015-09-10 05:37 - 00000000 ____D C:\Users\sasha_000
2016-09-02 16:57 - 2015-09-10 05:35 - 00000000 ____D C:\Program Files\AMD
2016-09-02 16:55 - 2015-09-10 05:36 - 00000000 ____D C:\AMD
2016-09-02 16:44 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-02 16:41 - 2015-09-16 07:51 - 00000000 ____D C:\Users\sasha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-09-02 16:41 - 2015-09-16 07:51 - 00000000 ____D C:\Users\sasha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2016-09-02 16:41 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-09-01 16:11 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-31 21:15 - 2016-04-19 13:30 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-31 21:14 - 2015-09-10 04:34 - 00000000 ____D C:\Program Files (x86)\AMD
2016-08-31 21:13 - 2015-09-10 05:44 - 00000000 ____D C:\Users\sasha_000\AppData\Local\AMD
2016-08-31 20:40 - 2016-04-05 09:41 - 00013456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-08-31 20:40 - 2016-04-05 09:26 - 00233104 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-08-31 20:40 - 2016-01-08 00:07 - 00987280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-08-31 20:40 - 2016-01-08 00:07 - 00168592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-08-31 20:40 - 2015-06-23 04:08 - 10970120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-08-31 20:40 - 2015-06-23 04:08 - 09311368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-08-31 20:40 - 2015-06-23 04:08 - 09110856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-08-31 20:40 - 2015-06-23 04:08 - 07234888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-08-31 20:40 - 2015-06-23 04:08 - 01548512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-08-31 20:40 - 2015-06-23 04:08 - 01273584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-08-31 20:40 - 2015-06-23 04:08 - 00181064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-08-31 20:40 - 2015-06-23 04:08 - 00149984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-08-31 20:40 - 2015-06-23 04:08 - 00134448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-08-31 20:40 - 2015-06-23 04:03 - 26719376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-08-31 20:40 - 2015-06-23 03:10 - 00510096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-08-31 20:39 - 2016-01-08 00:06 - 38258312 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-08-31 20:39 - 2016-01-08 00:06 - 21633168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-08-31 20:39 - 2015-06-23 04:09 - 00135408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-08-28 02:19 - 2016-06-11 17:15 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-08-21 20:40 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2016-08-20 00:31 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-20 00:31 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-08-20 00:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-08-20 00:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-08-20 00:31 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-20 00:31 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-08-19 00:18 - 2015-09-10 05:44 - 00002434 _____ C:\Users\sasha_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-19 00:18 - 2015-09-10 04:23 - 00000000 __RDO C:\Users\sasha_000\OneDrive
2016-08-18 17:23 - 2016-07-20 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2016-08-18 14:53 - 2016-07-20 19:21 - 00000000 ____D C:\Program Files\Native Instruments
2016-08-18 12:22 - 2015-09-23 06:53 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2016-08-17 16:56 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-17 15:14 - 2015-09-23 06:53 - 00000000 ____D C:\ProgramData\Native Instruments
2016-08-17 15:11 - 2015-09-10 04:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-08-13 19:41 - 2015-09-10 14:15 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2016-08-13 19:41 - 2015-09-10 09:21 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-08-13 19:40 - 2015-09-10 09:21 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-08-13 18:40 - 2015-09-10 09:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-13 18:38 - 2015-09-10 09:21 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-13 18:37 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-11 17:46 - 2015-06-23 04:08 - 09311368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET8CC1.tmp
2016-08-11 17:46 - 2015-06-23 04:08 - 00181064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET9FBC.tmp
2016-08-11 17:46 - 2015-06-23 04:08 - 00149984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SETAF42.tmp
2016-08-11 17:45 - 2015-06-23 04:08 - 09110856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET92F6.tmp
2016-08-11 17:45 - 2015-06-23 04:08 - 07234888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET8BA6.tmp
2016-08-11 17:45 - 2015-06-23 04:08 - 01548000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SETA00E.tmp
2016-08-11 17:45 - 2015-06-23 04:08 - 01273072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SETA14A.tmp
2016-08-11 17:45 - 2015-06-23 04:08 - 00134448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SETAF30.tmp
2016-08-11 17:44 - 2015-06-23 04:09 - 00135408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET9F36.tmp
2016-08-11 17:43 - 2016-04-05 09:41 - 00013456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SET96F8.tmp
2016-08-11 17:43 - 2016-04-05 09:26 - 00233104 _____ C:\WINDOWS\SysWOW64\SET9D2A.tmp
2016-08-11 17:43 - 2015-06-23 03:10 - 00510096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\SET9F8A.tmp
2016-08-11 17:42 - 2016-01-08 00:07 - 00987280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\SET8D14.tmp
2016-08-11 17:42 - 2016-01-08 00:07 - 00168592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SETAF54.tmp
2016-08-11 17:41 - 2016-01-08 00:06 - 38258832 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\SETAE31.tmp
2016-08-11 17:41 - 2016-01-08 00:06 - 21633168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\SET9C1D.tmp
2016-08-11 17:38 - 2015-06-23 04:08 - 10970120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET8ABA.tmp
2016-08-07 16:37 - 2015-09-10 04:26 - 00003950 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1441851967
2016-08-07 16:37 - 2015-09-10 04:25 - 00000000 ____D C:\Program Files (x86)\Opera
2016-08-03 08:45 - 2015-09-10 05:37 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-03 08:38 - 2013-08-22 17:44 - 00397272 __RSH C:\bootmgr

