Kontrola logu je nalezen červ podle avastu.

[Dounat22]

Zdravím,

Předkládám log z RSIT.

Logfile of random's system information tool 1.16 (written by random/random)
Run by ASUS at 2017-07-05 19:33:48
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 6 GB (4%) free of 150 GB
Total RAM: 10186 MB (67% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:33:49, on 5.7.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)
Boot mode: Normal

Running processes:
C:\Users\ASUS\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Steam\Steam.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\ASUS\AppData\Roaming\Seznam Browser\Seznam.cz.exe
C:\Users\ASUS\AppData\Roaming\Seznam Browser\Seznam.cz.exe
C:\Users\ASUS\AppData\Roaming\Seznam Browser\Seznam.cz.exe
C:\Users\ASUS\AppData\Roaming\Seznam Browser\Seznam.cz.exe
C:\Users\ASUS\AppData\Roaming\Seznam Browser\Seznam.cz.exe
C:\Program Files\trend micro\ASUS_RSITx64 (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [BingSvc] C:\Users\ASUS\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.584\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.download.microsoft.com
O15 - Trusted Zone: http://*.update.microsoft.com
O15 - Trusted Zone: http://*.windowsupdate.com
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com
O20 - Winlogon Notify: SSOExec - C:\Windows\temp\sso\ssoexec.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: DTSAudioService - DTS - C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.584\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9856 bytes

====== Enumerating Processes ======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\ASUS\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files\McAfee Security Scan\3.11.584\SSScheduler.exe"
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"D:\Steam\Steam.exe"
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe "-cachedir=C:\Users\ASUS\AppData\Local\Steam\htmlcache" "-steampid=4952" "-buildid=1496897923" "-steamid=0" "-clientui=D:\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --disable-smooth-scrolling --disable-gpu-compositing --disable-gpu --enable-direct-write "--log-file=D:\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"D:\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --disable-smooth-scrolling --enable-pinch --primordial-pipe-token=A72F9BA5E89BBBC7B5771704F749B33F --lang=en-US --lang=cs-CZ --log-file="D:\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --disable-spell-checking --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=A72F9BA5E89BBBC7B5771704F749B33F --renderer-client-id=5 --mojo-platform-channel-handle=1952 /prefetch:1
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=renderer --disable-gpu-compositing --disable-pinch --no-sandbox --primordial-pipe-token=DB0029CE5A5547A2F23EDD512E288301 --lang=en-US --lang=en-US --log-file="C:\Users\ASUS\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.3.2987.1601 Safari/537.36 Avastium (17.5.2302)" --proxy-auto-detect --disable-webaudio --mute-audio --force-wave-audio --disable-gpu --disable-software-rasterizer --no-sandbox --disable-webgl --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --allow-file-access-from-files=1 --pack_loading_disabled=1 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=DB0029CE5A5547A2F23EDD512E288301 --renderer-client-id=4 --mojo-platform-channel-handle=2512 /prefetch:1
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Users\ASUS\AppData\Roaming\Seznam Browser\Seznam.cz.exe" --success-update --run-on-background
"C:\Users\ASUS\AppData\Roaming\Seznam Browser\Seznam.cz.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\ASUS\AppData\Local\Chromium\User Data\Crashpad" "--metrics-dir=C:\Users\ASUS\AppData\Local\Chromium\User Data" --annotation=channel= --annotation=plat=Win32 --annotation=prod=Seznam.cz --annotation=ver=-devel --handshake-handle=0x90
"C:\Users\ASUS\AppData\Roaming\Seznam Browser\Seznam.cz.exe" --type=gpu-process --enable-features=AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,ExpectCTReporting<ExpectCTReporting,IncidentReportingDisableUpload<SafeBrowsingIncidentReportingService,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,MaterialDesignUserManager<MaterialDesignUserManager,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,NetworkTimeServiceQuerying<NetworkTimeQueries,NewAudioRenderingMixingStrategy<NewAudioRenderingMixingStrategy,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PassiveDocumentEventListeners<PassiveDocumentEventListeners,PassiveEventListenersDueToFling<PassiveEventListenersDueToFling,PersistentHistograms<PersistentHistograms,PointerEvent<PointerEvent,PreconnectMore<PreconnectMore,PreferHtmlOverPlugins<PreferHtmlOverPlugins,RafAlignedInput<RafAlignedInput,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SpeculativeLaunchServiceWorker<SpeculativeLaunchServiceWorker,TranslateRankerEnforcement<TranslateRanker,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,WebRTC-H264WithOpenH264FFmpeg<WebRTC-H264WithOpenH264FFmpeg,token-binding<TokenBinding,use-new-media-cache<use-new-media-cache --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame --force-fieldtrials=AutofillClassifier/Enabled/AutofillCreditCardSigninPromo/EnabledFive/AutofillFieldMetadata/Enabled/AutofillProfileCleanup/Enabled/AutofillProfileOrderByFrecency/EnabledLimitTo3/AutomaticTabDiscarding/Enabled_Once_10-gen2/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Enabled/ChromotingQUIC/Enabled/DataReductionProxyUseQuic/Enabled/DefaultBrowserInfobar/SettingsTextNotNow/DefaultEnableGpuRasterization/DefaultEnableGpuRasterization/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup/EnableAppContainer/Enabled/EnableGoogleCachedCopyTextExperiment/Button/EnableMediaRouter/Enabled/EnableMediaRouterWithCastExtension/Enabled/EnableSessionCrashedBubbleUI/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExpectCTReporting/ExpectCTReportingEnabled/ExtensionActionRedesign/Enabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleBrandedContextMenu/branded/GoogleNow/Enable/IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/InReportingSample/MojoChannel/Enabled/*NetworkQualityEstimator/Enabled/NetworkTimeQueries/NetworkTimeQueriesEnabled/NewAudioRenderingMixingStrategy/Enabled/NewProfileManagement/Enabled/NonValidatingReloadOnNormalReload/Enabled/OfferUploadCreditCards/Enabled/OutOfProcessPac/Enabled/PageRevisitInstrumentation/Enabled/ParseHTMLOnMainThread/Enabled/PassiveDocumentEventListeners/Enabled/PassiveEventListenersDueToFling/Enabled/PasswordBranding/SmartLockBrandingSavePromptOnly/PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PersistentHistograms/EnabledInMemory/PluginPowerSaverTiny/Enabled/PointerEvent/Enabled/PreconnectMore/Enabled/PreferHtmlOverPlugins/Enabled/*QUIC/Enabled/RafAlignedInput/Enabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Enabled/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingUpdateFrequency/UpdateTime15m/SafeBrowsingV4LocalDatabaseManagerEnabled/Enabled/SchedulerExpensiveTaskBlocking/Enabled/SdchPersistence/Enabled/SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/SignInPasswordPromo/Enable2/SiteEngagement/AggressiveAccumulation/SpeculativeLaunchServiceWorker/Enabled/StrictSecureCookies/Enabled/SyncHttpContentCompression/Enabled/TabSyncByRecency/Enabled/*TokenBinding/TokenBinding/TranslateRanker/EnforcementEnabled/TriggeredResetFieldTrial/On/V8CacheStrategiesForCacheStorage/default/WebBluetoothBlacklist/TestGroup/WebFontsInterventionV2/Enabled-slow2g/WebRTC-EnableWebRtcEcdsa/Enabled/WebRTC-H264WithOpenH264FFmpeg/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/use-new-media-cache/Enabled/ --no-sandbox --user-data-dir="C:\Users\ASUS\AppData\Local\Seznam.cz\User Data" --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=6,16,17,18,21,24,37,65 --gpu-vendor-id=0x1002 --gpu-device-id=0x6758 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1062.1004 --gpu-driver-date=8-3-2015 --user-data-dir="C:\Users\ASUS\AppData\Local\Seznam.cz\User Data" --service-request-channel-token=63F6597547E9E0DE202B385CEEAEF2C8 --mojo-platform-channel-handle=1056 /prefetch:2
"C:\Users\ASUS\AppData\Roaming\Seznam Browser\Seznam.cz.exe" --type=renderer --no-sandbox --enable-features=AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,ExpectCTReporting<ExpectCTReporting,IncidentReportingDisableUpload<SafeBrowsingIncidentReportingService,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,MaterialDesignUserManager<MaterialDesignUserManager,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,NetworkTimeServiceQuerying<NetworkTimeQueries,NewAudioRenderingMixingStrategy<NewAudioRenderingMixingStrategy,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PassiveDocumentEventListeners<PassiveDocumentEventListeners,PassiveEventListenersDueToFling<PassiveEventListenersDueToFling,PersistentHistograms<PersistentHistograms,PointerEvent<PointerEvent,PreconnectMore<PreconnectMore,PreferHtmlOverPlugins<PreferHtmlOverPlugins,RafAlignedInput<RafAlignedInput,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SpeculativeLaunchServiceWorker<SpeculativeLaunchServiceWorker,TranslateRankerEnforcement<TranslateRanker,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,WebRTC-H264WithOpenH264FFmpeg<WebRTC-H264WithOpenH264FFmpeg,token-binding<TokenBinding,use-new-media-cache<use-new-media-cache --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame --force-fieldtrials=AutofillClassifier/Enabled/AutofillCreditCardSigninPromo/EnabledFive/AutofillFieldMetadata/Enabled/*AutofillProfileCleanup/Enabled/AutofillProfileOrderByFrecency/EnabledLimitTo3/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Enabled/ChromotingQUIC/Enabled/DataReductionProxyUseQuic/Enabled/DefaultBrowserInfobar/SettingsTextNotNow/DefaultEnableGpuRasterization/DefaultEnableGpuRasterization/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup/EnableAppContainer/Enabled/EnableGoogleCachedCopyTextExperiment/Button/*EnableMediaRouter/Enabled/EnableMediaRouterWithCastExtension/Enabled/EnableSessionCrashedBubbleUI/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExpectCTReporting/ExpectCTReportingEnabled/*ExtensionActionRedesign/Enabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleBrandedContextMenu/branded/GoogleNow/Enable/IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/InReportingSample/MojoChannel/Enabled/*NetworkQualityEstimator/Enabled/*NetworkTimeQueries/NetworkTimeQueriesEnabled/NewAudioRenderingMixingStrategy/Enabled/*NewProfileManagement/Enabled/NonValidatingReloadOnNormalReload/Enabled/OfferUploadCreditCards/Enabled/OutOfProcessPac/Enabled/*PageRevisitInstrumentation/Enabled/ParseHTMLOnMainThread/Enabled/PassiveDocumentEventListeners/Enabled/PassiveEventListenersDueToFling/Enabled/PasswordBranding/SmartLockBrandingSavePromptOnly/PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PersistentHistograms/EnabledInMemory/PluginPowerSaverTiny/Enabled/PointerEvent/Enabled/PreconnectMore/Enabled/PreferHtmlOverPlugins/Enabled/*QUIC/Enabled/RafAlignedInput/Enabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Enabled/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingUpdateFrequency/UpdateTime15m/SafeBrowsingV4LocalDatabaseManagerEnabled/Enabled/SchedulerExpensiveTaskBlocking/Enabled/SdchPersistence/Enabled/SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SignInPasswordPromo/Enable2/*SiteEngagement/AggressiveAccumulation/SpeculativeLaunchServiceWorker/Enabled/StrictSecureCookies/Enabled/SyncHttpContentCompression/Enabled/TabSyncByRecency/Enabled/*TokenBinding/TokenBinding/TranslateRanker/EnforcementEnabled/*TriggeredResetFieldTrial/On/V8CacheStrategiesForCacheStorage/default/WebBluetoothBlacklist/TestGroup/WebFontsInterventionV2/Enabled-slow2g/WebRTC-EnableWebRtcEcdsa/Enabled/WebRTC-H264WithOpenH264FFmpeg/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/use-new-media-cache/Enabled/ --primordial-pipe-token=DCFB9389ED4A88BE77CF4EFAC37D12C3 --lang=cs --user-data-dir="C:\Users\ASUS\AppData\Local\Seznam.cz\User Data" --nwjs --nwjs-path="C:\Users\ASUS\AppData\Roaming\Seznam Browser" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,parseHTMLOnMainThreadCoalesceChunks=false,parseHTMLOnMainThreadSyncTokenize=false --isolate-extensions --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=DCFB9389ED4A88BE77CF4EFAC37D12C3 --mojo-platform-channel-handle=1752 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\ASUS\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=59.0.3071.115 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fee1ae19d0,0x7fee1ae19b8,0x7fee1ae19e8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4996 --on-initialized-event-handle=320 --parent-handle=324 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1160 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,19,20,21,24,28,43,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x6758 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1062.1004 --gpu-driver-date=8-3-2015 --service-request-channel-token=85B450B0284D227815F9D118ADE8032F --mojo-platform-channel-handle=1172 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160 --primordial-pipe-token=5A4E1015FFA11A4D11157EA049E07103 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=5A4E1015FFA11A4D11157EA049E07103 --renderer-client-id=4 --mojo-platform-channel-handle=2136 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160 --primordial-pipe-token=3124B9307007D9B70B8F6A61A88AD218 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=3124B9307007D9B70B8F6A61A88AD218 --renderer-client-id=5 --mojo-platform-channel-handle=2332 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160 --primordial-pipe-token=4F703814B943B028F1FDD7492589E3A1 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=4F703814B943B028F1FDD7492589E3A1 --renderer-client-id=6 --mojo-platform-channel-handle=2388 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160 --primordial-pipe-token=A35F42B99F33A21FB03CD0E788F8425B --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=A35F42B99F33A21FB03CD0E788F8425B --renderer-client-id=7 --mojo-platform-channel-handle=2392 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160 --primordial-pipe-token=6E01DB13287421609FA7E31A260002E1 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=6E01DB13287421609FA7E31A260002E1 --renderer-client-id=11 --mojo-platform-channel-handle=3880 /prefetch:1
"C:\Users\ASUS\AppData\Roaming\Seznam Browser\Seznam.cz.exe" --type=renderer --no-sandbox --enable-features=AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutofillProfileCleanup<AutofillProfileCleanup,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,ExpectCTReporting<ExpectCTReporting,IncidentReportingDisableUpload<SafeBrowsingIncidentReportingService,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,MaterialDesignUserManager<MaterialDesignUserManager,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,NetworkTimeServiceQuerying<NetworkTimeQueries,NewAudioRenderingMixingStrategy<NewAudioRenderingMixingStrategy,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PassiveDocumentEventListeners<PassiveDocumentEventListeners,PassiveEventListenersDueToFling<PassiveEventListenersDueToFling,PersistentHistograms<PersistentHistograms,PointerEvent<PointerEvent,PreconnectMore<PreconnectMore,PreferHtmlOverPlugins<PreferHtmlOverPlugins,RafAlignedInput<RafAlignedInput,SecurityChip<SecurityChip,SecurityWarningIconUpdate<SecurityWarningIconUpdate,SpeculativeLaunchServiceWorker<SpeculativeLaunchServiceWorker,TranslateRankerEnforcement<TranslateRanker,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,WebRTC-H264WithOpenH264FFmpeg<WebRTC-H264WithOpenH264FFmpeg,token-binding<TokenBinding,use-new-media-cache<use-new-media-cache --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame --force-fieldtrials=AutofillClassifier/Enabled/AutofillCreditCardSigninPromo/EnabledFive/AutofillFieldMetadata/Enabled/*AutofillProfileCleanup/Enabled/AutofillProfileOrderByFrecency/EnabledLimitTo3/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Enabled/ChromotingQUIC/Enabled/DataReductionProxyUseQuic/Enabled/DefaultBrowserInfobar/SettingsTextNotNow/DefaultEnableGpuRasterization/DefaultEnableGpuRasterization/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup/EnableAppContainer/Enabled/EnableGoogleCachedCopyTextExperiment/Button/*EnableMediaRouter/Enabled/EnableMediaRouterWithCastExtension/Enabled/EnableSessionCrashedBubbleUI/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExpectCTReporting/ExpectCTReportingEnabled/*ExtensionActionRedesign/Enabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleBrandedContextMenu/branded/GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/InReportingSample/MojoChannel/Enabled/*NetworkQualityEstimator/Enabled/*NetworkTimeQueries/NetworkTimeQueriesEnabled/NewAudioRenderingMixingStrategy/Enabled/*NewProfileManagement/Enabled/*NonValidatingReloadOnNormalReload/Enabled/OfferUploadCreditCards/Enabled/OutOfProcessPac/Enabled/*PageRevisitInstrumentation/Enabled/*ParseHTMLOnMainThread/Enabled/*PassiveDocumentEventListeners/Enabled/*PassiveEventListenersDueToFling/Enabled/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PersistentHistograms/EnabledInMemory/PluginPowerSaverTiny/Enabled/*PointerEvent/Enabled/PreconnectMore/Enabled/PreferHtmlOverPlugins/Enabled/*QUIC/Enabled/*RafAlignedInput/Enabled/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Enabled/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingUpdateFrequency/UpdateTime15m/SafeBrowsingV4LocalDatabaseManagerEnabled/Enabled/SchedulerExpensiveTaskBlocking/Enabled/SdchPersistence/Enabled/SecurityChip/Enabled/SecurityWarningIconUpdate/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SignInPasswordPromo/Enable2/*SiteEngagement/AggressiveAccumulation/*SpeculativeLaunchServiceWorker/Enabled/*StrictSecureCookies/Enabled/SyncHttpContentCompression/Enabled/TabSyncByRecency/Enabled/*TokenBinding/TokenBinding/TranslateRanker/EnforcementEnabled/*TriggeredResetFieldTrial/On/*V8CacheStrategiesForCacheStorage/default/WebBluetoothBlacklist/TestGroup/*WebFontsInterventionV2/Enabled-slow2g/WebRTC-EnableWebRtcEcdsa/Enabled/WebRTC-H264WithOpenH264FFmpeg/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/use-new-media-cache/Enabled/ --primordial-pipe-token=6CD27EF584F0D3DD1DE0A64D3629A6FD --lang=cs --user-data-dir="C:\Users\ASUS\AppData\Local\Seznam.cz\User Data" --nwjs --nwjs-path="C:\Users\ASUS\AppData\Roaming\Seznam Browser" --disable-client-side-phishing-detection --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,parseHTMLOnMainThreadCoalesceChunks=false,parseHTMLOnMainThreadSyncTokenize=false --isolate-extensions --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=6CD27EF584F0D3DD1DE0A64D3629A6FD --mojo-platform-channel-handle=3028 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160 --primordial-pipe-token=9DF6DF791FB5D8F319BF2DA5CC86B51B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=9DF6DF791FB5D8F319BF2DA5CC86B51B --renderer-client-id=12 --mojo-platform-channel-handle=5848 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160 --primordial-pipe-token=822A82B2FEFD0DC6504FECF855638920 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=822A82B2FEFD0DC6504FECF855638920 --renderer-client-id=15 --mojo-platform-channel-handle=6216 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160 --primordial-pipe-token=1FD6D6FF693D3BBA722006636FFD6D4D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=1FD6D6FF693D3BBA722006636FFD6D4D --renderer-client-id=20 --mojo-platform-channel-handle=6608 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160 --primordial-pipe-token=CBD9DF769958018250CAC2CE54BA2033 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=CBD9DF769958018250CAC2CE54BA2033 --renderer-client-id=28 --mojo-platform-channel-handle=7184 /prefetch:1
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\ASUS\Downloads\RSITx64 (1).exe"