==================== Files in the root of some directories =======

2016-09-02 22:32 - 2016-09-02 22:32 - 0029696 _____ () C:\Users\sasha_000\AppData\Local\MSGBOX.EXE
2016-02-22 12:36 - 2016-02-22 12:36 - 0000000 _____ () C:\Users\sasha_000\AppData\Local\{443163F0-2799-458D-99CB-B768663BE028}
2015-10-07 00:42 - 2015-10-07 00:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\sasha_000\AppData\Local\Temp\chromedriver.exe
C:\Users\sasha_000\AppData\Local\Temp\cmunst_.exe
C:\Users\sasha_000\AppData\Local\Temp\libeay32.dll
C:\Users\sasha_000\AppData\Local\Temp\msvcr110.dll
C:\Users\sasha_000\AppData\Local\Temp\msvcr120.dll
C:\Users\sasha_000\AppData\Local\Temp\php.exe
C:\Users\sasha_000\AppData\Local\Temp\php5.dll
C:\Users\sasha_000\AppData\Local\Temp\playstv_patch.exe
C:\Users\sasha_000\AppData\Local\Temp\sonarinst.exe
C:\Users\sasha_000\AppData\Local\Temp\sqlite3.dll
C:\Users\sasha_000\AppData\Local\Temp\ssleay32.dll
C:\Users\sasha_000\AppData\Local\Temp\tmp402.exe
C:\Users\sasha_000\AppData\Local\Temp\tmpE8A6.exe
C:\Users\sasha_000\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-01 20:36

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
C:\Users\sasha_000\AppData\Roaming\HPReyos
HKLM\...\Run: [rundll32] => C:\Program Files\BuzzDock\BuzzDock.dll [2712064 2015-05-11] ()
C:\Program Files\BuzzDock
HKU\S-1-5-21-3789576113-306388386-477534582-1001\...\Run: [Host Service] => wscript "C:\Users\sasha_000\AppData\Local\Host Service\launchall.js" <===== ATTENTION
C:\Users\sasha_000\AppData\Local\Host Service\launchall.js
GroupPolicy: Restriction - Chrome <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1 ... SBG111667V
S1 gppnksvf; \??\C:\WINDOWS\system32\drivers\gppnksvf.sys [X]
C:\WINDOWS\Wininit.ini
C:\WINDOWS\LastGood.Tmp
C:\ProgramData\mia2B23.tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\SysWOW64\SET8CC1.tmp
C:\WINDOWS\system32\SET9FBC.tmp
C:\WINDOWS\SysWOW64\SETAF42.tmp
C:\WINDOWS\SysWOW64\SET92F6.tmp
C:\WINDOWS\SysWOW64\SET8BA6.tmp
C:\WINDOWS\system32\SETA00E.tmp
C:\WINDOWS\SysWOW64\SETA14A.tmp
C:\WINDOWS\SysWOW64\SETAF30.tmp
C:\WINDOWS\SysWOW64\SET9F36.tmp
C:\WINDOWS\SysWOW64\SET96F8.tmp
C:\WINDOWS\SysWOW64\SET9D2A.tmp
C:\WINDOWS\system32\Drivers\SET9F8A.tmp
C:\WINDOWS\SysWOW64\SET8D14.tmp
C:\WINDOWS\SysWOW64\SETAF54.tmp
C:\WINDOWS\SysWOW64\SETAE31.tmp
C:\WINDOWS\SysWOW64\SET9C1D.tmp
C:\WINDOWS\system32\SET8ABA.tmp
C:\ProgramData\DP45977C.lfl
C:\Users\sasha_000\AppData\Local\Temp
End

Uložte do C:\Users\sasha_000\AppData\Local\Temp\scoped_dir5988_3094 jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[sasha.cz]

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-09-2016 12:25:26)

C:\Users\sasha_000\AppData\Roaming\HPReyos => Is moved successfully
"C:\Users\sasha_000\AppData\Local\Temp" => Could not move

==== End of Fixlog 12:25:28 ====

[Rudy]

Změnilo se něco?

[sasha.cz]

Vzdy pri otevirani jakehokoliv prohlizece vyskakuji automaticky reklamy. Pred tim fixem skakalo jedno okno, ted vyskakuji 3 A zmizely ikony Opery a Chrome.... divny. Diky moc za ochotu, jdu dat asi format a cistej install winu.

[Rudy]

Ještě můžete zkusit tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[sasha.cz]

Moc dekuji za Vasi ochotu. Udelal jsem cisty reinstall win a je klid lock

[Rudy]

Také řešení. Nemáte zač!