====== Scheduled tasks folder ======

C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player PPAPI Notifier - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe -check pepperplugin
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\AMD Updater - "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" /AUTOUPDATEIN
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
C:\Windows\system32\tasks\Program k provádění aktualizací online Adobe - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1468303276 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\{078B8865-9F6E-4950-8D6A-1C96DC9E9C8A} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\EA Sports\FIFA 11\Support\FIFA 11_uninst.exe" -d "C:\Program Files (x86)\EA Sports\FIFA 11\Support"
C:\Windows\system32\tasks\{2EF0257F-3F1F-4D97-9056-CEC7F6C0016F} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{3D374CF3-70D2-4430-B136-4F79BE638AF5} - C:\Windows\system32\pcalua.exe -a C:\Users\ASUS\AppData\Local\Temp\Rar$EXa0.695\TeamSpeak3-cestina-0.1.-beta2.exe -d "C:\Program Files\TeamSpeak 3 Client" -c -el -s2 "-dC:\Program Files\TeamSpeak 3 Client\" "-p" "-sp"
C:\Windows\system32\tasks\{442D018A-2A0B-48A7-95B4-F3D3C201F756} - C:\Windows\system32\pcalua.exe -a "C:\FIFA 11 CZ\Game\fifasetup\fifaconfig.exe" -d "C:\FIFA 11 CZ\Game\fifasetup"
C:\Windows\system32\tasks\{491DE65B-00F9-445D-AF20-3A94DCD1C901} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\FontList\FontList.exe" -d "C:\Program Files (x86)\FontList"
C:\Windows\system32\tasks\{4AA7862D-4065-4FF9-A8E3-79E71668B462} - D:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{558397A6-3A8F-48F3-8E92-45D80096BF7A} - C:\Windows\system32\pcalua.exe -a C:\Users\ASUS\Downloads\dxwebsetup(1).exe -d C:\Users\ASUS\Downloads
C:\Windows\system32\tasks\{69895C6B-2DE9-4DE7-9283-12CB4D9B328B} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{6A983497-14C8-459C-B982-2ABDEC7A72C5} - C:\Windows\system32\pcalua.exe -a "D:\EA Sports\FIFA 11\Support\FIFA 11_code.exe" -d "D:\EA Sports\FIFA 11\Support"
C:\Windows\system32\tasks\{77207164-5D71-4864-9BF9-50B3F3413A61} - C:\Windows\system32\pcalua.exe -a "D:\EA Sports\FIFA 11\Game\fifasetup\fifaconfig.exe" -d "D:\EA Sports\FIFA 11\Game\fifasetup"
C:\Windows\system32\tasks\{86C1727E-F904-424D-AA05-1FA72ED26F0E} - C:\Windows\system32\pcalua.exe -a C:\Users\ASUS\Downloads\ccleaner-lista-centrumcz.exe -d C:\Users\ASUS\Downloads
C:\Windows\system32\tasks\{AE6A9EC0-6B05-4C1C-ADBC-EDCFDF00A257} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{C5B1CDE6-40FA-44B0-ADC7-D8BB8B04ECCE} - D:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{D5923ECF-36E3-402F-9464-10FD6ECED874} - C:\Windows\system32\pcalua.exe -a C:\Users\ASUS\AppData\Local\Temp\Rar$EXa0.700\TeamSpeak3-cestina-0.1.-beta2.exe -d "C:\Program Files\TeamSpeak 3 Client" -c -el -s2 "-dC:\Program Files\TeamSpeak 3 Client\" "-p" "-sp"
C:\Windows\system32\tasks\{D86F833F-017C-4D63-9808-82D6900AE0DC} - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\{F76FE224-96F3-48E7-B510-2A6727EBF6F1} - D:\Riot Games\League of Legends\lol.launcher.exe
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-3303048524-3394192269-2430691336-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Mozilla firefox=========

ProfilePath - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\eheqrtgb.default-1434707496878

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.131.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=D:\VLC\npvlc.dll


C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\eheqrtgb.default-1434707496878\addons.json

C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\eheqrtgb.default-1434707496878\extensions.json
Avast Online Security - webextension - wrc@avast.com - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\eheqrtgb.default-1434707496878\extensions\wrc@avast.com.xpi
Avast SafePrice - webextension - sp@avast.com - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\eheqrtgb.default-1434707496878\extensions\sp@avast.com.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Firefox Screenshots - extension - screenshots@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\eheqrtgb.default-1434707496878\pluginreg.dat
Plugin - Shockwave Flash - 26.0.0.131 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll

=========Google Chrome=========

C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aohghmighlieiainnegkcijnfilokake
Extension apdfllckaahabafndbhieahigkjlhalf
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bfbmjmiodbnnpllbbbfblcplfjjepjdn 1 Zhasnout světla 3.4.24.0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 1 Seznam Lištička - Email 1.4.2
Extension blmojkbhnkkphngknkmgccmlenfaelkd 1 Seznam Lištička - Slovník 1.4.6
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo
Extension cjpalhdlnbpafiamejdnhcphjbkeiagm 1 uBlock Origin 1.13.2
Extension coobgpohoikkiipiblmjeljniedjpjpf
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 2 Adobe Acrobat 15.1.0.3
Extension emhginjpijfggbofeediiojmdlmlkoik 1 Avast Passwords 1.1.2753
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 1 Avast SafePrice 12.0.222
Extension fcfenmboojpjinhpgggodefccipikbpd 0 MSN Homepage & Bing Search Engine 0.0.0.9
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gomekmidlodglbbmalcneegieacbdmki 2 Avast Online Security 10.0.2502.149
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension knebimhcckndhiglamoabbnifdkijidd 0 Adblock Super 2.7.8
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik GaiaAuthExtension 0.0.1
Extension mgjjeipcdnnjhgodgjpfkffcejoljijf 0 Shortcut Manager 0.8.0
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.3
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension olfeabkoenfaoljndfecamgilllcpiak 0 Seznam Lištička - Rychlá volba 1.9.1
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5917.424.0.6
Homepage: https://www.seznam.cz/
default_search_provider.search_url:
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26 1429728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-07-04 896048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26 1056992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-24 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-07-04 774440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-24 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26 1429728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26 1056992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2000-01-01 8461528]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-07-04 213832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
"BingSvc"=C:\Users\ASUS\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-05 144008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe [2008-12-04 665424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ASUS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"Raptr"=C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [2016-05-23 58640]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.584\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2017-07-05 19:27:26 ----D---- C:\rsit
2017-07-05 19:27:26 ----D---- C:\Program Files\trend micro
2017-07-05 19:20:46 ----D---- C:\Users\ASUS\AppData\Roaming\Seznam Browser
2017-07-05 16:11:39 ----D---- C:\ProgramData\SWCUTemp
2017-07-04 12:34:05 ----A---- C:\Windows\system32\aswBoot.exe
2017-07-04 12:33:35 ----A---- C:\Windows\system32\drivers\aswNetNd6.sys
2017-06-27 19:20:43 ----D---- C:\ProgramData\McAfee Security Scan
2017-06-25 12:24:55 ----D---- C:\Users\ASUS\AppData\Roaming\Seznam Browser-63134a73-5a43-4659-9323-83be099bc4ec

====== List of files/folders modified in the last 1 month ======

2017-07-05 19:33:46 ----D---- C:\Windows\Temp
2017-07-05 19:27:26 ----D---- C:\Program Files
2017-07-05 19:14:45 ----D---- C:\Windows\system32\NDF
2017-07-05 18:56:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-07-05 18:56:04 ----SHD---- C:\Windows\Installer
2017-07-05 18:56:04 ----SHD---- C:\Config.Msi
2017-07-05 16:11:39 ----HD---- C:\ProgramData
2017-07-05 16:11:39 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-05 16:11:31 ----D---- C:\Windows\Prefetch
2017-07-05 08:23:18 ----D---- C:\Windows\system32\Tasks
2017-07-05 08:23:06 ----D---- C:\Windows\system32\drivers
2017-07-05 08:22:58 ----D---- C:\Windows\inf
2017-07-05 08:22:49 ----D---- C:\Program Files (x86)\McAfee
2017-07-05 08:22:21 ----D---- C:\Program Files\TrueKey
2017-07-05 08:22:20 ----D---- C:\Windows
2017-07-04 12:34:43 ----D---- C:\Windows\system32\DriverStore
2017-07-04 12:34:05 ----D---- C:\Windows\System32
2017-07-02 19:10:15 ----D---- C:\Windows\system32\config
2017-07-02 19:00:54 ----SHD---- C:\System Volume Information
2017-07-01 20:26:06 ----D---- C:\Users\ASUS\AppData\Roaming\uTorrent
2017-06-30 23:31:22 ----D---- C:\ProgramData\Skype
2017-06-30 23:31:20 ----D---- C:\Program Files (x86)\Common Files
2017-06-28 14:18:42 ----D---- C:\Users\ASUS\AppData\Roaming\Skype
2017-06-27 19:20:53 ----D---- C:\Program Files\McAfee Security Scan
2017-06-27 14:37:54 ----D---- C:\Program Files (x86)\Hearthstone
2017-06-27 14:29:44 ----D---- C:\Users\ASUS\AppData\Roaming\Battle.net
2017-06-19 23:39:23 ----RD---- C:\Program Files (x86)
2017-06-18 07:11:27 ----D---- C:\Windows\system32\catroot2
2017-06-17 13:08:29 ----D---- C:\Windows\SysWOW64
2017-06-17 13:08:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-06-17 13:08:24 ----D---- C:\Windows\system32\Macromed
2017-06-17 13:08:23 ----D---- C:\Windows\SYSWOW64\Macromed
2017-06-10 07:37:42 ----D---- C:\Program Files (x86)\Skype

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2011-03-04 78976]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2011-03-04 38528]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-07-04 198944]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-07-04 343264]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-07-04 57704]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-07-04 84392]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-07-04 361336]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2000-01-01 123704]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-07-04 319984]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-07-04 41800]
R1 aswNetSec;aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [2017-07-04 554528]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-07-04 110352]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-07-04 1015848]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-07-04 585608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-17 283064]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-07-04 146664]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-07-04 198768]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-08-04 21622784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-08-04 665088]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2017-07-04 38152]
R3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-07-10 44640]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-02-24 96256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 4430808]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2000-01-01 939224]
R3 RTSUER;Realtek USB Card Reader - UER; C:\Windows\system32\Drivers\RtsUer.sys [2000-01-01 377560]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2000-01-01 60640]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-02-24 126952]
S3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 389608]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-07-04 46984]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-06-19 192216]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2016-03-30 16056]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2014-05-17 42184]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-08-04 246784]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-08-04 344064]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-07-04 263312]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2017-07-04 311592]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 DTSAudioService;DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [2000-01-01 210024]
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-06-26 1001920]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-06-26 16928]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-07-04 7430992]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-06-08 1607968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-06-01 317400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17 272384]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-05-30 1522184]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2016-07-21 227104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-09-30 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.584\McCHSvc.exe [2017-06-23 404368]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-07-05 175560]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-06-26 87760]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-01-28 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]

-----------------EOF-----------------

[Rudy]

Zdravím!
Jak je na tom váš oper. systém s legalitou?

[Dounat22]

Legální je mám strýce co tomu rozumí.

[Rudy]

OK. Udělejte tento sken:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Dejte oba logy.

[Dounat22]

OTL logfile created on: 7.7.2017 18:27:27 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ASUS\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18499)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

9,95 Gb Total Physical Memory | 5,48 Gb Available Physical Memory | 55,10% Memory free
19,89 Gb Paging File | 15,07 Gb Available in Paging File | 75,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 9,69 Gb Free Space | 6,62% Space Free | Partition Type: NTFS
Drive D: | 552,15 Gb Total Space | 36,33 Gb Free Space | 6,58% Space Free | Partition Type: NTFS

Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2017.07.07 18:26:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ASUS\Downloads\OTL (1).exe
PRC - [2017.07.04 12:33:53 | 009,070,536 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2017.07.04 12:33:43 | 000,263,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2017.07.04 12:33:35 | 000,311,592 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2017.06.28 09:52:09 | 003,397,760 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\LeagueClient.exe
PRC - [2017.06.28 09:52:09 | 001,755,264 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\LeagueClientUxRender.exe
PRC - [2017.06.28 09:52:09 | 001,755,264 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\LeagueClientUx.exe
PRC - [2017.04.25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015.11.05 02:46:52 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\ASUS\AppData\Local\Microsoft\BingSvc\BingSvc.exe


========== Modules (No Company Name) ==========

MOD - [2017.07.04 12:34:39 | 002,962,096 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswDataScan.dll
MOD - [2017.07.04 12:33:55 | 067,109,376 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2017.07.04 12:33:53 | 001,038,952 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\AvChrome.dll
MOD - [2017.07.04 12:33:46 | 000,689,272 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2017.07.04 12:33:46 | 000,224,256 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\tasks_core.dll
MOD - [2017.07.04 12:33:46 | 000,192,664 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
MOD - [2017.07.04 12:33:44 | 000,170,224 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2017.07.04 12:33:35 | 000,292,920 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
MOD - [2017.06.28 09:53:34 | 000,128,640 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\yaml.dll
MOD - [2017.06.28 09:53:34 | 000,108,672 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\zlib.dll
MOD - [2017.06.28 09:52:12 | 001,423,488 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-patcher\rcp-be-patcher.dll
MOD - [2017.06.28 09:52:12 | 000,724,608 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-replays\rcp-be-lol-replays.dll
MOD - [2017.06.28 09:52:12 | 000,711,296 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-recofriender\rcp-be-recofriender.dll
MOD - [2017.06.28 09:52:12 | 000,702,080 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-store\rcp-be-lol-store.dll
MOD - [2017.06.28 09:52:12 | 000,663,168 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-summoner\rcp-be-lol-summoner.dll
MOD - [2017.06.28 09:52:12 | 000,659,072 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-rso-auth\rcp-be-rso-auth.dll
MOD - [2017.06.28 09:52:12 | 000,603,264 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-suggested-players\rcp-be-lol-suggested-players.dll
MOD - [2017.06.28 09:52:12 | 000,587,904 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-queue-eligibility\rcp-be-lol-queue-eligibility.dll
MOD - [2017.06.28 09:52:12 | 000,579,200 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-settings\rcp-be-lol-settings.dll
MOD - [2017.06.28 09:52:12 | 000,574,080 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-ranked-stats\rcp-be-lol-ranked-stats.dll
MOD - [2017.06.28 09:52:12 | 000,565,376 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-riot-messaging-service\rcp-be-riot-messaging-service.dll
MOD - [2017.06.28 09:52:12 | 000,534,144 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-simple-dialog-messages\rcp-be-lol-simple-dialog-messages.dll
MOD - [2017.06.28 09:52:12 | 000,527,488 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-service-status\rcp-be-lol-service-status.dll
MOD - [2017.06.28 09:52:12 | 000,468,096 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-user-experience\rcp-be-lol-user-experience.dll
MOD - [2017.06.28 09:52:12 | 000,449,152 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-riot-messaging-service\rcp-be-lol-riot-messaging-service.dll
MOD - [2017.06.28 09:52:11 | 001,435,776 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-lobby\rcp-be-lol-lobby.dll
MOD - [2017.06.28 09:52:11 | 001,054,336 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-login\rcp-be-lol-login.dll
MOD - [2017.06.28 09:52:11 | 000,948,352 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-lobby-team-builder\rcp-be-lol-lobby-team-builder.dll
MOD - [2017.06.28 09:52:11 | 000,912,000 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-loot\rcp-be-lol-loot.dll
MOD - [2017.06.28 09:52:11 | 000,812,672 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-gameflow\rcp-be-lol-gameflow.dll
MOD - [2017.06.28 09:52:11 | 000,803,456 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-leagues\rcp-be-lol-leagues.dll
MOD - [2017.06.28 09:52:11 | 000,711,808 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-matchmaking\rcp-be-lol-matchmaking.dll
MOD - [2017.06.28 09:52:11 | 000,656,512 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-match-history\rcp-be-lol-match-history.dll
MOD - [2017.06.28 09:52:11 | 000,654,464 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-missions\rcp-be-lol-missions.dll
MOD - [2017.06.28 09:52:11 | 000,630,400 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-game-settings\rcp-be-lol-game-settings.dll
MOD - [2017.06.28 09:52:11 | 000,618,112 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-honor-v2\rcp-be-lol-honor-v2.dll
MOD - [2017.06.28 09:52:11 | 000,596,096 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-pft\rcp-be-lol-pft.dll
MOD - [2017.06.28 09:52:11 | 000,592,000 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-item-sets\rcp-be-lol-item-sets.dll
MOD - [2017.06.28 09:52:11 | 000,577,664 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-personalized-offers\rcp-be-lol-personalized-offers.dll
MOD - [2017.06.28 09:52:11 | 000,547,968 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-kudos\rcp-be-lol-kudos.dll
MOD - [2017.06.28 09:52:11 | 000,536,192 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-player-preferences\rcp-be-lol-player-preferences.dll
MOD - [2017.06.28 09:52:11 | 000,521,856 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-platform-config\rcp-be-lol-platform-config.dll
MOD - [2017.06.28 09:52:11 | 000,501,376 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-player-level-up\rcp-be-lol-player-level-up.dll
MOD - [2017.06.28 09:52:11 | 000,492,672 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-kr-shutdown-law\rcp-be-lol-kr-shutdown-law.dll
MOD - [2017.06.28 09:52:11 | 000,490,112 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-heartbeat\rcp-be-lol-heartbeat.dll
MOD - [2017.06.28 09:52:11 | 000,431,744 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-parties\rcp-be-lol-parties.dll
MOD - [2017.06.28 09:52:10 | 055,775,872 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\libcef.dll
MOD - [2017.06.28 09:52:10 | 002,616,448 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-chat\rcp-be-lol-chat.dll
MOD - [2017.06.28 09:52:10 | 001,048,704 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-collections\rcp-be-lol-collections.dll
MOD - [2017.06.28 09:52:10 | 000,807,040 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-champ-select-legacy\rcp-be-lol-champ-select-legacy.dll
MOD - [2017.06.28 09:52:10 | 000,781,952 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-clubs\rcp-be-lol-clubs.dll
MOD - [2017.06.28 09:52:10 | 000,732,288 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-end-of-game\rcp-be-lol-end-of-game.dll
MOD - [2017.06.28 09:52:10 | 000,640,128 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-game-queues\rcp-be-lol-game-queues.dll
MOD - [2017.06.28 09:52:10 | 000,592,000 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-champ-select\rcp-be-lol-champ-select.dll
MOD - [2017.06.28 09:52:10 | 000,584,832 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-esport-stream-notifications\rcp-be-lol-esport-stream-notifications.dll
MOD - [2017.06.28 09:52:10 | 000,543,872 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-acs\rcp-be-lol-acs.dll
MOD - [2017.06.28 09:52:10 | 000,536,192 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-entitlements\rcp-be-entitlements.dll
MOD - [2017.06.28 09:52:10 | 000,530,560 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-clubs-public\rcp-be-lol-clubs-public.dll
MOD - [2017.06.28 09:52:10 | 000,518,784 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-active-boosts\rcp-be-lol-active-boosts.dll
MOD - [2017.06.28 09:52:10 | 000,489,088 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-game-client-chat\rcp-be-lol-game-client-chat.dll
MOD - [2017.06.28 09:52:09 | 003,397,760 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\LeagueClient.exe
MOD - [2017.06.28 09:52:09 | 001,801,344 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\libGLESv2.dll
MOD - [2017.06.28 09:52:09 | 001,755,264 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\LeagueClientUxRender.exe
MOD - [2017.06.28 09:52:09 | 001,755,264 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\LeagueClientUx.exe
MOD - [2017.06.28 09:52:09 | 000,022,144 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\libEGL.dll
MOD - [2017.06.14 14:34:28 | 000,544,384 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-player-notifications\rcp-be-player-notifications.dll
MOD - [2017.06.14 14:34:27 | 000,465,536 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-las-toxicity\rcp-be-lol-las-toxicity.dll
MOD - [2017.06.01 12:38:53 | 000,573,568 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-sanitizer\rcp-be-sanitizer.dll
MOD - [2017.06.01 12:38:53 | 000,530,560 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-team-boosts\rcp-be-lol-team-boosts.dll
MOD - [2017.06.01 12:38:53 | 000,512,640 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-spectator\rcp-be-lol-spectator.dll
MOD - [2017.06.01 12:38:53 | 000,512,640 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-shutdown\rcp-be-lol-shutdown.dll
MOD - [2017.06.01 12:38:53 | 000,483,968 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-network-testing\rcp-be-network-testing.dll
MOD - [2017.06.01 12:38:53 | 000,481,408 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-tencent-qt\rcp-be-lol-tencent-qt.dll
MOD - [2017.06.01 12:38:52 | 000,619,648 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-player-behavior\rcp-be-lol-player-behavior.dll
MOD - [2017.06.01 12:38:52 | 000,541,312 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-player-messaging\rcp-be-lol-player-messaging.dll
MOD - [2017.06.01 12:38:52 | 000,495,232 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-maps\rcp-be-lol-maps.dll
MOD - [2017.06.01 12:38:52 | 000,491,136 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-loyalty\rcp-be-lol-loyalty.dll
MOD - [2017.06.01 12:38:52 | 000,477,824 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-pre-end-of-game\rcp-be-lol-pre-end-of-game.dll
MOD - [2017.06.01 12:38:51 | 000,604,800 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-highlights\rcp-be-lol-highlights.dll
MOD - [2017.06.01 12:38:51 | 000,553,600 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-leaver-buster\rcp-be-lol-leaver-buster.dll
MOD - [2017.06.01 12:38:51 | 000,483,456 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-license-agreement\rcp-be-lol-license-agreement.dll
MOD - [2017.06.01 12:38:51 | 000,473,728 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-kr-playtime-reminder\rcp-be-lol-kr-playtime-reminder.dll
MOD - [2017.06.01 12:38:51 | 000,466,560 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-kickout\rcp-be-lol-kickout.dll
MOD - [2017.06.01 12:38:50 | 000,561,792 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\Plugins\rcp-be-lol-beta-opt-in\rcp-be-lol-beta-opt-in.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -- (InstallerService)
SRV:64bit: - [2017.07.04 12:33:43 | 000,263,312 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2017.07.04 12:33:37 | 007,430,992 | ---- | M] (AVAST Software s.r.o.) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent)
SRV:64bit: - [2017.07.04 12:33:35 | 000,311,592 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2017.06.26 15:23:48 | 000,087,760 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe -- (TrueKeyServiceHelper)
SRV:64bit: - [2017.06.26 15:09:52 | 000,016,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McTkSchedulerService.exe -- (TrueKeyScheduler)
SRV:64bit: - [2017.06.26 15:09:22 | 001,001,920 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe -- (TrueKey)
SRV:64bit: - [2017.06.23 12:25:24 | 000,404,368 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.11.584\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2016.09.30 08:13:03 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.08.04 04:06:32 | 000,246,784 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2015.08.04 01:25:00 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2000.01.01 02:00:00 | 000,210,024 | ---- | M] (DTS) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe -- (DTSAudioService)
SRV - [2017.07.05 16:11:37 | 000,175,560 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2017.06.17 13:08:27 | 000,272,384 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2017.06.08 07:42:36 | 001,607,968 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2017.06.01 11:57:04 | 000,317,400 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2017.05.30 10:34:39 | 001,522,184 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2017.04.25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016.07.21 22:46:46 | 000,227,104 | ---- | M] (EasyAntiCheat Ltd) [On_Demand | Stopped] -- C:\Windows\SysWOW64\EasyAntiCheat.exe -- (EasyAntiCheat)
SRV - [2015.11.05 21:36:48 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2015.09.11 17:34:16 | 005,702,416 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2017.07.04 12:34:41 | 000,361,336 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswvmm.sys -- (aswVmm)
DRV:64bit: - [2017.07.04 12:34:00 | 000,198,768 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2017.07.04 12:33:59 | 000,585,608 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2017.07.04 12:33:59 | 000,146,664 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2017.07.04 12:33:59 | 000,110,352 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2017.07.04 12:33:59 | 000,084,392 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2017.07.04 12:33:59 | 000,046,984 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2017.07.04 12:33:41 | 001,015,848 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2017.07.04 12:33:40 | 000,041,800 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2017.07.04 12:33:35 | 000,554,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswNetSec.sys -- (aswNetSec)
DRV:64bit: - [2017.07.04 12:33:35 | 000,038,152 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswNetNd6.sys -- (aswNetNd6)
DRV:64bit: - [2017.07.04 12:33:34 | 000,343,264 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog)
DRV:64bit: - [2017.07.04 12:33:34 | 000,319,984 | ---- | M] (AVAST Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver)
DRV:64bit: - [2017.07.04 12:33:34 | 000,198,944 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh)
DRV:64bit: - [2017.07.04 12:33:34 | 000,057,704 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv)
DRV:64bit: - [2016.06.19 06:13:32 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2016.03.30 15:34:16 | 000,016,056 | ---- | M] (SlimWare Utilities, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2016.02.24 09:58:18 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2015.08.04 08:23:28 | 021,622,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2015.08.04 03:42:28 | 000,665,088 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2015.06.11 19:15:53 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014.07.10 19:20:59 | 000,044,640 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswTap.sys -- (aswTap)
DRV:64bit: - [2014.06.17 20:48:23 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014.05.17 02:42:38 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2014.02.11 18:36:52 | 000,059,616 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\AMD\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.04 07:46:20 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011.03.04 07:46:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011.02.24 10:30:50 | 000,389,608 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.02.24 10:30:50 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2000.01.01 02:00:00 | 000,939,224 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2000.01.01 02:00:00 | 000,377,560 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUer.sys -- (RTSUER)
DRV:64bit: - [2000.01.01 02:00:00 | 000,123,704 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2000.01.01 02:00:00 | 000,060,640 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = E2 8C A0 70 DF B6 D2 01 [binary data]
IE - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..\SearchScopes\{8367ECE3-5EFA-4F7C-9E1C-E253D125847C}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:54.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: D:\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6: D:\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.131.2: C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2: C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\ASUS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 54.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 54.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2016.06.27 11:58:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Extensions
[2017.06.21 11:24:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\eheqrtgb.default-1434707496878\extensions
[2017.06.21 11:24:32 | 000,352,827 | ---- | M] () (No name found) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\eheqrtgb.default-1434707496878\extensions\sp@avast.com.xpi
[2017.06.21 11:24:31 | 000,694,121 | ---- | M] () (No name found) -- C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\eheqrtgb.default-1434707496878\extensions\wrc@avast.com.xpi
[2017.07.05 18:56:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

========== Chrome ==========

CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\3.4.24.0_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.4.2_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.4.6_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm\1.13.2_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik\1.1.2753_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.222_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd\0.0.0.9_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.9.1_0\
CHR - Extension: No name found = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5917.424.0.6_0\

O1 HOSTS File: ([2017.06.27 19:20:56 | 000,000,133 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ਍㨀㨀㄀       氀漀挀愀氀栀漀猀琀ഀഀ
O1 - Hosts: ਍਍഍《〮〮ㄮ洉獳汰獵洮慣敦⹥潣mIONS\PKEDCJKDEFGPDELPBCMBMEOMCJBEEMFM\5917.424.0.6_0
O2:64bit: - BHO: (True Key Helper) - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll (Intel Security)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (True Key Helper) - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (Intel Security)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (True Key) - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll (Intel Security)
O3 - HKLM\..\Toolbar: (True Key) - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll (Intel Security)
O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Raptr] C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe (Raptr, Inc)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000..\Run: [BingSvc] C:\Users\ASUS\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation)
O4 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O1364bit: - gopher Prefix: missing
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: download.microsoft.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: microsoft.com ([update] https in Trusted sites)
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: microsoft.com ([windowsupdate] http in Trusted sites)
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: update.microsoft.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: update.microsoft.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: windowsupdate.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: windowsupdate.microsoft.com ([]http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A403218-BF0A-43F4-A135-BB071C9D590E}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\Windows\SysNative\crypt32.dll (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\Windows\SysNative\cryptnet.dll (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\Windows\SysNative\cscdll.dll (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20:64bit: - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\SSOExec: DllName - (%windir%\temp\sso\ssoexec.dll) - File not found
O20:64bit: - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\SSOExec: DllName - (%windir%\temp\sso\ssoexec.dll) - File not found
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4f075c29-a39e-11e4-aa36-5404a6247f62}\Shell - "" = AutoRun
O33 - MountPoints2\{4f075c29-a39e-11e4-aa36-5404a6247f62}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{5a9bd007-f63f-11e3-901f-5404a6247f62}\Shell - "" = AutoRun
O33 - MountPoints2\{5a9bd007-f63f-11e3-901f-5404a6247f62}\Shell\AutoRun\command - "" = J:\setup.exe
O33 - MountPoints2\{6823ea0c-4fd3-11e6-85fa-5404a6247f62}\Shell - "" = AutoRun
O33 - MountPoints2\{6823ea0c-4fd3-11e6-85fa-5404a6247f62}\Shell\AutoRun\command - "" = F:\Lenovo_Suite.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2017.07.07 18:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp
[2017.07.05 20:17:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2017.07.05 20:17:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2017.07.05 20:17:28 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2017.07.05 20:17:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2017.07.05 20:17:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2017.07.05 20:17:24 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2017.07.05 20:17:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2017.07.05 20:17:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2017.07.05 20:17:23 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2017.07.05 20:17:23 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2017.07.05 20:17:23 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\INETRES.dll
[2017.07.05 20:17:23 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2017.07.05 20:17:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2017.07.05 20:17:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2017.07.05 20:17:22 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2017.07.05 20:17:22 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2017.07.05 20:17:22 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2017.07.05 20:17:22 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2017.07.05 20:17:21 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2017.07.05 20:17:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2017.07.05 20:17:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2017.07.05 20:17:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2017.07.05 20:17:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2017.07.05 20:17:18 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2017.07.05 20:17:18 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2017.07.05 20:17:17 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icm32.dll
[2017.07.05 20:17:17 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2017.07.05 20:17:17 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2017.07.05 20:17:17 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2017.07.05 20:17:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2017.07.05 20:17:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2017.07.05 20:17:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2017.07.05 20:17:16 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2017.07.05 20:17:16 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2017.07.05 20:17:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2017.07.05 20:17:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2017.07.05 20:17:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2017.07.05 20:17:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2017.07.05 20:17:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2017.07.05 20:17:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2017.07.05 20:17:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2017.07.05 20:17:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2017.07.05 20:17:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2017.07.05 20:17:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2017.07.05 20:17:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2017.07.05 20:17:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2017.07.05 20:17:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2017.07.05 20:17:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2017.07.05 20:17:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2017.07.05 20:17:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2017.07.05 20:17:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2017.07.05 20:17:15 | 000,733,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2017.07.05 20:17:15 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2017.07.05 20:17:15 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2017.07.05 20:17:15 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2017.07.05 20:17:15 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2017.07.05 20:17:15 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2017.07.05 20:17:15 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2017.07.05 20:17:15 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2017.07.05 20:17:15 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2017.07.05 20:17:14 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2017.07.05 20:17:14 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2017.07.05 20:17:13 | 000,631,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2017.07.05 20:17:13 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2017.07.05 20:17:13 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2017.07.05 20:17:13 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2017.07.05 20:17:12 | 001,574,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2017.07.05 20:17:12 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2017.07.05 20:17:12 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2017.07.05 20:17:11 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2017.07.05 20:17:11 | 000,706,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2017.07.05 20:17:11 | 000,633,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2017.07.05 20:17:10 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2017.07.05 20:17:10 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2017.07.05 20:17:08 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2017.07.05 20:17:07 | 004,000,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2017.07.05 20:17:07 | 003,945,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2017.07.05 20:17:07 | 001,732,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2017.07.05 20:17:07 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2017.07.05 20:17:06 | 005,548,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2017.07.05 20:17:06 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2017.07.05 20:17:05 | 001,648,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2017.07.05 20:17:05 | 000,803,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2017.07.05 19:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2017.07.05 19:27:26 | 000,000,000 | ---D | C] -- C:\rsit
[2017.07.05 19:20:46 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Seznam Browser
[2017.07.04 12:34:05 | 000,400,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2017.07.04 12:33:35 | 000,038,152 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNetNd6.sys
[2017.07.01 13:58:56 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\WB Games
[2017.06.30 23:31:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2017.06.27 19:20:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2017.06.27 19:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2017.06.25 12:24:55 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-63134a73-5a43-4659-9323-83be099bc4ec
[2017.06.20 05:17:18 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\Darkest

========== Files - Modified Within 30 Days ==========

[2017.07.07 18:30:56 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2017.07.07 16:08:47 | 000,012,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017.07.07 16:08:47 | 000,012,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017.07.07 08:14:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017.07.07 08:14:24 | 3715,985,407 | -HS- | M] () -- C:\hiberfil.sys
[2017.07.06 06:41:14 | 000,410,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017.07.05 20:28:09 | 001,583,226 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017.07.05 20:28:09 | 000,668,542 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2017.07.05 20:28:09 | 000,653,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017.07.05 20:28:09 | 000,141,202 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2017.07.05 20:28:09 | 000,121,802 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017.07.04 12:34:41 | 000,361,336 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswvmm.sys
[2017.07.04 12:34:00 | 000,198,768 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2017.07.04 12:33:59 | 000,585,608 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2017.07.04 12:33:59 | 000,400,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2017.07.04 12:33:59 | 000,360,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswvmm.sys.149916448154806
[2017.07.04 12:33:59 | 000,146,664 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2017.07.04 12:33:59 | 000,110,352 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2017.07.04 12:33:59 | 000,084,392 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2017.07.04 12:33:59 | 000,046,984 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2017.07.04 12:33:41 | 001,015,848 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2017.07.04 12:33:40 | 000,041,800 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2017.07.04 12:33:35 | 000,554,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNetSec.sys
[2017.07.04 12:33:35 | 000,038,152 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNetNd6.sys
[2017.07.04 12:33:34 | 000,343,264 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbloga.sys
[2017.07.04 12:33:34 | 000,319,984 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys
[2017.07.04 12:33:34 | 000,198,944 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsha.sys
[2017.07.04 12:33:34 | 000,057,704 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbuniva.sys
[2017.06.30 23:41:03 | 000,000,202 | ---- | M] () -- C:\Users\ASUS\Desktop\Middle-earth Shadow of Mordor.url
[2017.06.27 19:20:55 | 000,001,924 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2017.06.26 21:30:21 | 000,000,199 | ---- | M] () -- C:\Users\ASUS\Desktop\Left 4 Dead 2.url
[2017.06.19 23:59:50 | 000,000,202 | ---- | M] () -- C:\Users\ASUS\Desktop\Darkest Dungeon.url
[2017.06.17 13:08:26 | 000,803,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2017.06.17 13:08:26 | 000,144,896 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2017.07.06 06:40:53 | 000,410,440 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017.06.30 23:41:03 | 000,000,202 | ---- | C] () -- C:\Users\ASUS\Desktop\Middle-earth Shadow of Mordor.url
[2017.06.26 21:30:21 | 000,000,199 | ---- | C] () -- C:\Users\ASUS\Desktop\Left 4 Dead 2.url
[2017.06.19 23:59:50 | 000,000,202 | ---- | C] () -- C:\Users\ASUS\Desktop\Darkest Dungeon.url
[2016.05.25 11:03:23 | 000,125,720 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016.05.25 11:03:23 | 000,042,264 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016.03.30 15:30:49 | 000,007,600 | ---- | C] () -- C:\Users\ASUS\AppData\Local\Resmon.ResmonCfg
[2016.02.16 01:27:00 | 000,125,720 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-3-1.dll
[2016.02.16 01:25:40 | 000,042,264 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-3-1.exe
[2015.08.04 04:07:42 | 000,143,872 | ---- | C] () -- C:\Windows\SysWow64\atieah32.exe
[2015.08.04 04:07:34 | 000,189,952 | ---- | C] () -- C:\Windows\SysWow64\amdgfxinfo32.dll
[2015.08.04 03:37:22 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\hsa-thunk.dll
[2015.02.10 00:20:54 | 000,000,682 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014.07.05 14:30:29 | 000,000,000 | -HS- | C] () -- C:\Users\ASUS\AppData\Local\LumaEmu

[Dounat22]

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.08.06 20:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.08.06 19:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2017.04.27 14:43:19 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\.mono
[2015.11.09 14:57:11 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\3909
[2017.01.04 23:20:13 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\7DaysToDie
[2015.07.07 13:15:15 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\AMD
[2015.01.06 14:11:01 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Audacity
[2014.06.07 11:55:36 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\AVAST Software
[2014.10.05 22:57:02 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Awesomium
[2017.06.27 14:29:44 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Battle.net
[2016.11.08 11:31:29 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Blameless
[2016.11.09 12:49:22 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\DAEMON Tools Lite
[2015.01.24 17:33:50 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Epson
[2014.08.06 01:02:11 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Firestorm_x64
[2014.07.11 20:42:49 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\gnupg
[2014.06.08 10:39:39 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Leadertech
[2015.06.28 14:44:30 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\library_dir
[2015.09.30 14:44:33 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\LolClient
[2015.09.21 23:25:34 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Ndemic Creations
[2014.10.09 23:57:09 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Need for Speed World
[2015.03.26 15:42:52 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Opera Software
[2017.04.06 22:07:27 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Origin
[2016.10.17 09:52:54 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\PlaysTV
[2015.02.09 20:53:26 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\QuickScan
[2016.10.17 09:52:39 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Raptr
[2017.02.17 13:42:59 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\RenPy
[2015.02.21 11:58:26 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\RIFT
[2017.04.08 18:02:54 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Riot Games
[2014.08.01 14:20:45 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\SecondLife
[2017.07.05 19:20:54 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Seznam Browser
[2017.06.25 12:25:00 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-63134a73-5a43-4659-9323-83be099bc4ec
[2017.04.09 21:00:33 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-8bfcae86-38dc-4de0-b87a-e1e1ba1800e5
[2017.06.05 19:29:12 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-92922005-0603-46f8-8d07-5d3f6cb8e635
[2014.09.17 22:00:36 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Seznam.cz
[2015.06.20 23:07:17 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Shooter
[2017.04.14 16:50:31 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Steam
[2015.06.19 15:32:59 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TeamViewer
[2017.04.15 21:38:15 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TS3Client
[2017.04.20 22:33:59 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TubeTycoon
[2014.07.07 15:03:30 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Unity
[2017.07.01 20:26:06 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\uTorrent
[2017.01.02 23:00:52 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Wargaming.net

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,554 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(51).TXT
[2009.07.14 07:08:49 | 000,032,556 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T114654200970\internal_ide_channel\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T114654200970\pci\cc_0101\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T155450138576\internal_ide_channel\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T155450138576\pci\cc_0101\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T160826411663\internal_ide_channel\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T160826411663\pci\cc_0101\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T163309583740\internal_ide_channel\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T163309583740\pci\cc_0101\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T170355117866\internal_ide_channel\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T170355117866\pci\cc_0101\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T171231217518\internal_ide_channel\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T171231217518\pci\cc_0101\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T174549747464\internal_ide_channel\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T174549747464\pci\cc_0101\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20151229T090234964309\internal_ide_channel\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20151229T090234964309\pci\cc_0101\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T114654200970\gencdrom\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T155450138576\gencdrom\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T160826411663\gencdrom\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T163309583740\gencdrom\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T170355117866\gencdrom\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T171231217518\gencdrom\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20150628T174549747464\gencdrom\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20151229T090234964309\gencdrom\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015.04.11 06:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2014.07.10 19:24:06 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2014.07.10 19:24:06 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[68 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2017.04.27 14:43:19 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\.mono
[2015.11.09 14:57:11 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\3909
[2017.01.04 23:20:13 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\7DaysToDie
[2015.06.19 13:06:51 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Adobe
[2015.07.07 13:15:15 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\AMD
[2014.06.07 11:47:14 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\ATI
[2015.01.06 14:11:01 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Audacity
[2014.06.07 11:55:36 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\AVAST Software
[2014.10.05 22:57:02 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Awesomium
[2017.06.27 14:29:44 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Battle.net
[2016.11.08 11:31:29 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Blameless
[2016.11.09 12:49:22 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\DAEMON Tools Lite
[2015.01.24 17:33:50 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Epson
[2014.08.06 01:02:11 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Firestorm_x64
[2014.07.11 20:42:49 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\gnupg
[2014.06.07 10:35:08 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Identities
[2014.07.26 19:58:44 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\InstallShield
[2014.06.08 10:39:39 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Leadertech
[2015.06.28 14:44:30 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\library_dir
[2015.09.30 14:44:33 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\LolClient
[2014.06.07 12:09:36 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Macromedia
[2009.07.14 09:45:14 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Media Center Programs
[2017.04.21 00:04:16 | 000,000,000 | --SD | M] -- C:\Users\ASUS\AppData\Roaming\Microsoft
[2016.06.27 11:58:38 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Mozilla
[2015.09.21 23:25:34 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Ndemic Creations
[2014.10.09 23:57:09 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Need for Speed World
[2015.03.26 15:42:52 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Opera Software
[2017.04.06 22:07:27 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Origin
[2016.10.17 09:52:54 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\PlaysTV
[2015.02.09 20:53:26 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\QuickScan
[2016.10.17 09:52:39 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Raptr
[2017.02.17 13:42:59 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\RenPy
[2015.02.21 11:58:26 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\RIFT
[2017.04.08 18:02:54 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Riot Games
[2014.08.01 14:20:45 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\SecondLife
[2014.07.11 20:47:42 | 000,000,000 | RH-D | M] -- C:\Users\ASUS\AppData\Roaming\SecuROM
[2017.07.05 19:20:54 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Seznam Browser
[2017.06.25 12:25:00 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-63134a73-5a43-4659-9323-83be099bc4ec
[2017.04.09 21:00:33 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-8bfcae86-38dc-4de0-b87a-e1e1ba1800e5
[2017.06.05 19:29:12 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-92922005-0603-46f8-8d07-5d3f6cb8e635
[2014.09.17 22:00:36 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Seznam.cz
[2015.06.20 23:07:17 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Shooter
[2017.06.28 14:18:42 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Skype
[2017.04.14 16:50:31 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Steam
[2017.04.16 18:54:15 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Sun
[2015.06.19 15:32:59 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TeamViewer
[2017.04.15 21:38:15 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TS3Client
[2017.04.20 22:33:59 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TubeTycoon
[2014.07.07 15:03:30 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Unity
[2017.07.01 20:26:06 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\uTorrent
[2016.10.27 10:04:29 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\vlc
[2017.01.02 23:00:52 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Wargaming.net
[2014.06.09 15:39:07 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2016.10.17 09:52:52 | 005,308,416 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Raptr\talon-5.2.7-r116720-release.exe
[2017.04.13 09:07:48 | 000,054,512 | ---- | M] (Seznam.cz) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser\restart.exe
[2017.05.23 09:27:06 | 000,826,048 | ---- | M] (Seznam.cz) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser\Seznam.cz.exe
[2017.04.13 09:07:48 | 000,369,687 | ---- | M] (Seznam.cz) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser\uninstall.exe
[2017.04.13 09:07:48 | 000,180,432 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Seznam Browser\unzip.exe
[2017.05.16 08:37:38 | 003,055,824 | ---- | M] (Seznam.cz) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser\update.exe
[2017.04.13 09:07:48 | 000,054,512 | ---- | M] (Seznam.cz) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-63134a73-5a43-4659-9323-83be099bc4ec\restart.exe
[2017.05.18 10:04:14 | 000,826,048 | ---- | M] (Seznam.cz) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-63134a73-5a43-4659-9323-83be099bc4ec\Seznam.cz.exe
[2017.04.13 09:07:48 | 000,369,687 | ---- | M] (Seznam.cz) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-63134a73-5a43-4659-9323-83be099bc4ec\uninstall.exe
[2017.04.13 09:07:48 | 000,180,432 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-63134a73-5a43-4659-9323-83be099bc4ec\unzip.exe
[2017.05.16 08:37:38 | 003,055,824 | ---- | M] (Seznam.cz) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-63134a73-5a43-4659-9323-83be099bc4ec\update.exe
[2016.05.16 20:15:26 | 004,777,984 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-8bfcae86-38dc-4de0-b87a-e1e1ba1800e5\nwsnapshot.exe
[2016.06.30 14:02:36 | 001,054,912 | ---- | M] (The NWJS Community) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-8bfcae86-38dc-4de0-b87a-e1e1ba1800e5\old-Seznam.cz.exe
[2016.05.18 08:48:54 | 000,167,936 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-8bfcae86-38dc-4de0-b87a-e1e1ba1800e5\old-unzip.exe
[2016.05.18 08:48:54 | 000,057,024 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-8bfcae86-38dc-4de0-b87a-e1e1ba1800e5\restart.exe
[2016.05.18 08:48:54 | 000,040,120 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-8bfcae86-38dc-4de0-b87a-e1e1ba1800e5\restartBack.exe
[2016.08.03 13:16:32 | 001,054,904 | ---- | M] (The NWJS Community) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-8bfcae86-38dc-4de0-b87a-e1e1ba1800e5\Seznam.cz.exe
[2015.12.02 16:40:38 | 000,116,219 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-8bfcae86-38dc-4de0-b87a-e1e1ba1800e5\uninstall.exe
[2016.05.18 08:48:54 | 000,167,936 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-8bfcae86-38dc-4de0-b87a-e1e1ba1800e5\unzip.exe
[2016.07.19 15:06:34 | 000,379,064 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-8bfcae86-38dc-4de0-b87a-e1e1ba1800e5\update.exe
[2015.12.07 15:31:14 | 000,245,248 | ---- | M] (Paralint.com) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-8bfcae86-38dc-4de0-b87a-e1e1ba1800e5\node_modules\node-notifier\vendor\notifu\notifu.exe
[2015.12.07 15:31:14 | 000,323,584 | ---- | M] (Paralint.com) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-8bfcae86-38dc-4de0-b87a-e1e1ba1800e5\node_modules\node-notifier\vendor\notifu\notifu64.exe
[2015.12.07 15:31:14 | 000,014,848 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-8bfcae86-38dc-4de0-b87a-e1e1ba1800e5\node_modules\node-notifier\vendor\toaster\toast.exe
[2017.04.13 09:07:48 | 000,054,512 | ---- | M] (Seznam.cz) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-92922005-0603-46f8-8d07-5d3f6cb8e635\restart.exe
[2017.05.18 10:04:14 | 000,826,048 | ---- | M] (Seznam.cz) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-92922005-0603-46f8-8d07-5d3f6cb8e635\Seznam.cz.exe
[2017.04.13 09:07:48 | 000,369,687 | ---- | M] (Seznam.cz) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-92922005-0603-46f8-8d07-5d3f6cb8e635\uninstall.exe
[2017.04.13 09:07:48 | 000,180,432 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-92922005-0603-46f8-8d07-5d3f6cb8e635\unzip.exe
[2017.05.16 08:37:38 | 003,055,824 | ---- | M] (Seznam.cz) -- C:\Users\ASUS\AppData\Roaming\Seznam Browser-92922005-0603-46f8-8d07-5d3f6cb8e635\update.exe
[2014.04.14 00:00:00 | 000,042,496 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\uTorrent\uninstall.exe
[2014.04.14 00:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\ASUS\AppData\Roaming\uTorrent\utorrent.exe
[2014.09.16 12:09:15 | 002,321,316 | ---- | M] (GMT-MAX.ORG ) -- C:\Users\ASUS\AppData\Roaming\uTorrent\D\GMT.KZ_The_Sims_4_Deluxe_Edition_RePack_MAXAGENT\setup.exe
[2014.09.16 12:09:15 | 000,292,184 | ---- | M] (Microsoft Corporation) -- C:\Users\ASUS\AppData\Roaming\uTorrent\D\GMT.KZ_The_Sims_4_Deluxe_Edition_RePack_MAXAGENT\Redist\dxwebsetup.exe
[2014.09.16 12:17:26 | 017,088,592 | ---- | M] (Electronic Arts, Inc.) -- C:\Users\ASUS\AppData\Roaming\uTorrent\D\GMT.KZ_The_Sims_4_Deluxe_Edition_RePack_MAXAGENT\Redist\OriginThinSetup.exe
[2014.09.16 12:18:34 | 007,188,536 | ---- | M] (Microsoft Corporation) -- C:\Users\ASUS\AppData\Roaming\uTorrent\D\GMT.KZ_The_Sims_4_Deluxe_Edition_RePack_MAXAGENT\Redist\vcredist_x64.exe
[2014.09.16 12:11:31 | 006,498,200 | ---- | M] (Microsoft Corporation) -- C:\Users\ASUS\AppData\Roaming\uTorrent\D\GMT.KZ_The_Sims_4_Deluxe_Edition_RePack_MAXAGENT\Redist\vcredist_x86.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"EA Core" = "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
"BingSvc" = C:\Users\ASUS\AppData\Local\Microsoft\BingSvc\BingSvc.exe -- [2015.11.05 02:46:52 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2017.07.05 18:56:12 | 000,521,160 | ---- | M] (Mozilla Corporation) MD5=594F91C5985AC402ECD2D7F1376AFFFD -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2016.09.30 21:28:20 | 000,815,304 | ---- | M] (Microsoft Corporation) MD5=7AF9A81331124A275BC06850EAFBA703 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2017.06.23 05:21:09 | 001,197,912 | ---- | M] (Google Inc.) MD5=D387A06CD4BF5FCC1B50C3882F41A44E -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2017.07.07 18:30:56 | 000,000,512 | ---- | M] () MD5=A460ED1EAD2832AC752E8A50E95CE44D -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2017.03.04 17:32:43 | 000,016,642 | ---- | M] () -- \ProgramData\AVAST Software\Avast\pam\icons\cracked_com.png
[2017.03.04 17:32:43 | 000,016,642 | ---- | M] () -- \Users\All Users\AVAST Software\Avast\pam\icons\cracked_com.png
[2014.07.10 21:11:24 | 016,601,767 | ---- | M] () -- \Users\ASUS\Downloads\Fifa-11---crack.rar

< *keygen* /s >

< *loader* /s >
[2014.06.09 17:33:37 | 000,000,404 | ---- | M] () -- \AI_RecycleBin\{189908DB-A04F-47EF-B298-D12886156442}\4\projects\lol_air_client\releases\0.0.1.144\deploy\assets\storeImages\layout\small_loader.gif
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2007.10.23 17:52:22 | 000,114,688 | ---- | M] () -- \Program Files (x86)\Epson Software\Easy Photo Print\APFLoaderV13.dll
[2007.10.23 17:52:22 | 000,069,632 | ---- | M] () -- \Program Files (x86)\Epson Software\Easy Photo Print\EpAPFLoader.dll
[2007.10.23 17:52:22 | 000,102,400 | ---- | M] () -- \Program Files (x86)\Epson Software\Easy Photo Print\EpAPFLoader2006.dll
[2017.07.05 18:56:13 | 000,018,624 | ---- | M] () -- \Program Files (x86)\Mozilla Firefox\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.23 00:57:34 | 000,009,216 | ---- | M] () -- \Program Files (x86)\Raptr Inc\Raptr\_win32sysloader.pyd
[2016.08.25 21:13:16 | 000,019,888 | R--- | M] () -- \Program Files (x86)\Skype\Phone\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.07.04 12:33:42 | 000,221,120 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2017.07.04 12:33:43 | 000,276,744 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2017.07.04 12:33:48 | 000,019,136 | ---- | M] () -- \Program Files\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\amd64\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.07.04 12:33:51 | 000,019,136 | ---- | M] () -- \Program Files\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.05.17 13:02:18 | 001,407,764 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\3.55.2393.607\resources\bundled_extensions\video-downloader.crx
[2017.06.13 16:23:31 | 001,407,764 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\3.55.2393.609\resources\bundled_extensions\video-downloader.crx
[2017.06.13 16:23:31 | 001,407,764 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\resources\bundled_extensions\video-downloader.crx
[2017.06.26 13:40:12 | 000,001,068 | ---- | M] () -- \Program Files\Intel Security\True Key\MSIE\data\scripts\cs-loader.js
[2016.06.14 11:59:16 | 000,003,737 | ---- | M] () -- \ProgramData\AVAST Software\SZBrowser\profile\ASUS\Extensions\lhnnoklckomcfdlknmjaenoodlpfdclc\0.3.25.253_0\icons\loader.gif
[2017.04.16 21:57:23 | 000,018,624 | ---- | M] () -- \Riot Games\League of Legends\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.04.16 21:57:23 | 000,018,624 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.82\deploy\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.04.16 21:57:23 | 000,018,624 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.83\deploy\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.06.14 11:59:16 | 000,003,737 | ---- | M] () -- \Users\All Users\AVAST Software\SZBrowser\profile\ASUS\Extensions\lhnnoklckomcfdlknmjaenoodlpfdclc\0.3.25.253_0\icons\loader.gif
[2017.04.16 07:31:36 | 000,021,956 | ---- | M] () -- \Users\ASUS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BMQ8VU40\loader_30fps[1].gif
[2017.05.23 09:26:50 | 000,002,924 | ---- | M] () -- \Users\ASUS\AppData\Roaming\Seznam Browser\core\libs\bower_components\angular-translate-loader-static-files\angular-translate-loader-static-files.js
[2017.05.23 09:26:50 | 000,001,303 | ---- | M] () -- \Users\ASUS\AppData\Roaming\Seznam Browser\core\libs\bower_components\angular-translate-loader-static-files\angular-translate-loader-static-files.min.js
[2017.05.18 10:03:58 | 000,002,924 | ---- | M] () -- \Users\ASUS\AppData\Roaming\Seznam Browser-63134a73-5a43-4659-9323-83be099bc4ec\core\libs\bower_components\angular-translate-loader-static-files\angular-translate-loader-static-files.js
[2017.05.18 10:03:58 | 000,001,303 | ---- | M] () -- \Users\ASUS\AppData\Roaming\Seznam Browser-63134a73-5a43-4659-9323-83be099bc4ec\core\libs\bower_components\angular-translate-loader-static-files\angular-translate-loader-static-files.min.js
[2017.05.18 10:03:58 | 000,002,924 | ---- | M] () -- \Users\ASUS\AppData\Roaming\Seznam Browser-92922005-0603-46f8-8d07-5d3f6cb8e635\core\libs\bower_components\angular-translate-loader-static-files\angular-translate-loader-static-files.js
[2017.05.18 10:03:58 | 000,001,303 | ---- | M] () -- \Users\ASUS\AppData\Roaming\Seznam Browser-92922005-0603-46f8-8d07-5d3f6cb8e635\core\libs\bower_components\angular-translate-loader-static-files\angular-translate-loader-static-files.min.js
[2014.06.08 15:59:14 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2017.02.09 18:14:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2017.02.09 18:14:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2017.03.04 17:33:49 | 000,019,136 | ---- | M] () -- \Windows\winsxs\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_56aba0211ca246c2\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.07.10 19:25:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 07:11:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_6885643192acd650\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:20:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_68ba756992852e6b\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 05:06:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18923_none_68cc15ff92788e54\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 20:00:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18933_none_68c146139280aa45\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.16 20:54:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19131_none_68bf1f879282a800\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 08:12:24 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_68c320af927f0d5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.02.11 20:41:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19160_none_689daf79929be27c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.07.10 19:25:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 07:05:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_696a2894ab871300\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:58:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_6945eaeaaba13425\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 05:11:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23126_none_69588bcaab93ad65\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 20:05:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23136_none_694dbbdeab9bc956\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.10.01 19:57:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23226_none_69588db0ab93aa8c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.17 02:28:14 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23334_none_694bbf16ab9d90f6\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 08:17:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_694fc03eab99f652\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.02.10 20:48:13 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23349_none_6945f09caba12b9a\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.18 00:50:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23392_none_6908defaabd005ee\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.04.09 08:57:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23418_none_696561fcab89bb97\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.09.02 17:30:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23539_none_6950c454ab9909f7\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.09.09 20:20:38 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23543_none_693ff2acaba68dde\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.02.09 18:31:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23677_none_692385f6abbb4434\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.07.05 20:19:00 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_cs-cz_91b404aa2cf4cb0d.manifest
[2017.07.05 20:19:00 | 000,033,000 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_cs-cz_91b404aa2cf4cb0d_winload.efi.mui_35ee487d
[2017.07.05 20:19:00 | 000,034,536 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_cs-cz_91b404aa2cf4cb0d_winload.exe.mui_3bc5b827
[2017.07.05 20:19:00 | 000,029,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_cs-cz_91b404aa2cf4cb0d_winresume.efi.mui_f412814e
[2017.07.05 20:19:00 | 000,030,440 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_cs-cz_91b404aa2cf4cb0d_winresume.exe.mui_ff8b5358
[2017.07.05 20:19:00 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_en-us_d50a500613ef276b.manifest
[2017.07.05 20:19:00 | 000,033,000 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_en-us_d50a500613ef276b_winload.efi.mui_35ee487d
[2017.07.05 20:19:00 | 000,033,000 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_en-us_d50a500613ef276b_winload.exe.mui_3bc5b827
[2017.07.05 20:19:00 | 000,029,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_en-us_d50a500613ef276b_winresume.efi.mui_f412814e
[2017.07.05 20:19:00 | 000,029,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_en-us_d50a500613ef276b_winresume.exe.mui_ff8b5358
[2017.07.05 20:19:06 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23677_none_b99850329c923140.manifest
[2017.07.05 20:19:06 | 000,706,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23677_none_b99850329c923140_winload.efi_75834aa0
[2017.07.05 20:19:06 | 000,633,296 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23677_none_b99850329c923140_winload.exe_75835076
[2017.07.05 20:19:06 | 000,631,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23677_none_b99850329c923140_winresume.efi_85cd069f
[2017.07.05 20:19:06 | 000,546,656 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23677_none_b99850329c923140_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.26 20:38:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.13 20:20:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_de-de_299cd5b40ed6d155.manifest
[2009.07.14 04:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2015.02.03 06:49:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.02.03 05:35:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71.manifest
[2015.10.01 21:47:40 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_cs-cz_915a6c4113b415c1.manifest
[2015.10.01 20:06:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_en-us_d4b0b79cfaae721f.manifest
[2014.12.13 03:57:48 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_cs-cz_9200d0e22cbafea1.manifest
[2014.12.13 03:58:08 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_en-us_d5571c3e13b55aff.manifest
[2015.01.13 00:17:25 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_cs-cz_91e42f042cd18522.manifest
[2015.01.13 00:17:17 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_en-us_d53a7a6013cbe180.manifest
[2015.01.16 08:36:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2015.01.16 08:36:33 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_en-us_d53c7af413ca142e.manifest
[2015.01.27 07:32:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_cs-cz_91d08fc02cdfefb2.manifest
[2015.01.27 06:02:12 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_en-us_d526db1c13da4c10.manifest
[2015.02.03 07:30:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_91d591322cdb6e65.manifest
[2015.02.03 05:54:55 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_en-us_d52bdc8e13d5cac3.manifest
[2015.03.17 08:28:02 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_cs-cz_91faa7482cc099d9.manifest
[2015.03.17 07:14:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_en-us_d550f2a413baf637.manifest
[2015.05.25 22:04:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2015.05.25 20:25:12 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_en-us_d505433013f3b9ce.manifest
[2015.07.15 07:49:58 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_cs-cz_91e90a7e2ccd343e.manifest
[2015.07.15 05:32:59 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_en-us_d53f55da13c7909c.manifest
[2015.07.15 22:47:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_cs-cz_91de3a922cd5502f.manifest
[2015.07.15 20:15:00 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_en-us_d53485ee13cfac8d.manifest
[2015.07.23 05:58:18 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_cs-cz_91cf697e2ce106c4.manifest
[2015.07.23 00:05:32 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_en-us_d525b4da13db6322.manifest
[2015.10.01 21:13:38 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23226_cs-cz_91e90c642ccd3165.manifest
[2015.10.01 20:08:53 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23226_en-us_d53f57c013c78dc3.manifest
[2015.10.20 04:31:26 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23250_cs-cz_91c29ae42ceaed2e.manifest
[2015.10.20 03:13:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23250_en-us_d518e64013e5498c.manifest
[2016.01.17 04:04:48 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23334_cs-cz_91dc3dca2cd717cf.manifest
[2016.01.17 02:37:42 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23334_en-us_d532892613d1742d.manifest
[2016.01.22 10:02:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23338_cs-cz_91e03ef22cd37d2b.manifest
[2016.01.22 08:29:17 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23338_en-us_d5368a4e13cdd989.manifest
[2016.02.10 22:49:07 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23349_cs-cz_91d66f502cdab273.manifest
[2016.02.10 20:59:02 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23349_en-us_d52cbaac13d50ed1.manifest
[2016.03.16 23:01:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23391_cs-cz_91985d642d0a7370.manifest
[2016.03.16 20:55:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23391_en-us_d4eea8c01404cfce.manifest
[2016.03.18 02:10:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23392_cs-cz_91995dae2d098cc7.manifest
[2016.03.18 01:00:47 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23392_en-us_d4efa90a1403e925.manifest
[2016.04.09 10:12:19 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_cs-cz_91f5e0b02cc34270.manifest
[2016.04.09 09:03:48 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_en-us_d54c2c0c13bd9ece.manifest
[2016.09.02 18:34:19 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_cs-cz_91e143082cd290d0.manifest
[2016.09.02 17:37:24 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_en-us_d5378e6413cced2e.manifest
[2016.09.09 21:12:09 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23543_cs-cz_91d071602ce014b7.manifest
[2016.09.09 20:26:41 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23543_en-us_d526bcbc13da7115.manifest
[2017.02.09 19:37:14 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_cs-cz_91b404aa2cf4cb0d.manifest
[2017.02.09 19:36:01 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_de-de_2c197a0d25111ba6.manifest
[2017.02.09 18:38:10 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_en-us_d50a500613ef276b.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2015.02.03 05:51:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2015.10.01 20:31:17 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_b93eb7c983517bf4.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2014.12.12 08:29:00 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_b9e51c6a9c5864d4.manifest
[2015.01.12 05:50:53 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_b9c87a8c9c6eeb55.manifest
[2015.01.16 08:37:02 | 000,005,511 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2015.01.27 06:22:06 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_b9b4db489c7d55e5.manifest
[2015.02.03 06:17:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_b9b9dcba9c78d498.manifest
[2015.03.17 07:34:28 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_b9def2d09c5e000c.manifest
[2015.05.25 20:45:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2015.07.15 05:48:43 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_b9cd56069c6a9a71.manifest
[2015.07.15 20:39:45 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_b9c2861a9c72b662.manifest
[2015.07.23 03:47:39 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23142_none_b9b3b5069c7e6cf7.manifest
[2015.10.01 20:34:58 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23226_none_b9cd57ec9c6a9798.manifest
[2015.10.20 03:39:39 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23250_none_b9a6e66c9c885361.manifest
[2016.01.17 02:57:33 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23334_none_b9c089529c747e02.manifest
[2016.01.22 08:51:12 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23338_none_b9c48a7a9c70e35e.manifest
[2016.02.10 21:26:17 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23349_none_b9babad89c7818a6.manifest
[2016.03.16 21:24:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23391_none_b97ca8ec9ca7d9a3.manifest
[2016.03.18 01:29:22 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23392_none_b97da9369ca6f2fa.manifest
[2016.04.09 09:28:05 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23418_none_b9da2c389c60a8a3.manifest
[2016.09.02 17:55:50 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23539_none_b9c58e909c6ff703.manifest
[2016.09.09 20:48:58 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23543_none_b9b4bce89c7d7aea.manifest
[2017.02.09 18:50:40 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23677_none_b99850329c923140.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2017.03.04 17:33:49 | 000,019,136 | ---- | M] () -- \Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.07.10 19:25:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:50:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_0c66c8adda4f651a\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 04:47:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18923_none_0cad7a7bda1b1d1e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 19:44:18 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18933_none_0ca2aa8fda23390f\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.16 20:34:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19131_none_0ca08403da2536ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:59:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_0ca4852bda219c26\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.02.11 20:30:35 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19160_none_0c7f13f5da3e7146\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.07.10 19:25:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:42:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_0d4b8d10f329a1ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 04:51:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23126_none_0d39f046f3363c2f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 19:40:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23136_none_0d2f205af33e5820\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.09.28 22:07:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23223_none_0d36f14ef338ed51\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.17 02:09:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23334_none_0d2d2392f3401fc0\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:58:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_0d3124baf33c851c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.02.10 20:24:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23349_none_0d275518f343ba64\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.18 00:24:26 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23392_none_0cea4376f37294b8\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.04.09 08:54:42 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23418_none_0d46c678f32c4a61\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.09.02 17:16:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23539_none_0d3228d0f33b98c1\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.09.09 19:59:46 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23543_none_0d215728f3491ca8\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.02.09 18:14:24 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23677_none_0d04ea72f35dd2fe\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

[Rudy]

Spusťte znovu OTL jako správce.
Do spodniho okna vlozte nasledujici text:

:OTL
IE - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
O4 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000..\Run: [BingSvc] C:\Users\ASUS\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: download.microsoft.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: microsoft.com ([update] http in Trusted sites)
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: microsoft.com ([update] https in Trusted sites)
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: microsoft.com ([windowsupdate] http in Trusted sites)
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: update.microsoft.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: update.microsoft.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: windowsupdate.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\..Trusted Domains: windowsupdate.microsoft.com ([]http in Trusted sites)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20:64bit: - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\SSOExec: DllName - (%windir%\temp\sso\ssoexec.dll) - File not found
O20:64bit: - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\SSOExec: DllName - (%windir%\temp\sso\ssoexec.dll) - File not found
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O33 - MountPoints2\{4f075c29-a39e-11e4-aa36-5404a6247f62}\Shell - "" = AutoRun
O33 - MountPoints2\{4f075c29-a39e-11e4-aa36-5404a6247f62}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{5a9bd007-f63f-11e3-901f-5404a6247f62}\Shell - "" = AutoRun
O33 - MountPoints2\{5a9bd007-f63f-11e3-901f-5404a6247f62}\Shell\AutoRun\command - "" = J:\setup.exe
O33 - MountPoints2\{6823ea0c-4fd3-11e6-85fa-5404a6247f62}\Shell - "" = AutoRun
O33 - MountPoints2\{6823ea0c-4fd3-11e6-85fa-5404a6247f62}\Shell\AutoRun\command - "" = F:\Lenovo_Suite.exe


:files
C:\Users\ASUS\AppData\Local\Microsoft\BingSvc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
C:\ProgramData\McAfee Security Scan
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[Dounat22]

All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-3303048524-3394192269-2430691336-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-3303048524-3394192269-2430691336-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc deleted successfully.
C:\Users\ASUS\AppData\Local\Microsoft\BingSvc\BingSvc.exe moved successfully.
Registry key HKEY_USERS\S-1-5-21-3303048524-3394192269-2430691336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download.microsoft.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3303048524-3394192269-2430691336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoft.com\update\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3303048524-3394192269-2430691336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoft.com\update\ not found.
Registry key HKEY_USERS\S-1-5-21-3303048524-3394192269-2430691336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoft.com\windowsupdate\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3303048524-3394192269-2430691336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\update.microsoft.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3303048524-3394192269-2430691336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\update.microsoft.com\ not found.
Registry key HKEY_USERS\S-1-5-21-3303048524-3394192269-2430691336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windowsupdate.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3303048524-3394192269-2430691336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windowsupdate.microsoft.com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SSOExec\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SSOExec\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f075c29-a39e-11e4-aa36-5404a6247f62}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4f075c29-a39e-11e4-aa36-5404a6247f62}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f075c29-a39e-11e4-aa36-5404a6247f62}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4f075c29-a39e-11e4-aa36-5404a6247f62}\ not found.
File F:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a9bd007-f63f-11e3-901f-5404a6247f62}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a9bd007-f63f-11e3-901f-5404a6247f62}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a9bd007-f63f-11e3-901f-5404a6247f62}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a9bd007-f63f-11e3-901f-5404a6247f62}\ not found.
File J:\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6823ea0c-4fd3-11e6-85fa-5404a6247f62}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6823ea0c-4fd3-11e6-85fa-5404a6247f62}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6823ea0c-4fd3-11e6-85fa-5404a6247f62}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6823ea0c-4fd3-11e6-85fa-5404a6247f62}\ not found.
File F:\Lenovo_Suite.exe not found.
========== FILES ==========
C:\Users\ASUS\AppData\Local\Microsoft\BingSvc folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus folder moved successfully.
C:\ProgramData\McAfee Security Scan folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: ASUS
->Temp folder emptied: 42546152 bytes
->Temporary Internet Files folder emptied: 41565532 bytes
->Java cache emptied: 243441 bytes
->FireFox cache emptied: 49984895 bytes
->Google Chrome cache emptied: 324277859 bytes
->Flash cache emptied: 1020 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 315184 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32639105 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 300359263 bytes

Total Files Cleaned = 755,00 mb


[EMPTYFLASH]

User: All Users

User: ASUS
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 07082017_201917

Files\Folders moved on Reboot...
C:\Users\ASUS\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\ASUS\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
File move failed. C:\Windows\temp\_avast_\AvLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170705082309.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170705082315.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Rudy]

Log by již měl být OK.

[Dounat22]

Bylo tam něco špatného ? nebo avast detekoval špatně ?

[Rudy]

V logu jsem, krom zbytečností, nic nenašel. Spusťte ještě tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[Dounat22]

# AdwCleaner v6.047 - Log vytvořen 08/07/2017 v 23:32:32
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-07-07.1 [Server]
# Operační systém : Windows 7 Ultimate Service Pack 1 (X64)
# Uživatelské jméno : ASUS - ASUS-PC
# Spuštěno z : C:\Users\ASUS\Downloads\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

[-] Služba smazána: swdumon


***** [ Složky ] *****

[-] Složka smazána: C:\Users\ASUS\AppData\Local\17483
[-] Složka smazána: C:\Users\ASUS\AppData\Local\slimware utilities inc
[-] Složka smazána: C:\Users\ASUS\AppData\Local\Downloaded Installers
[#] Složka smazána po restartu: C:\Users\ASUS\AppData\Local\SlimWare Utilities Inc
[-] Složka smazána: C:\ProgramData\SlimWare Utilities, Inc
[#] Složka smazána po restartu: C:\ProgramData\Application Data\SlimWare Utilities, Inc
[-] Složka smazána: C:\Users\Public\Documents\Downloaded Installers
[-] Složka smazána: C:\extensions
[-] Složka smazána: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Soubory ] *****

[-] Soubor smazán: C:\Windows\SysNative\drivers\swdumon.sys


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[#] Klíč smazán po restartu: {3A8C08FC-AFB9-4CC1-999C-119667210ED7}
[-] Klíč smazán: HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\Software\OB
[-] Klíč smazán: HKU\S-1-5-21-3303048524-3394192269-2430691336-1000\Software\SlimWare Utilities Inc
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3303048524-3394192269-2430691336-1000\Software\Techgile
[#] Klíč smazán po restartu: HKCU\Software\OB
[#] Klíč smazán po restartu: HKCU\Software\SlimWare Utilities Inc
[-] Klíč smazán: HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Klíč smazán: HKLM\SOFTWARE\SlimWare Utilities Inc
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3303048524-3394192269-2430691336-1000\Software\Techgile
[#] Klíč smazán po restartu: [x64] HKCU\Software\OB
[#] Klíč smazán po restartu: [x64] HKCU\Software\SlimWare Utilities Inc
[-] Klíč smazán: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Klíč smazán po restartu: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Prohlížeče ] *****

[-] [C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: fcfenmboojpjinhpgggodefccipikbpd


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2855 Bajty] - [08/07/2017 23:32:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [3229 Bajty] - [08/07/2017 23:30:00]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3001 Bajty] ##########

[Rudy]

Smazáno. Nyní by již měl být PC čistý.

[Dounat22]

Děkuji za vyčistění.

[Rudy]

Rádo se stalo!